1657504 – HBAC and sudo for OSP infrastructure via Red Hat IdM

Bug 1657504 - HBAC and sudo for OSP infrastructure via Red Hat IdM

Summary: HBAC and sudo for OSP infrastructure via Red Hat IdM

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	Security
Sub Component:
Version:	16.0 (Train)
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	urgent
Target Milestone:	---
Target Release:	---
Assignee:	Harry Rybacki
QA Contact:	Jeremy Agee
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1418508 1433706 1557829 1585219
TreeView+	depends on / blocked

Reported:	2018-12-09 16:39 UTC by Harry Rybacki
Modified:	2022-07-11 20:27 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2022-07-11 20:27:13 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	OSP-213	0	None	None	None	2022-03-10 23:34:15 UTC

Description Harry Rybacki 2018-12-09 16:39:29 UTC

Description of problem:

In our quest to meet compliance requirements for OpenStack infrastructure, we are proposing to use Red Hat IdM to solve for security operator profile use cases. The requirement is one in which we need granular controls of access (AuthN) and authorization (AuthZ) for OSP operators. 

For example, organizations have specified groupings e.g.: red, yellow, and green accounts to denote security profiles with certain capabilities and restrictions. This approach  leverages existing IdM capabilities to accelerate meeting requirements defined by various risk management frameworks.

Note You need to log in before you can comment on or make changes to this bug.