1. Proposed title of this feature request

OpenShift User/Group Synchronization

2. What is the nature and description of the request?

Current Situation: It is possible with RHACS to configure groups, scopes and rules to allow Mona to access RHACS and manage her namespace and verify the security. 

NOTE: RHACS does not support multi-tenancy at this moment. (Please see ROX-11942)

However, all steps must be done manually by the RHACS administrator for every project and every group/user. The customer is managing a couple of OpenShift clusters using LDAP group synchronization there already and would prefer to have the groups/scopes created in RHACS in a more structured/automated way as well.

Expectation:  Tight integration of LDAP and LDAP group sync as it is already in place in OpenShift. Namespace Administrators shall automatically get configured on the RHACS side, being able to see and monitor their own and only their own namespaces in RHACS.  Since this configuration is currently RHACS internal it is not possible to create a useful gitops process around (using simple yaml files and git)

Note: This depends on full multi-tenancy support of RHACS, covered in ROX-11942

3. Why does the customer need this? (List the business requirements here)

Justification: The customer is operating tons of namespaces on different clusters and will use multiple RHACS Central in the future. Creating all AccessScopes, Roles, Rules (and possible PermissionSets) manually on each Central is not feasible.

4. List any affected packages or components.

Please note that this Jira is part of a larger group of issues raised by BRZ, and you can find more information in this google document.