Add note on security to modules.md (#1746)

* Add note on security to modules.md I'd like to document the importance of ensuring that configuration files and module sources are protected from attackers. I think it's a good idea to highlight this to the users. * Update modules.md
grafana · Sep 25, 2024 · d87e2c6 · d87e2c6
1 parent 5540b03
commit d87e2c6
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/docs/sources/get-started/modules.md b/docs/sources/get-started/modules.md
@@ -104,6 +104,12 @@ loki.write "default" {
 }
 ```
 
+## Security
+
+Since modules can load an arbitrary configuration from a potentially remote source, it is important to carefully consider the security of your solution. 
+The best practice is to ensure that Alloy configuration cannot be changed by attackers. This includes Alloy's main configuration files as well as 
+modules fetched from remote locations such as Git repositories or HTTP servers.
+
 [custom components]: ../custom_components/
 [run]: ../../reference/cli/run/
 [import.file]: ../../reference/config-blocks/import.file/