Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Documentation on UDS Core groups and access levels #393

Closed
rjferguson21 opened this issue May 9, 2024 · 0 comments · Fixed by #395
Closed

Documentation on UDS Core groups and access levels #393

rjferguson21 opened this issue May 9, 2024 · 0 comments · Fixed by #395
Assignees
@UnicornChance
Labels
documentation Improvements or additions to documentation enhancement New feature or request

Comments

@rjferguson21
Copy link
Contributor

Is your feature request related to a problem? Please describe.

UDS Core deploys a Keycloak instance with a pre-configured UDS, the realm currently contains two groups, Auditor and Admin, which dictates access level for various applications in UDS Core. There is no documentation to indicate what access these groups give, nor any hints for configuring external identity providers to leverage those groups.

Describe the solution you'd like

A document outlining what groups that are pre-created and what permissions they grant users within each configured SSO application.

Perhaps some kind of table with the existing groups and the roles/groups they map to in the respective applications. Where appropriate link out to the applications to indicate what level of access will be given.

For example, we configure Grafana to map our Keycloak groups to corresponding Grafana roles.

Additional context

This document might also could be referenced to indicate how one might map IDP groups to Keycloak groups.
@rjferguson21 rjferguson21 added the enhancement New feature or request label May 9, 2024
@mjnagel mjnagel added the documentation Improvements or additions to documentation label May 9, 2024
@UnicornChance UnicornChance mentioned this issue May 9, 2024
Merged
5 tasks
@UnicornChance UnicornChance linked a pull request May 9, 2024 that will close this issue
docs: inital commit for doc #395
Merged
5 tasks
@UnicornChance UnicornChance self-assigned this May 9, 2024
rjferguson21 pushed a commit that referenced this issue May 10, 2024
@UnicornChance
docs: inital commit for doc (#395)
6c397d3 
## Description
Add docs for uds-core admin / auditor and where they map to in other
applications and IDP's.

## Related Issue

Fixes #393 

## Type of change

- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [x] Other (security config, docs update, etc)

## Checklist before merging

- [x] Test, docs, adr added or updated as needed
- [x] [Contributor Guide
Steps](https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md)(https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md#submitting-a-pull-request)
followed
rjferguson21 pushed a commit that referenced this issue Jul 11, 2024
@UnicornChance
docs: inital commit for doc (#395)
a4637d7 
## Description
Add docs for uds-core admin / auditor and where they map to in other
applications and IDP's.

## Related Issue

Fixes #393 

## Type of change

- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [x] Other (security config, docs update, etc)

## Checklist before merging

- [x] Test, docs, adr added or updated as needed
- [x] [Contributor Guide
Steps](https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md)(https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md#submitting-a-pull-request)
followed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@UnicornChance UnicornChance

Labels
documentation Improvements or additions to documentation enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

docs: inital commit for doc defenseunicorns/uds-core
3 participants
@rjferguson21 @mjnagel @UnicornChance