❯ ./ziti version
NAME VERSION
ziti v0.25.6
ziti-controller not installed
ziti-fabric v0.0.0
ziti-prox-c not installed
ziti-router not installed
ziti-tunnel not installed
An err occurred: command failed 'ziti-edge-tunnel version': /lib/ld-linux-armhf.so.3: No such file or directory exit status 255
❯ ./ziti edge create identity --help
creates a new identity managed by the Ziti Edge Controller
Usage:
ziti edge create identity [command]
Available Commands:
device creates a new device identity managed by the Ziti Edge Controller
service creates a new service identity managed by the Ziti Edge Controller
user creates a new user identity managed by the Ziti Edge Controller
Flags:
-h, --help help for identity
Use "ziti edge create identity [command] --help" for more information about a command.
What’s the difference between the three types of identities I can create: device, service, user?
My guess is that
-
deviceis the common type where an identity is based on a certificate and installed permanently on a device -
serviceidentity is a placeholder identifier but the actual identity (private key, etc.) is issued by a 3rd party like SPIRE or an IdP -
useris a password-based or multi-factor identity optimized for human interactive use cases
What boundary conditions will I encounter if I choose one type over the other, and can I change the type after I create it?