Skip to main content

Security

Portal security features

  • Portal will be up-to-date with the main line release of Backstage to stay current with patches and updates that protect against known vulnerabilities. New versions of Portal will be released on a monthly cadence in sync with the Backstage release cadence (roughly a day after Backstage main line release).
  • Portal encrypts your Backstage config using aes-256-cbc when stored in the database. The PORTAL_CONFIG_ENCRYPTION_KEY is used to encrypt and decrypt the configs in the database. Always maintain strict confidentiality of this key and store it securely.
  • Secrets can be provided via environment variables upon startup. They are always hidden from the user. Learn how to use and manage secrets in the environment variables and secrets guide.

Known risks

Root Admin Login

The root admin login page, when active, is accessible to all users, and only has password protection. It should only be used for initial setup and recovery mode to minimize risk of unauthorized access. Ensure you deactivate recovery mode after you have recovered your instance.

Denial of Service Attacks

Without a mitigation strategy, Portal's backend is vulnerable to denial of service attacks. Such attacks can block authenticated access to your instance. One recommended way to protect your deployment from a denial of service attack is to deploy it behind an authenticating proxy such as AWS’s ALB, GCP’s IAP, or Cloudflare Access.

Adopter responsibilities

The security of your Portal instance is significantly influenced by the deployment and security setup within your organization. Please consider the below adopter responsibilities to ensure the safeguarding of your instance.

  • Adopters are responsible for protecting their instance from the outside world e.g. employing firewalls and other network security measures to protect against external threats.
  • Adopters are responsible for protecting their instance from external and unauthorized access. Learn more in the Integrator Responsibilities section of the Backstage threat model overview.
  • Adopters are responsible for provisioning their own database and regularly backing it up.
  • Adopters are responsible for ensuring their instance is using the latest version of Portal to protect against known vulnerabilities.