Uploaded image for project: 'OpenShift Container Platform (OCP) Strategy'
  1. OpenShift Container Platform (OCP) Strategy
  2. OCPSTRAT-235

STS enablement for critical OLM-managed operators

    XMLWordPrintable

Details

    • False
    • Hide

      None

      Show
      None
    • False
    • OCPSTRAT-6Tokenized Auth Enablement for OLM-managed Operators on Cloud Providers
    • 88
    • 88% 88%
    • 0
    • 0
    • Program Call

    Description

      Feature Overview (aka. Goal Summary)  

      The following OLM-managed operators are deemed critical and shall be enabled for the standardized STS configuration flow (OCPBU-559):

      • AWS ALB Operator
      • AWS EFS Operator
      • OADP
      • Cluster Logging

      Goals (aka. expected user outcomes)

      Unblock critical functionality on ROSA with a streamlined, repeatable user experience to ease adoption of the service.

      Requirements (aka. Acceptance Criteria):

      • based on OCPBU-559, the following operators will be enabled to support the standard configuration flow for STS:
        • ALB Operator
        • EFS Operator
        • OADP
        • Cluster Logging
      • the operators core logic and metadata will be adapted to enable the flow on the command line and the Console

      Background

      In interaction with ROSA customers these operators often come up as foundational to successful adoption of the platform. Having a streamlined process around installing these with integration into STS will enable security-conscious customers to adopt the platform faster.

      Customer Considerations

      Customers are trained to use the ccoctl tool to carry out IAM changes in conjunction with ROSA. 

      Documentation Considerations

      Every one of these operators needs to clearly outline with IAM permissions are required and provide easy to follow steps to create them. This information should be visible from the operators description (part of the OLM metadata) as well as reside in the components official product documentation.

      Attachments

        Issue Links

          blocks

          Feature - Capability or a well-defined set of functionality that delivers business value. Features can include additions or changes to existing functionality. Features can easily span multiple teams, and potentially multiple releases. OCPSTRAT-127 Continued STS enablement for selected OLM-managed operators

          • Critical - To be worked on immediately following BLOCKER issues.
          • Backlog
          is blocked by

          Feature - Capability or a well-defined set of functionality that delivers business value. Features can include additions or changes to existing functionality. Features can easily span multiple teams, and potentially multiple releases. OCPSTRAT-171 CloudCredentialOperator-based flow for OLM-managed operators and AWS STS

          • Critical - To be worked on immediately following BLOCKER issues.
          • Closed
          relates to

          Feature - Capability or a well-defined set of functionality that delivers business value. Features can include additions or changes to existing functionality. Features can easily span multiple teams, and potentially multiple releases. OCPSTRAT-110 Hypershift-enablement for short-lived token authentication flows with OLM-managed operators with CCO

          • Critical - To be worked on immediately following BLOCKER issues.
          • In Progress
          links to

          Web Link Technical Enablement slides

          Activity

            People

              DanielMesser Daniel Messer
              DanielMesser Daniel Messer
              Brett Tofel, Lance Galletti
              Yufen Chang Yufen Chang
              Matthew Werner Matthew Werner
              Daniel Messer Daniel Messer
              Senthamilarasu S Senthamilarasu S
              Votes:
              0 Vote for this issue
              Watchers:
              13 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: