Skip Navigation

Authentik as it's own VM/Container - Does it provide extra security?

The title really.

I've just got my head around Authentik and OAuth in general, and I will start implementing it in my homelab. But I was wondering, if I run the Authentik docker container alongside my other containerized services in the same VM, does this provide as much security as running this on a separate VM?

In my head, if there is this "physical" separation, the attacker would have nowhere to go if they somehow defeated Authentik.

So is it categorically better, or just a placebo to separate them out? I'd love to understand this fully, and do some recommended reading on the concepts whatever the answer, but I'm struggling to discover what to search for exactly. Thanks!

0