(DOCSP-17658): meko supports only x509 for internal cluster auth (#682)

jwilliams-mongo · jwilliams-mongo · commit e6c84b0e27ab · 2025-04-14T17:11:18.000-05:00
* (DOCSP-17658): meko supports only x509 for internal cluster auth * (DOCSP-17658): copy review feedback
diff --git a/source/includes/options-k8s-shared.yaml b/source/includes/options-k8s-shared.yaml
@@ -1184,10 +1184,15 @@ description: |
   - :setting:`spec.security.authentication.modes` ``: ["X509"]``
   - :setting:`spec.security.tls.enabled` ``: true``
 
+  The |k8s-op-short| accepts the following values:
+
+  - ``["X509"]``: X.509 internal cluster authentication is enabled.
+  - ``""`` or omitted: internal cluster authentication is not enabled.
+
   .. important::
 
-     Once internal cluster authentication is enabled, it can not be
-     disabled.
+     After you enable internal cluster authentication, you can't disable
+     it.
 
   *(Changed in version 1.3)*:
 
diff --git a/source/tutorial/secure-internal-auth.txt b/source/tutorial/secure-internal-auth.txt
@@ -25,6 +25,9 @@ This guide instructs you on how to configure:
 - |tls| to encrypt connections client applications and MongoDB
   deployments.
 
+The |k8s-op-short| doesn't support other authentication schemes between
+MongoDB nodes in a cluster.
+
 .. include:: /includes/admonitions/cannot-secure-standalone.rst
 
 .. include:: /includes/admonitions/deprecate-cert-generation.rst
