Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-8042

Provide default ClusterRoles for Red Hat Operators installed via OLMv1

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • None
    • Cluster Infrastructure, OLM
    • None
    • None
    • Product / Portfolio Work
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      While OLMv1 follows the principle of least privilege using service accounts with custom roles and bindings, there is no standard or reusable ClusterRole provided by Red Hat for common Operators. Each user has to independently determine minimal permissions, which leads to repetitive effort and potential misconfiguration. Red Hat should provide pre-defined, reusable ClusterRoles (like the example provided for OpenShift Pipelines) for its certified Operators.

       

      Why does we need this? 

      • Saves time and reduces complexity during Operator onboarding.
      • Encourages consistent and secure role definitions across environments.
      • Reduces chances of misconfigured permissions that may cause Operator failure.
      • Improves user experience and supports enterprise-grade RBAC standardization.

       

              rh-ee-smodeel Subin M
              rhn-support-skohli Shubh Kohli
              None
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                None
                None