The purpose of MTV-3856 is to address a gap in the official documentation regarding Role-Based Access Control (RBAC) required for successful cluster-to-cluster migrations.

When performing a migration where the source and target environments are both Kubernetes/OpenShift clusters (e.g., in a Container-Native Virtualization scenario), specific service account roles and permissions are necessary for the MTV components (such as the Data Mover) to access and manage resources across both clusters.

This task involves researching and documenting the precise ClusterRole or Role definitions, including all required permissions (verbs and resources), that an administrator must apply to enable the data transfer mechanism to operate securely and correctly between clusters. The goal is to provide a comprehensive, step-by-step guide to ensure users can set up their cluster environments with the correct access levels prior to initiating a migration plan.

JTBD Statement:

"When I am setting up a Virtual Machine migration between two separate Kubernetes/OpenShift clusters, I want a definitive, easy-to-implement set of Role-Based Access Control (RBAC) definitions so that I can guarantee the data transfer service has the exact, necessary permissions to succeed across both environments without requiring excessive privileges or causing critical security vulnerabilities."

Documentation

The documentation task (MTV-3856) supports this job by addressing the primary sub-job:

"When the migration feature is deployed, I need documentation that clearly specifies all required RBAC definitions (ClusterRoles, Roles, Bindings) so that I can quickly and confidently configure my cluster security and move immediately into the migration phase without encountering authorization errors."