From 114421f94c8f92d84bc2aeca62e163b7feec3cb5 Mon Sep 17 00:00:00 2001
From: James Strong <strong.james.e@gmail.com>
Date: Fri, 4 Oct 2024 07:48:58 -0400
Subject: [PATCH] Docs: Add a multi-tenant warning. (#12091)

---
 README.md                      |  2 ++
 docs/deploy/hardening-guide.md |  2 ++
 docs/faq.md                    | 10 ++++++++++
 3 files changed, 14 insertions(+)

diff --git a/README.md b/README.md
index b1cd22aa1..2ffacd861 100644
--- a/README.md
+++ b/README.md
@@ -17,6 +17,8 @@ balancer.
 
 See the [Getting Started](https://kubernetes.github.io/ingress-nginx/deploy/) document.
 
+Do not use in multi-tenant Kubernetes production installations. This project assumes that users that can create Ingress objects are administrators of the cluster. See the [FAQ](https://kubernetes.github.io/ingress-nginx/faq/#faq) for more.
+
 ## Troubleshooting
 
 If you encounter issues, review the [troubleshooting docs](docs/troubleshooting.md),
diff --git a/docs/deploy/hardening-guide.md b/docs/deploy/hardening-guide.md
index cfbdb1466..2726b1a07 100644
--- a/docs/deploy/hardening-guide.md
+++ b/docs/deploy/hardening-guide.md
@@ -1,6 +1,8 @@
 
 # Hardening Guide
 
+Do not use in multi-tenant Kubernetes production installations. This project assumes that users that can create Ingress objects are administrators of the cluster.
+
 ## Overview
 There are several ways to do hardening and securing of nginx. In this documentation two guides are used, the guides are
 overlapping in some points:
diff --git a/docs/faq.md b/docs/faq.md
index 020474d5c..97d3325ca 100644
--- a/docs/faq.md
+++ b/docs/faq.md
@@ -1,6 +1,16 @@
 
 # FAQ
 
+## Multi-tenant Kubernetes
+
+Do not use in multi-tenant Kubernetes production installations. This project assumes that users that can create Ingress objects are administrators of the cluster.
+
+For example, the Ingress NGINX control plane has global and per Ingress configuration options that make it insecure, if enabled, in a multi-tenant environment. 
+
+For example, enabling snippets, a global configuration, allows any Ingress object to run arbitrary Lua code that could affect the security of all Ingress objects that a controller is running. 
+
+We changed the default to allow snippets to `false` in https://github.com/kubernetes/ingress-nginx/pull/10393.
+
 ## Multiple controller in one cluster
 
 Question - How can I easily install multiple instances of the ingress-nginx controller in the same cluster?