From 1c70407bd1566cd2eee4b4111c1786299b41008c Mon Sep 17 00:00:00 2001
From: Rebecca Zanzig <rzazzl@hotmail.com>
Date: Mon, 7 Jan 2019 17:46:44 -0800
Subject: [PATCH] Add a security warning about the default Helm chart
 installation

If a user installs the default Helm chart Consul on a Kubernetes
cluster that is open to the internet, it is lacking some important
security configurations.
---
 website/source/docs/platform/k8s/helm.html.md | 8 ++++++++
 website/source/docs/platform/k8s/run.html.md  | 8 ++++++++
 2 files changed, 16 insertions(+)

diff --git a/website/source/docs/platform/k8s/helm.html.md b/website/source/docs/platform/k8s/helm.html.md
index 46b62bc9c8..6e40785af5 100644
--- a/website/source/docs/platform/k8s/helm.html.md
+++ b/website/source/docs/platform/k8s/helm.html.md
@@ -22,6 +22,14 @@ properly installed and configured with your Kubernetes cluster.
 may still change significantly over time. Please always run Helm with
 `--dry-run` before any install or upgrade to verify changes.
 
+~> **Security Warning:** By default, the chart will install an insecure configuration
+of Consul. This provides a less complicated out-of-box experience for new users,
+but is not appropriate for a production setup. It is highly recommended to use
+a properly secured Kubernetes cluster or make sure that you understand and enable
+the [recommended security features](/docs/internals/security.html.md). Currently,
+some of these features are not supported in the Helm chart and require additional
+manual configuration.
+
 ## Using the Helm Chart
 
 To use the Helm chart, you must download or clone the
diff --git a/website/source/docs/platform/k8s/run.html.md b/website/source/docs/platform/k8s/run.html.md
index a5bc1c5fca..2554b77615 100644
--- a/website/source/docs/platform/k8s/run.html.md
+++ b/website/source/docs/platform/k8s/run.html.md
@@ -35,6 +35,14 @@ cluster with sane defaults out of the box. Prior to going to production,
 it is highly recommended that you
 [learn about the configuration options](/docs/platform/k8s/helm.html#configuration-values-).
 
+~> **Security Warning:** By default, the chart will install an insecure configuration
+of Consul. This provides a less complicated out-of-box experience for new users,
+but is not appropriate for a production setup. It is highly recommended to use
+a properly secured Kubernetes cluster or make sure that you understand and enable
+the [recommended security features](/docs/internals/security.html.md). Currently,
+some of these features are not supported in the Helm chart and require additional
+manual configuration.
+
 ## How-To
 
 ### Installing Consul