1. Proposed title of this feature request

• Support for OpenShift and RHACS workload identity federation

2. What is the nature and description of the request?

• With RHACS 4.7 now currently supporting all 3 major AWS, GCP and Azure cloud providers for native OpenID Connect (OIDC) federation, expanding this feature to a cross-product OpenShift / RHACS implementation is seen of benefit for customers that would need, for example, pipeline service accounts shall be able to interact with RHACS.

3. Why does the customer need this? (List the business requirements here)

• Maintenance overhead relief, as well as significant infrastructure cost savings.

4. List any affected packages or components.

• RHACS

5. Additional note from the customer around this request in the case:

• Identity of service account needs to have option to be scoped to the set of namespaces. We have multiple tenants hosting application on same platform (shared OpenShift instance) and we would like to lock them in their own scope.