Details
-
Outcome
-
Resolution: Unresolved
-
Critical
-
None
-
None
-
None
-
66%
-
Green
Description
Outcome Overview
Customers desire
- integration with 3rd party authentication providers that support machine to machine workflows (azure active directory resource owners, for instance)
- migration from existing kubernetes authentication (external OIDC is present and multiple provider support is coming soon)
- multi-cluster token issuer configuration (backstage and ACM)
This outcome is about achieving that.
Success Criteria
To be successful
- we must be able to configure external OIDC providers on all OCP form factors
- we must be able to maintain those configurations over time, including efficient debugging and mutation as needs change
- support multiple token providers per cluster to allow migration
- allow cross-cloud OIDC configuration (cluster in aws, contacting azure)
- have an easy to deploy reference architecture for an multi-cluster OIDC provider (probably keycloak)
- have all RH provided token consumers interoperate with external OIDC providers.
Expected Results (what, how, when)
What incremental impact do you expect to create toward the company's Strategic Goals by delivering this outcome? (possible examples: unblocking sales, shifts in product metrics, etc. + provide links to metrics that will be used post-completion for review & pivot decisions). {}For each expected result, list what you will measure and when you will measure it (ex. provide links to existing information or metrics that will be used post-completion for review and specify when you will review the measurement such as 60 days after the work is complete)
TBD: David isn't sure if he can list measurement on the specifics of the item.
Post Completion Review – Actual Results
After completing the work (as determined by the "when" in Expected Results above), list the actual results observed / measured during Post Completion review(s).
Attachments
Issue Links
- is depended on by
-
OCPSTRAT-1139 [Upstream] CAPI provider for ROSA with HCP - Phase 2 (MVP-2)
- In Progress
- is related to
-
OCPSTRAT-760 [Upstream] CAPI provider for ROSA with HCP - Phase 1 (MVP-1 / Demo)
- Closed
- relates to
-
HOSTEDCP-1396 Resolve OAuth Proxy Implications on Observability Stack for External OIDC Integration
- New
-
XCMSTRAT-580 [UI Portion] External OIDC Configuration via OCM in HCP
- New
-
OCPSTRAT-956 Enable Break Glass access Mechanism for Cloud Services (ROSA as MVP)
- In Progress
- links to