/
Improvement for NewDelhi Release
Improvement for NewDelhi Release
- Andreas Geißler
Owned by Andreas Geißler
Current setup (Montreal) for the Keycloak setup (see ONAP on ServiceMesh (London)):
keycloak-init provides a realm with predefined users/roles https://git.onap.org/oom/tree/kubernetes/platform/components/keycloak-init
oauth2-proxy added to OOM deployment and configured as authentication provider (https://git.onap.org/oom/tree/kubernetes/platform/components/oauth2-proxy)
currently no "Authorization Policy" defined on Ingress to restrict access to API/UIs
Idea from Tata Consulting (see OOM Meeting Notes - 2024-02-14)
Generate Keycloak Realm with configurable:
Roles
Groups
Initial Users
Generate AuthorizationPolicies and AuthoritationRequest resources for Ingress APIs
, multiple selections available,
Related content
Keycloak Setup
Keycloak Setup
More like this
Install Keycloak in ONAP Platform
Install Keycloak in ONAP Platform
More like this
Istio Authorization Policies in OOM
Istio Authorization Policies in OOM
More like this
Oauth2-Proxy implementation and configuration
Oauth2-Proxy implementation and configuration
More like this
ONAP Access via Ingress
ONAP Access via Ingress
More like this
ONAP on Kubernetes
ONAP on Kubernetes
More like this