Details
-
Epic
-
Resolution: Unresolved
-
Normal
-
None
-
None
-
None
-
Enforce IMDSv2 as the default in HyperShift
-
False
-
False
-
XCMSTRAT-567 - ROSA HCP: IMDSv2 as optional value
-
0
-
0%
-
Hypershift Sprint 246, Hypershift Sprint 247
-
0
-
0
-
0
Description
User Story
As a ROSA HyperShift customer I want to enforce that IMDSv2 is always the default, to ensure that I have the most secure setting by default.
Acceptance Criteria
- IMDSv2 should be configured in HyperShift clusters by default
Default Done Criteria
- All existing/affected SOPs have been updated.
- New SOPs have been written.
- Internal training has been developed and delivered.
- The feature has both unit and end to end tests passing in all test
pipelines and through upgrades. - If the feature requires QE involvement, QE has signed off.
- The feature exposes metrics necessary to manage it (VALET/RED).
- The feature has had a security review.* Contract impact assessment.
- Service Definition is updated if needed.* Documentation is complete.
- Product Manager signed off on staging/beta implementation.
Dates
Integration Testing:
Beta:
GA:
Current Status
GREEN | YELLOW | RED
GREEN = On track, minimal risk to target date.
YELLOW = Moderate risk to target date.
RED = High risk to target date, or blocked and need to highlight potential
risk to stakeholders.
References
Links to Gdocs, github, and any other relevant information about this epic.
Attachments
Issue Links
- is blocked by
-
OCPCLOUD-1838 CAPI support for AWS IMDSv2
- Closed
- is depended on by
-
XCMSTRAT-6 ROSA Security
- New
- is incorporated by
-
XCMSTRAT-277 (P1) ROSA parity - HCP to offer all Classic features
- In Progress
- links to