python-pipeline security

docs/installation/advanced/python-pipeline-configuration.md

@@ -6,6 +6,10 @@ description: Configure Python Pipeline resource limits, timeouts, logging, and s
 
 The Python Pipeline can be configured through environment variables for further customization. The available parameters inside your `.env` file are:
 
+!!! warning "Security hardening"
+
+    Python scripts execute as user-supplied code. Beyond the parameters below, review the [security considerations on the installation page](../components/python-pipeline.md#installation) — in particular the risk of scripts reaching the cloud metadata endpoint and harvesting the host's machine-identity credentials.
+
 ### Resources
 
 | Parameter                                 | Description                                                                                                                                                                                                                          | Default             |

docs/installation/components/python-pipeline.md

@@ -26,6 +26,17 @@ This how-to explains the deployment of the Python Pipeline next to your SeaTable
     If you allow untrusted users or users with limited trust to execute Python scripts within SeaTable, you should deploy the Python Pipeline on a separate node without private network access to your SeaTable server instance.
     Please follow the [documentation](../advanced/python-pipeline-dedicated-server.md) on how to achieve this.
 
+!!! danger "Cloud metadata endpoint reachable from scripts"
+
+    Python scripts run as user-supplied code with outbound network access. On a cloud VM (Azure, AWS, GCP and others) a script can therefore reach the instance metadata endpoint at `169.254.169.254` and request the host's machine-identity credentials — for example an **Azure Managed Identity** or an **AWS instance profile**. If that identity has any permissions attached, a script author can use the obtained tokens to access your cloud resources.
+
+    Until you apply a network-level block, protect your deployment as follows:
+
+    - **Do not attach a privileged machine identity** to the VM hosting the Python Pipeline. Remove it if it is not needed, or keep it strictly least-privilege (no role assignments beyond the minimum).
+    - Run the Python Pipeline on a [dedicated server](../advanced/python-pipeline-dedicated-server.md) so a script cannot reach unrelated workloads or identities.
+    - **AWS only:** require IMDSv2 and set the metadata hop limit to `1` (`aws ec2 modify-instance-metadata-options --http-tokens required --http-put-response-hop-limit 1`). This blocks bridged containers automatically. Azure has no hop-limit equivalent.
+    - To block reachability directly, drop egress to the metadata IP for the runner bridge on the host, e.g. `iptables -I DOCKER-USER -i br-runner -d 169.254.169.254/32 -j DROP` (scope the rule to the runner bridge — never block `169.254.169.254` host-wide, as the host itself relies on it).
+
 #### Amend the .env file
 
 To install the Python Pipeline, append `python-pipeline.yml` to the `COMPOSE_FILE` variable within your `.env` file. This instructs Docker to download the required images for the Python Pipeline.

preview.sh

@@ -8,7 +8,7 @@ if [[ "$1" == "-stop" ]]; then
 fi
 
 sudo docker build -t seatable-admin-docs .
-sudo docker run --name seatable-admin-docs --rm -d -p 8000:8000 -v ${PWD}:/docs seatable-admin-docs
+sudo docker run --name seatable-admin-docs --rm -d -p 8001:8000 -v ${PWD}:/docs seatable-admin-docs
 
-echo "Local documentation preview available at http://127.0.0.1:8000"
+echo "Local documentation preview available at http://127.0.0.1:8001"
 echo "Use './preview.sh -stop' to stop the preview"