Bug 1657504 - HBAC and sudo for OSP infrastructure via Red Hat IdM
Summary: HBAC and sudo for OSP infrastructure via Red Hat IdM
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: Security
Version: 16.0 (Train)
Hardware: Unspecified
OS: Unspecified
medium
urgent
Target Milestone: ---
: ---
Assignee: Harry Rybacki
QA Contact: Jeremy Agee
URL:
Whiteboard:
Depends On:
Blocks: 1418508 1433706 1557829 1585219
TreeView+ depends on / blocked
 
Reported: 2018-12-09 16:39 UTC by Harry Rybacki
Modified: 2022-07-11 20:27 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-07-11 20:27:13 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker OSP-213 0 None None None 2022-03-10 23:34:15 UTC

Description Harry Rybacki 2018-12-09 16:39:29 UTC
Description of problem:

In our quest to meet compliance requirements for OpenStack infrastructure, we are proposing to use Red Hat IdM to solve for security operator profile use cases. The requirement is one in which we need granular controls of access (AuthN) and authorization (AuthZ) for OSP operators. 

For example, organizations have specified groupings e.g.: red, yellow, and green accounts to denote security profiles with certain capabilities and restrictions. This approach  leverages existing IdM capabilities to accelerate meeting requirements defined by various risk management frameworks.


Note You need to log in before you can comment on or make changes to this bug.