Uploaded image for project: 'SAFe Program'
  1. SAFe Program
  2. SP-4071

Establish group based distributed access control for AA0.5

Change Owns to Parent OfsSet start and due date...
    XporterXMLWordPrintable

Details

    • Services
    • Hide

      In order to decentralise and effectively manage access control to servers (SSH) and Kubernetes,  we need to establish group based distributed access control.

      This is defined and held in AzureAD, and integrated with Infra HQ.

      Show
      In order to decentralise and effectively manage access control to servers (SSH) and Kubernetes,  we need to establish group based distributed access control. This is defined and held in AzureAD, and integrated with Infra HQ.
    • Hide
      • Confirm the roles required for access covering VNC for Tango Controls GUIs, SSH (limited account and sudo - node types:  gateway/infravm, cluster, storage, CBF), Kubernetes access at cluster and namespace level (central cluster, MCCS Station, Dish LMC).
      • Map the roles to groups required for the different environments (Mid/Low/Station/Dish etc.)
      • Develop the groups with IT, and assign group maintainers
      • Connect groups to Infra HQ configuration
      • Update configuration on fleet to match (infrahq agent and ssh configuration)
      • Update access policy and user documentation to reflect changes
      Show
      Confirm the roles required for access covering VNC for Tango Controls GUIs, SSH (limited account and sudo - node types:  gateway/infravm, cluster, storage, CBF), Kubernetes access at cluster and namespace level (central cluster, MCCS Station, Dish LMC). Map the roles to groups required for the different environments (Mid/Low/Station/Dish etc.) Develop the groups with IT, and assign group maintainers Connect groups to Infra HQ configuration Update configuration on fleet to match (infrahq agent and ssh configuration) Update access policy and user documentation to reflect changes
    • 1
    • 1
    • 0
    • Team_BANG, Team_IT
    • Sprint 5
    • Overdue

    • PI24 - UNCOVERED

    • Team_BANG

    Description

      Establish group based distributed access control

      Attachments

        Issue Links

          mentioned in

          Page Loading...

          Page Loading...

          Structure

            Activity

              People

                m.deegan Deegan, Miles
                P.Harding Harding, Piers
                Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Feature Progress

                  Story Point Burn-up: (60.00%)

                  Feature Estimate: 1.0

                  IssuesStory Points
                  To Do00.0
                  In Progress   12.0
                  Complete33.0
                  Total45.0

                  Dates

                    Created:
                    Updated:

                    Structure Helper Panel