Uploaded image for project: 'Red Hat OpenStack Services on OpenShift'
  1. Red Hat OpenStack Services on OpenShift
  2. OSPRH-16272

Implement tenancy enforcement in Aetos

XMLWordPrintable

    • Icon: Epic Epic
    • Resolution: Done
    • Icon: Normal Normal
    • None
    • None
    • openstack-aetos
    • None
    • Implement tenancy enforcement in Aetos
    • False
    • Hide

      None

      Show
      None
    • False
    • RHOSSTRAT-625Implement multi-tenancy telemetry control
    • Not Selected
    • Proposed
    • Proposed
    • Done
    • RHOSSTRAT-625 - Implement multi-tenancy telemetry control
    • Proposed
    • rhos-conplat-observability
    • Proposed
    • 0% To Do, 0% In Progress, 100% Done

      Goal:

      • We'll need to modify queries or matches or prevent access to certain endpoints based on user's project and roles. Most of the endpoints should be guarded by 2 policies giving 2 types of access. Elevated access will provide access without any modifications or tenancy enforcement, while non-elevated access will give access to metrics from the current project only. By default users with the admin role are able to get elevated access.

      Acceptance Criteria:

      • Only metrics from the current project are accessible for non-admin users
      • All metrics are accessible for admin users
      • The access is configurable through policies

              rh-ee-jwysogla Jaromir Wysoglad
              rh-ee-jwysogla Jaromir Wysoglad
              rhos-conplat-observability
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: