ACiDGRiM
RRunPod
•Created by ACiDGRiM on 3/7/2024 in #⚡|serverless
secure connections
Thanks, that's the piece of info I wanted to know. I'll modify my promptProxy to work accordingly
20 replies
RRunPod
•Created by ACiDGRiM on 3/7/2024 in #⚡|serverless
secure connections
yes, I have a proof of concept that does this, I just want to make sure your api doesn't do any sanitization on the data, just passes it direclty to the worker
20 replies
RRunPod
•Created by ACiDGRiM on 3/7/2024 in #⚡|serverless
secure connections
Please confirm this will work, I have a PoC of a feature to send an encrypted body to the run api endpoint, and then decrypt and pass to a typical pyTorch workload, and then encrypt the response and send it
If I send the data you have listed in your sync and async endpoints documentation
but with the data/body
will the endpoint forward it to my endpoint ID as is, or do you sanitize for proper prompts? Also for the stream endpoint, the encrypted body will completely change after every returned token is encrypted, this should be transparent when streaming the decrypted original body responce, but I''m not sure if your api will handle that"
20 replies
RRunPod
•Created by ACiDGRiM on 3/7/2024 in #⚡|serverless
secure connections
If I don't control the keys when it's my private I fo it's not secure. You guys have good infra, but I have no idea who you are or who's server the worker is on
I'll accept that my files being in vram for a few minutes is acceptable
20 replies
RRunPod
•Created by ACiDGRiM on 3/7/2024 in #⚡|serverless
secure connections
OK that's what I'm going to do, but just encrypt the payload. Traffic out of the Contrainer isn't proxied, so I can download the decryption key from my network?
I'm sure your secure against most threats but if I'm not sending my documents to Google, I want to limit my exposure to other 3rd parties out of principal until I can afford an l40s at least
20 replies
RRunPod
•Created by ACiDGRiM on 3/7/2024 in #⚡|serverless
secure connections
OK I thought so. I want to get see embedding of all my personal documents. So I'm just trying to find a way to feel comfortable sending the text to another computer or the internet.
I don't mind them being in ram for the inference, but I don't want them exposed between the api and the container.
Maybe that's the server option, I'm just trying to save a buck
20 replies
RRunPod
•Created by ACiDGRiM on 3/7/2024 in #⚡|serverless
secure connections
In other words, which TLS cert is seen by curl? Api.runpod.io or "my custom cert"
20 replies
RRunPod
•Created by ACiDGRiM on 3/7/2024 in #⚡|serverless
secure connections
OK so the best way to obscure my prompt would be to encrypt the message in the api req "message" body and decrypt it in the container?
It sounds like the app endpoint handles plaintext json, rather than transparently forwarding a request to the container, TLS intact.
Or does the url endpoint determine which container to forward to?
20 replies
RRunPod
•Created by ACiDGRiM on 3/7/2024 in #⚡|serverless
server less capability check
I don't mean the docker socket. I mean I want to create a VPN tunnel to my AWS tenant, rather than dealing with pki in the container
7 replies
RRunPod
•Created by ACiDGRiM on 3/7/2024 in #⚡|serverless
server less capability check
I thought so. Do the containers have docker capabilities to create a wireguard interface?
7 replies
RRunPod
•Created by ACiDGRiM on 1/12/2024 in #⚡|serverless
Log retention and privacy
I wouldn't intentionally log any private data, but I'm concerned that the API request to the worker which could potentially have private information in the prompt, if that is logged by runPod infrastructure
5 replies