/
2017.11.30 LCOO Topical - Role Based Access Controls (RBAC)

2017.11.30 LCOO Topical - Role Based Access Controls (RBAC)

Owned by Jamey McCabe
Last updated: Jan 25, 2018 by Andrew Ukasick

Date

at UTC 1300: | See it in your timezone and add to your calendar: http://bit.ly/2jAL2UO


Please join LCOO Topical meetings in 3 ways:

  1. Here in Atlassian Wiki for the formal agenda and notes and action items - add ahead of time and during the meeting
  2. For audio and video interaction: Webex: Join WebEx meeting | Meeting number (access code): 257 224 076
    Join by phone: +1-866-662-9987 US Toll Free | Global call-in numbers:
    Can't join the meeting? 
  3. IRC: for those who cannot join via audio or prefer interactive english text/ability to translate we also use IRC.  It is scheduled to the #openstack-uc channel at this time. 

Attendees (please sign in)

Also please add your names and info here if you have not already done so: /wiki/spaces/LCOO/pages/16621272

Goals

Discussion items

TimingItemWhoNotes
10 minGreet and begin sharing and communicating in all channels (here, conference bridge, IRC)

20 minAttendees (hopefully at least 1 from each member company) introduce themselves and their interest/challenges

NTT: We had two major requirements in regards to RBAC

  1. Restrict users to access in-mature APIs (API parameters). We wanted to allow only well-tested APIs since maturity of API was not the same even within one project.
    1. we used reverse proxy (mod-proxy, etc) to filter API request (for public endpoint)
  2. Hierarchical Admin roles (mid-level admins and high-level admins whose area of management is different. i.e. high-level can access to all tenant resources but mid-level can only access to limited tenants)
    1. we tried to use "domains" and os-inherit feature to do some part of this but the configuration became too complicated and did not scale.
30 minDiscussion topic/presentation #1Orange

Presentation of External Policy Decision Point and Moon.

LCOO_Orange_IAM_Clouds-v2.pptx

to view: https://coopnet.multimedia-conference.orange-business.com/Login/ParticipantLogin.aspx?id=12413772&key=%3f%3fq%3fx%3fFQ%3fF%3f%5e%3fS%3f%3f&a=participate

30 min


Discussion topic/presentation #2AT&T

Role Based Access Control Challenges & Solutions

Role-Based Access Control Challenges Solutions Draft v4.pdf

30 minOpen Discussion/Next Steps

We can put proposed next steps here.  This could include subsequent sessions or checkpoints in which we bring others in.


Action items

    •  

Related content

2018.01.25 LCOO General
2018.01.25 LCOO General
LCOO
More like this
2017.06.22 LCOO General
2017.06.22 LCOO General
LCOO
More like this
Working Space for the RBAC Enhancement Development Proposal
Working Space for the RBAC Enhancement Development Proposal
LCOO
More like this
Role Based Access Controls (RBAC) Development Proposal
Role Based Access Controls (RBAC) Development Proposal
LCOO
More like this
2017.08.17 LCOO General
2017.08.17 LCOO General
LCOO
More like this
2018.02.01 LCOO Topical - Retrospective and ongoing collaboration RBAC
2018.02.01 LCOO Topical - Retrospective and ongoing collaboration RBAC
LCOO
More like this