Updating the RBAC goal as per new direction in zed cycle

Browse Source

In Zed cycle, we started collecting the operators feedback
- https://etherpad.opendev.org/p/BER-2022-OPS-SRBAC
- https://etherpad.opendev.org/p/rbac-operator-feedback

and based on that we changed the direction for RBAC goal:

1. Finish delivering project personas. This is to introduce the member
   and reader roles to operate things within their project. By default,
   any other project role like foo will not be allowed to do anything
   in the project.

2. Change in scope implementation. Services with project resources
   (except Ironic as they have user using the system scope) that have
   already implemented scope (or have yet to) should make all policy
   rules set scope_types=['project'].

Discussion reference for policy popup team
- https://etherpad.opendev.org/p/rbac-zed-ptg#L171

Change-Id: If7b052149df3f37f2173e6719c8c6d0d81787cc7

...

This commit is contained in:

Ghanshyam Mann 2022-06-23 18:26:53 -05:00 committed by Slawek Kaplonski

parent a7bb68f83b

commit 1909d4f7a0

1 changed files with 490 additions and 349 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Show Stats Download Patch File Download Diff File Expand all files Collapse all files

839

goals/selected/consistent-and-secure-rbac.rst

View File

File diff suppressed because it is too large Load Diff