Prepare for Y Release

Prepare for Z Release

Remove Quarter

XML

Word

Printable

Type: Task
Resolution: Unresolved
Priority: Critical
Fix Version/s: 1.4
Affects Version/s: 1.4
Component/s: Documentation
Labels:
- ContentX_CY24
- must-have

Story Points:
3
Epic Link:
Restructure the Authorization book
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Feature Link:
RHIDP-2555 - RHDH docs restructure-tracker
Intelligence Requested:
Market:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

See https://docs.google.com/document/d/1hzho44sCs1Y-m4UTy2kDuZg_0jm8LNJXruJDusAQ4aI/edit#heading=h.9wkl0zm0iw87

Chapter 2: Configuring policy administrators

AI [Docs] Blend https://docs.redhat.com/en/documentation/red_hat_developer_hub/1.2/html-single/authorization/index#con-rbac-config-permission-policies-admin_title-authorization and https://redhatquickcourses.github.io/devhub-admin/devhub-admin/1/chapter2/rbac.html#_lab_configure_policy_administrators
DONE AI [SME/Docs] to be more directive, keep only one configuration method, and drop the section “Configuration of permission policies defined in an external file” https://docs.redhat.com/en/documentation/red_hat_developer_hub/1.2/html-single/authorization/index#con-rbac-config-permission-policies-external-file_title-authorization => OK

Declare policy administrators to allow a certain limited number of authenticated users to configure RBAC policies by using the REST API or the Web UI, rather than editing the CSV file.

The actual policies are defined in a separate CSV file and referenced in the app-config-rhdh ConfigMap.

Prerequisites

You enabled an authentication provider.
You enabled the RBAC plugin.
You have administrative access to the OpenShift project or Kubernetes namespace where RHDH is running.

Procedure

To declare users as policy administrators, add the following permission attribute to the app-config-rhdh ConfigMap (At the same indentation level as the app and below the catalog attribute). Ensure that you added a valid authenticated user for the admin.users attribute:

permission:

enabled: true

rbac:

admin:

users:

- name: user:default/rsriniva

Sign out from the existing RHDH session and log in again using the GitHub ID of the declared policy administrator.

Navigate to the Catalog page in RHDH. Note that the Create button is not visible. You are not allowed to create new components.
Next, try navigating to the API page. The Register button is not visible. With RBAC enabled, most features are disabled by default. You need to explicitly enable permissions to resources in RHDH.

is duplicated by

RHIDP-4424 Close gaps in RBAC documentation to improve initial setup and configuration UX

Review

links to

https://github.com/redhat-developer/red-hat-developers-documentation-rhdh/pull/631

There are no Sub-Tasks for this issue.

Assignee:: Fabrice Flore-Thébault

Reporter:: Fabrice Flore-Thébault

Team:: RHIDP - Documentation

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2024/09/12 11:12 AM

Updated:: 2024/10/18 12:56 PM

Details

Description

Chapter 2: Configuring policy administrators

Attachments

Issue Links

Sub-Tasks

Activity

People

Dates