Uploaded image for project: 'Red Hat Advanced Cluster Management'
  1. Red Hat Advanced Cluster Management
  2. ACM-30804

External OIDC Direct Authentication support for console

XMLWordPrintable

    • Icon: Epic Epic
    • Resolution: Unresolved
    • Icon: Major Major
    • ACM 2.17.0
    • ACM 2.17.0
    • Console
    • None
    • External OIDC Direct Authentication support for console
    • Product / Portfolio Work
    • False
    • Hide

      None

      Show
      None
    • False
    • Not Selected
    • To Do
    • ACM-30546 - External Authentication Support for ACM 2.17 deliverables
    • 100% To Do, 0% In Progress, 0% Done

      OCP/Telco Definition of Done
      https://docs.google.com/document/d/1TP2Av7zHXz4_fmeX4q9HB0m9cqSZ4F6Jd4AiVoaF_2s/edit#heading=h.gaa58bzbvwde
      Epic Template descriptions and documentation.
      https://docs.google.com/document/d/14CUCEg6hQ_jpsFzJtWo29GfFVWmun2Uivrxq3_Fkgdg/edit
      ACM-wide Product Requirements (Top-level Epics)
      https://docs.google.com/document/d/1uIp6nS2QZ766UFuZBaC9USs8dW_I5wVdtYF9sUObYKg/edit

      *<--- Cut-n-Paste the entire contents of this description into your new
      Epic --->*

      Epic Goal

      Support running the ACM/MCE console on an OpenShift cluster using external OIDC direct authentication.

      Why is this important?

      This feature is available from OCP 4.20.5 and up. As customers modernize their authentication, we expect to see more adoption.

      Scenarios

      • Managing cluster set role bindings
      • Managing MulticlusterRoleAssignments for fine-grained RBAC

      Acceptance Criteria

      All existing functionality should continue be supported, except where limitations of the configuration prevent it. When direct authentication is enabled, the User and Group APIs are no longer available. In cases where we list users and groups for selection, we must offer users a way to enter the names manually instead.

      Dependencies (internal and external)

      1. ...

      Previous Work (Optional):

      1. ...

      Open questions:

      Done Checklist

      • CI - CI is running, tests are automated and merged.
      • Release Enablement <link to Feature Enablement Presentation>
      • DEV - Upstream code and tests merged: <link to meaningful PR or GitHub
        Issue>
      • DEV - Upstream documentation merged: <link to meaningful PR or GitHub
        Issue>
      • DEV - Downstream build attached to advisory: <link to errata>
      • QE - Test plans in Polarion: <link or reference to Polarion>
      • QE - Automated tests merged: <link or reference to automated tests>
      • DOC - Doc issue opened with a completed template. Separate doc issue
        opened for any deprecation, removal, or any current known
        issue/troubleshooting removal from the doc, if applicable.
      • Considerations were made for Extended Update Support (EUS)

              rh-ee-kcormier Kevin Cormier
              rh-ee-kcormier Kevin Cormier
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: