Loading...

XML

Word

Printable

Type: Story
Resolution: Done
Priority: Major
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
- no-docs
- no-qe

Activity Type:
None
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Epic Link:
WICD node-scoped RBAC enforcement
Story Points:
5

Target Version:
None
Release Blocker:
None
Sprint:
WINC - Sprint 274, WINC - Sprint 275, WINC - Sprint 276, WINC - Sprint 277, WINC - Sprint 278

Description

WICD only needs write access to one Node object, decreasing the RBAC breadth will help harden security.

Engineering Details

This was done in hybrid-overlay, related PR: https://github.com/openshift/ovn-kubernetes/pull/1919

Acceptance Criteria

WICD is only given permissions to write to its own Node object

links to

openshift/windows-machine-config-operator#3133: WINC-1147: Implement node-specific RBAC for WICD

Assignee:: Mansi Kulkarni

Reporter:: Sebastian Soto

Need Info From:: None

Contributors:: None

QA Contact:: None

Doc Contact:: None

Votes:: 0 Vote for this issue

Watchers:: 8 Start watching this issue

Created:: 2023/10/03 6:15 PM

Updated:: 2025/10/13 2:49 PM

Resolved:: 2025/10/13 2:49 PM