opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-08-03 04:22:13 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix website build errors both for Grafana and content mounted in Grafana Cloud (#64794)

Browse Source 
* Fix reference to Grafana CLI

- Make relref for relative permalink
- Use relative path for unambiguous resolution

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* Fix alerting relref anchor format

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* Avoid ambiguous relref lookups by forcing relative resolution

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* Remove reference to non-existent shared page

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* Fix links broken in Grafana Cloud using absolute relrefs

By resolving the relref absolutely, it refers to the same location
regardless of mounted directory.

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* Remove trailing slash for bundle independent resolution

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* Fix typo

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* For now, avoid Hugo checking cross repository /docs/grafana-cloud link

The path is unlikely to change in the short term and this makes CI
completely green for now.

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* No need to specify path for in page anchors

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* Fix prose

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

---------

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
This commit is contained in:
Jack Baldry
2023-03-15 17:06:31 +00:00
committed by GitHub
parent 8745d7ef1b
commit ebb54aea8d
32 changed files with 90 additions and 96 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/sources/setup-grafana/configure-security/configure-database-encryption/_index.md
View File

@ -49,19 +49,19 @@ You can re-encrypt secrets in order to:
- Move already existing secrets' encryption forward from legacy to envelope encryption.
- Re-encrypt secrets after a [data keys rotation](#rotate-data-keys).
To re-encrypt secrets, use the [Grafana CLI]({{< ref "/cli" >}}) by running the `grafana-cli admin secrets-migration re-encrypt` command or the `/encryption/reencrypt-secrets` endpoint of the Grafana [Admin API]({{< relref "../../../developers/http_api/admin/#roll-back-secrets" >}}). It's safe to run more than once, more recommended under maintenance mode.
To re-encrypt secrets, use the [Grafana CLI]({{< relref "../../../cli/" >}}) by running the `grafana-cli admin secrets-migration re-encrypt` command or the `/encryption/reencrypt-secrets` endpoint of the Grafana [Admin API]({{< relref "../../../developers/http_api/admin/#roll-back-secrets" >}}). It's safe to run more than once, more recommended under maintenance mode.
### Roll back secrets
You can roll back secrets encrypted with envelope encryption to legacy encryption. This might be necessary to downgrade to Grafana versions prior to v9.0 after an unsuccessful upgrade.
To roll back secrets, use the [Grafana CLI]({{< ref "/cli" >}}) by running the `grafana-cli admin secrets-migration rollback` command or the `/encryption/rollback-secrets` endpoint of the Grafana [Admin API]({{< relref "../../../developers/http_api/admin/#re-encrypt-secrets" >}}). It's safe to run more than once, more recommended under maintenance mode.
To roll back secrets, use the [Grafana CLI]({{< relref "../../../cli/" >}}) by running the `grafana-cli admin secrets-migration rollback` command or the `/encryption/rollback-secrets` endpoint of the Grafana [Admin API]({{< relref "../../../developers/http_api/admin/#re-encrypt-secrets" >}}). It's safe to run more than once, more recommended under maintenance mode.
### Re-encrypt data keys
You can re-encrypt data keys encrypted with a specific key encryption key (KEK). This allows you to either re-encrypt existing data keys with a new KEK version (see [KMS integration](#kms-integration) rotation) or to re-encrypt them with a completely different KEK.
To re-encrypt data keys, use the [Grafana CLI]({{< ref "/cli" >}}) by running the `grafana-cli admin secrets-migration re-encrypt-data-keys` command or the `/encryption/reencrypt-data-keys` endpoint of the Grafana [Admin API]({{< relref "../../../developers/http_api/admin/#re-encrypt-data-encryption-keys" >}}). It's safe to run more than once, more recommended under maintenance mode.
To re-encrypt data keys, use the [Grafana CLI]({{< relref "../../../cli/" >}}) by running the `grafana-cli admin secrets-migration re-encrypt-data-keys` command or the `/encryption/reencrypt-data-keys` endpoint of the Grafana [Admin API]({{< relref "../../../developers/http_api/admin/#re-encrypt-data-encryption-keys" >}}). It's safe to run more than once, more recommended under maintenance mode.
### Rotate data keys
@ -92,4 +92,4 @@ Grafana integrates with the following key management services:
Grafana encrypts secrets using Advanced Encryption Standard in Cipher FeedBack mode (AES-CFB). You might prefer to use AES in Galois/Counter Mode (AES-GCM) instead, to meet your companys security requirements or in order to maintain consistency with other services.
To change your encryption mode, update the `algorithm` value in the `[security.encryption]` section of your Grafana configuration file. For further details, refer to [Enterprise configuration]({{< relref "../../configure-grafana/enterprise-configuration/#securityencryption" >}}).
To change your encryption mode, update the `algorithm` value in the `[security.encryption]` section of your Grafana configuration file. For further details, refer to [Enterprise configuration]({{< relref "../../configure-grafana/enterprise-configuration#securityencryption" >}}).