What security does the cluster file provide?

Hello all:

Does the cluster file provide any sort of security? From what I can tell, a machine must be able to reach a coordinator and posses the correct ID in order to connect to the cluster. Does FoundationDB consider this protection adequate in, for example, a public cloud where intradatacenter communication is trusted, or should TLS still be used in such a scenario?

Thank you!

The cluster file is not intended to be a security boundary. It’s only intended to serve as service discovery and as a protection against inconsistencies during partitions. In any environment where you don’t trust the network itself to protect you from untrusted actors, I would recommend running with TLS.