Uploaded image for project: 'Container / Cluster Management (XCM) Strategy'
  1. Container / Cluster Management (XCM) Strategy
  2. XCMSTRAT-362

Support tlsSecurityProfile for `default` IngressController

    XMLWordPrintable

Details

    • Feature
    • Resolution: Unresolved
    • Normal
    • None
    • None
    • ROSA Classic
    • False
    • Hide

      None

      Show
      None
    • False
    • Not Selected
    • 0
    • 0% 0%
    • 0

    Description

      Feature Overview (aka. Goal Summary)  

      Customer's have network security requirements to be able to secure the IngressController tlsSecurityProfile to a more modern list of ciphers. Customer's also have network security requirements driving them to reduce the allowedSourceRanges for the default IngressController.

       

      Requirements (aka. Acceptance Criteria):

      Background

      • tlsSecurityProfile was a missed acceptance criteria from XCMSTRAT-120 (and ADR-0083)
      • allowedSourceRanges is a new option from OCP (as of 4.13) that enabled controlling this from the IngressController, rather than patching the Service object

       

      Attachments

        Issue Links

          split from

          Feature - Capability or a well-defined set of functionality that delivers business value. Features can include additions or changes to existing functionality. Features can easily span multiple teams, and potentially multiple releases. XCMSTRAT-354 ROSA Classic: Support allowedSourceRanges for `default` IngressController

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • New

          Activity

            People

              Unassigned Unassigned
              wgordon.openshift Will Gordon
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated: