Uploaded image for project: 'OpenShift Virtualization'
  1. OpenShift Virtualization
  2. CNV-52819

Migrations for cluster-admin only

XMLWordPrintable

    • only-cluster-admin-migrations
    • 77
    • To Do

      Goal

      Today, any namespace admin can create and trigger migrations.
      In order to avoid abuse, let's limit the triggering of migrations to cluster-admins.

      Before the change namespace admins (system:admin) can trigger migrations.
      After the change namespace admins can not trigger migrations.

      The reasoning is that moving VMs on the infra level, without impact to the user, is an infra admin - clsuter-admin - only task.

      User Stories

      • "As a cluster admin, I want to be the only human to trigger VM live migrations, so that nobody can abuse this mechanism.
      • another user story

      Non-Requirements

      • List of things not included in this epic, to alleviate any doubt raised during the grooming process.

      Notes

      • Any additional details or decisions made/needed

          1.
          		 upstream roadmap issue Sub-task New Normal Unassigned
          2.
          		 upstream design Sub-task New Normal Unassigned
          3.
          		 upstream documentation Sub-task New Normal Unassigned
          4.
          		 upgrade consideration Sub-task New Normal Unassigned
          5.
          		 CEE/PX summary presentation Sub-task New Normal Unassigned
          6.
          		 test plans in polarion Sub-task New Normal Unassigned
          7.
          		 automated tests Sub-task New Normal Unassigned
          8.
          		 downstream documentation merged Sub-task New Normal Unassigned

              Unassigned Unassigned
              unassigned_jira Unassigned
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: