Loading...

XML

Word

Printable

Type: Story
Resolution: Done
Priority: Normal
Fix Version/s: Consoledot CY24Q4
Affects Version/s: None
Component/s: None
Labels:

Epic Link:
RHCLOUD-30172
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
BZ requires_doc_text:
Unset
Feature Link:
CRCPLAN-232 - AuthZ | PRBAC v2 Service Provider Migration Initiation (Internal)
Regression:
None
BZ Keywords:
- Unset
Intelligence Requested:
Market:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

When Principals are lazily created, ensure they use the user_id value from SSO, and use this value for group membership tuples (this may happen already as part of ~~RHCLOUD-35448~~)

Deletion is moved to another story RHCLOUD-35628

depends on

RHCLOUD-35532 In order for access checks to be consistent between users, service accounts, and JWTs, migrate existing service account JWT "sub" values from SSO db to RBAC

Release Pending

is cloned by

RHCLOUD-35628 So orphaned relations are not hanging around, delete service accounts and relations when we detect removed service accounts

Backlog

relates to

RHCLOUD-35448 Start using Principal.user_id for group#member@principal tuples

Closed

Assignee:: Alec Henninger

Reporter:: Alec Henninger

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2024/10/03 2:56 PM

Updated:: 2024/10/21 7:48 PM

Resolved:: 2024/10/08 6:42 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates