-
Epic
-
Resolution: Unresolved
-
Critical
-
None
-
Global Hub 1.0.0, Global Hub 1.1.0
-
Global Hub RBAC
-
False
-
None
-
False
-
-
Green
-
To Do
-
60% To Do, 20% In Progress, 20% Done
Value Statement
It is not a blocker for Citi. But we need to have a proper RBAC design from the start.
Definition of Done for Engineering Story Owner (Checklist)
- Investigate the observability way to introduce RBAC proxy to ensure that the different user shows the different data based on different permissions.
- Investigate the grafana way for RBAC - https://grafana.com/docs/grafana/latest/administration/roles-and-permissions/access-control/
Development Complete
- The code is complete.
- Functionality is working.
- Any required downstream Docker file changes are made.
Tests Automated
- [ ] Unit/function tests have been automated and incorporated into the
build. - [ ] 100% automated unit/function test coverage for new or changed APIs.
Secure Design
- [ ] Security has been assessed and incorporated into your threat model.
Multidisciplinary Teams Readiness
- [ ] Create an informative documentation issue using the [Customer
Portal_doc_issue template](
https://github.com/stolostron/backlog/issues/new?assignees=&labels=squad%3Adoc&template=doc_issue.md&title=),
and ensure doc acceptance criteria is met. Link the development issue to
the doc issue. - [ ] Provide input to the QE team, and ensure QE acceptance criteria
(established between story owner and QE focal) are met.
Support Readiness
- [ ] The must-gather script has been updated.
- relates to
-
ACM-11070 Review ACM SpiceDB integration possibilities for RBAC/Authorization
-
- To Do
-