Securing ClusterODM

What’s the best way to secure a ClusterODM instance? With NodeODM, we can use --token, but ClusterODM doesn’t forward that portion of the API.

I can, of course, put WebODM in front of it, and this secures it nicely, but then I can’t use it with PyODM or CloudODM. I could just use the tutorial at as well.


You could create or modify LocalCloudProvider to check for a particular token:

Admittedly this was part of the original design of LocalCloudProvider, but didn’t get around to implement a --token command line option. Would be a cool PR addition!


I’ve made all of the requests like telnet restricted to my AWS security group. Additionally, I run clusterODM out of webODM and connect to the linux box running webODM using putty tunneling with VNC.