Loading...

XML

Word

Printable

Type: Story
Resolution: Done
Priority: Critical
Fix Version/s: Consoledot CY24Q4
Affects Version/s: None
Component/s: None
Labels:

Epic Link:
RHCLOUD-30169
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
BZ requires_doc_text:
Unset
Feature Link:
CRCPLAN-232 - Kessel | PRBAC v2 Service Provider Migration Enablement (Internal)
Regression:
None
BZ Keywords:
- Unset
Intelligence Requested:
Market:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Follow format outlined in AUTHZ-010

I.e. `domain:user_id`

depends on

RHCLOUD-34770 (User import job) Bootstrap existing Tenants, default group members, and user_id (standard JWT "sub") so access checks work and can use JWTs or identity header without having to use PII or lookup UUID from RBAC

Closed

is related to

RHCLOUD-35541 So access checks can be consistent between users and service accounts, use service account user ID for group membership relations and delete them when we detect the service account is removed

Closed

relates to

RHCLOUD-34511 In order to maintain access continuity, add and maintain tenanted default groups for all tenants and all users

Closed

RHCLOUD-35039 Generate replication event for v1 Group add / remove principal endpoints

Closed

Assignee:: Alec Henninger

Reporter:: Jay Zeng

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2024/09/27 12:17 PM

Updated:: 2024/10/21 7:35 PM

Resolved:: 2024/10/09 12:54 AM

Target end:: 2024/12/20

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates