Rate limits and Quotas on API Requests
This document describes the limits and quotas of requesting the REST API of deployed Keycloak clusters. Cloud-IAM is used by millions of users all over the world. We put limits and quotas on Keycloak API to protect the system from receiving more data than it can handle, and to ensure an equitable distribution of the system resources. The limits and quotas are subject to change. General quota limits The followingFew readersThreat Mitigation
Deployed Keycloak password database has a configuration of 20 000 hash iterations for PBKDF2. At Cloud-IAM we enforce security over performance and so we size the clusters accordingly. Each Keycloak nodes is not directly opened to the network, it is behind a load balancer that verify the hostname.Few readersGPG key to communicate with our support
Some conversation with our support might require the exchange of sensitive data. To avoid letting this information reside in clear in the mailbox, we use GPG to crypt / decrypt this data. Send sensitive data to the support Firstly, import our public key: Then, crypt and sign the file with the following command:Few readersDetect personal data breaches
Cloud-IAM has implemented several measures to detect personal data breaches. These include: Intrusion prevention systems which are designed to detect unauthorized access to our network and systems. Regular vulnerability scanning to identify and address any potential vulnerabilities in our systems. Partial Security information and event management to aggregate and analyze security-related data from various sources in real-time, providing us with a comprehensive view of our security pFew readersBackup strategy
Our backup strategy is : Every deployment database is snapshoted using the mechanism provided by the cloud provider the client is deployed to. Theses snapshots allows Cloud-IAM to do fast recovering on demand or in case of unrecoverable misconfiguration. Every deployment database is backuped up using complete dump for cold storage. Theses backups are encrypted and stored in another location using an highly available storage in Europeen Union (99.999999999% of durability). Theses backFew readers