Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-5379

Create OCP cluster over GCP with custom IAM roles

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Done
    • Icon: Normal Normal
    • None
    • openshift-4.14.z
    • Installer
    • False
    • None
    • False
    • Not Selected

      1. Proposed title of this feature request
      --> OCP Deployment on GCP – create OCP cluster with custom IAM roles

      2. What is the nature and description of the request?
      --> OCP installer on GCP created a new Service Accounts with admin privileges. This behaviour is not accepted by customer.  

      3. Why does the customer need this? (List the business requirements here)equest?
      --> Customer not accept any workload running on their GCP projects to have admin privileges. Due to client’s security requirements, and the secure nature of their business in the aerospace industry, they require all GCP workloads to be assigned customized and hardened service accounts. As a result of this observed behaviour, generic admin service accounts cannot be used in their environment, and client’s security audits have failed, and the issue has been escalated to their CISO. Being able to create customized service accounts is a requirement for client’s CISO to approve production workloads to run on GCO.

      4. List any affected packages or components.equest?
      --> Without this change, no workloads will be approved by the client to run in production. This includes a list of critical software required to control their secure environment. Also, all security audits will fail without this feature causing delays in project delivery.

              mak.redhat.com Marcos Entenza Garcia
              rhn-support-rospatil Roshni Patil
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: