Loading...

XML

Word

Printable

Type: Story
Resolution: Unresolved
Priority: Normal
Fix Version/s: Consoledot CY24Q4
Affects Version/s: None
Component/s: None
Labels:
- ciam-authz-assets

Epic Link:
RHCLOUD-30172
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
BZ requires_doc_text:
Unset
Feature Link:
CRCPLAN-232 - AuthZ | PRBAC v2 Service Provider Migration Initiation (Internal)
Regression:
None
BZ Keywords:
- Unset
Intelligence Requested:
Market:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Account for service account deletion:

https://github.com/RedHatInsights/insights-rbac/blob/master/rbac/management/principal/it_service.py#L97
If the SA does not exist, have to clean that from our DB, and remove the relationships from spiceDB

clones

RHCLOUD-35541 So access checks can be consistent between users and service accounts, use service account user ID for group membership relations and delete them when we detect the service account is removed

Closed

Assignee:: Unassigned

Reporter:: Alec Henninger

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2024/10/08 6:41 PM

Updated:: 2024/10/24 5:57 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates