Loading...

XML

Word

Printable

Type: Story
Resolution: Done
Priority: Normal
Fix Version/s: ACM 2.15.0
Affects Version/s: None
Component/s: Container Native Virtualization
Labels:

Activity Type:
Product / Portfolio Work
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Epic Link:
ACM Fine Grained RBAC TP 2.15
Intelligence Requested:
Market:

Sprint:
VMMgmt - Train-33 - Sprint 1

Regression:
None

SFDC Cases Links:
SFDC Cases Open:
SFDC Cases Counter:

PX Impact Score:

webhook for avoiding duplications see https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/

remove duplication validation from ~~ACM-23014~~

another approach that is used is to update the CRD in installer repo with using array of map keys so the roleassignment names are unique in the cr

Testing notes - this should fail because there are two names under spec.roleassignments.name that are the same

spec:
  roleAssignments:
    - clusterRole: view
      clusterSelection:
        clusterNames:
          - local-cluster
          - cluster-1
        type: clusterNames
      name: duplicate-name-test
    - clusterRole: edit
      clusterSelection:
        clusterNames:
          - local-cluster
          - cluster-2
        type: clusterNames
      name: duplicate-name-test
    - clusterRole: admin
      clusterSelection:
        clusterNames:
          - cluster-3
        type: clusterNames
      name: unique-name
  subject:
    apiGroup: rbac.authorization.k8s.io
    kind: User
    name: test-user

is cloned by

ACM-23681 MulticlusterRoleAssignment - ClusterPermission size limit

Backlog

Assignee:: Kurtis Wang

Reporter:: Enrique Mingorance Cano

QA Contact:: ManiKrishna Sai Ravi

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2025/08/28 3:25 PM

Updated:: 2025/11/03 8:18 PM

Resolved:: 2025/10/21 2:36 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates