Skip to content

Docs: enabling identity-aware routing (RFC-0055)#223

Merged
anita-flegg merged 4 commits into
masterfrom
docs-rfc-0055-identity-aware-routing
Jun 30, 2026
Merged

Docs: enabling identity-aware routing (RFC-0055)#223
anita-flegg merged 4 commits into
masterfrom
docs-rfc-0055-identity-aware-routing

Conversation

@rkoster

@rkoster rkoster commented Jun 25, 2026

Copy link
Copy Markdown
Contributor

Summary

  • New /deploying/ operator setup page (cf-deployment/enable-identity-aware-routing.html) covering how to enable identity-aware routing (per-domain mTLS for the Gorouter) on a cf-deployment foundation: applying enable-identity-aware-routing.yml (and the -cflinuxfs5.yml / use-operator-provided-identity-routing-domain.yml companions), what it configures (BOSH DNS alias, gorouter router.domains, SNI server cert, CA trust), the two-CA model, the router.domains BOSH property reference, and registering the domain with cf create-shared-domain --enforce-route-policies.
  • Adds a cross-link to the ops file from Step 2 of the deploy topic (cf-deployment/deploy-cf.html).

Implements the operator-facing part of the outstanding CF Docs deliverable of RFC-0055.

References

Notes

  • Documents only configuration shipped in the add-identity-aware-routing ops files and the gorouter spec.
  • Opened as draft for review.

@anita-flegg

Copy link
Copy Markdown
Contributor

note to me - master branch only

@anita-flegg anita-flegg merged commit 922b692 into master Jun 30, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants