The docs as per:
Keep in mind that it is not recommended to use the pre-packaged distribution in production environment rather install the full distribution manually (for example Tomcat manual installation).
Security Consideration
The pre-packaged distribution is intended for users who want a getting started experience. In case you still want to use it in production, consider un-deploying the invoice application and removing the demo user.
Is this accurate?
Hi @StephenOTT,
yes.
@Ingo_Richtsmeier can you explain this a bit more? Does this apply to the docker containers? Does this apply to the Camunda Run?
Hi @StephenOTT,
It depends on the platform that you choose. Tomact and Wildfly distros are packaged with an example application (invoice) that creates some process instance and some users in the database. They use a shared, container managed process engine. You have to apply the same actions either if you unpack the zip file or use a docker image.
Camunda Run didn’t have this example process and here are no users created. But the default settings are developer friedly as well. To go to production, a different inital setup is provided and you can activate it from the command line: Camunda Platform Run | docs.camunda.org.
You should take care of your setup and don"t simply run your developer environment in production.
But Camunda Run needs other actions than a shared engine on Tomcat or Wildfly.
Hope this helps, Ingo
Yes. I would then suggest that the wording in the security page should be enhanced/clarified on how Camunda defines “pre-packaged distribution” as you can see in the wording that is used: GitHub - camunda/docker-camunda-bpm-platform: Docker images for the camunda BPM platform and the headings afterwards, all being to reference “distributions”, and these are essentially “pre-packaged” as they are not “manual” installs as described in the example tomcat manual installation link.