Goal

Design and implement a strategy for exposing admin APIs and associated business logic for use by RH and/or MSFT teams via Geneva Actions for cluster management operations. Admin APIs are exposed to and consumed by the Geneva Actions service, which enables a unified management experience for teams involved in supporting Azure services and is responsible for RBAC, JIT, audit history, and service-specific extension management. The Geneva Actions service's REST API endpoint is consumed by the Jarvis portal hosting Geneva Actions and other scripts and Microsoft tooling. A link to a full primer on the architecture can be found in the Resources section below.

Non-goals:

• C# code
• Integration with JIT
• publishing the actual geneva actions
  • We may want to scope this in, but for now will scope it out because of JIT claims

Benefit Hypothesis:

• Enable the use of Geneva Actions in the new ARO HCP architecture
• Geneva Actions are a key element of Microsoft strategy for on-call engineers accessing administrative APIs in production environments and are necessary to achieve the compliance certifications that ARO HCP will support

Resources

• Geneva Actions overview (requires b- account): https://eng.ms/docs/products/geneva/actions/overview

Responsibilities

• RP
• CS

Success Criteria

• Documents supporting the strategy are reviewed and published
• Implementation is complete and resulting components are deployed

Results

Add results here once the Initiative is started. Recommend discussions & updates once per quarter in bullets.