• Icon: Sub-task Sub-task
    • Resolution: Duplicate
    • Icon: Undefined Undefined
    • None
    • None
    • False
    • None
    • False

      Guide: https://source.redhat.com/groups/public/openshiftplatformsre/wiki/backplane_cluster_permissions

      The IMS backplane configuration files should define namespaces your team needs access to, and what kinds of actions the team needs to take to solve alerts:
      How to figure out the RBAC you need as an SRE:

      Standard Operating Procedures (SOPS) define how to respond to alerts. What alerts will your team respond to? How will you solve them.

      What verbs and kinds do you need access to to accomplish your SOPS?

      App Topology:
      What name spaces does your app create that you need access to?

      Best practices: Keep in mind most amount of actions least amount of access. If you’re a backplane user can this be solved with a backplane script instead of adding the permission?

      RBAC Guidelines: https://docs.google.com/document/d/12B7JtF3m6ZXzp6OtMTmIUqC5ZvWsBk988sVf1IhLIJc/edit 

      Example Managed Cluster Config: https://github.com/openshift/managed-cluster-config/tree/master/deploy/backplane/cssre

              Unassigned Unassigned
              kat@redhat.com Kat Keane (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: