Uploaded image for project: 'Red Hat OpenStack Services on OpenShift'
  1. Red Hat OpenStack Services on OpenShift
  2. OSPRH-1505

[Compute] Enable in-code Secure RBAC Policies

XMLWordPrintable

    • Icon: Epic Epic
    • Resolution: Done
    • Icon: Undefined Undefined
    • rhos-18.0.0
    • None
    • nova-operator
    • None
    • Operators require S-RBAC by default
    • False
    • Hide

      None

      Show
      None
    • False
    • Committed
    • No Docs Impact
    • To Do
    • OSPRH-1492 - Secure RBAC
    • Committed
    • Proposed
    • Hide
      .The compute service now supports native Secure RBAC

      In osp 17.1 secure role-based access control was implemented using
      custom policy. In RHOSO-18.0.0 this is implemented using nova native support for SRBAC. As a result all OpenStack deployments support the ADMIN, MEMBER and READER roles by default.
      Show
      .The compute service now supports native Secure RBAC In osp 17.1 secure role-based access control was implemented using custom policy. In RHOSO-18.0.0 this is implemented using nova native support for SRBAC. As a result all OpenStack deployments support the ADMIN, MEMBER and READER roles by default.
    • Enhancement
    • Done
    • Rejected
    • 2023Q4
    • Approved

      RHOSO (18.0) will have Secure RBAC enabled by default. We will no longer rely on custom policies to enable SRBAC.

      Ensure that both enforce_new_defaults=True and enforce_scope=True by default.

              smooney@redhat.com Sean Mooney
              pweeks@redhat.com Phillip Weeks
              rhos-dfg-compute
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: