Event Details

Please note: All times listed below are in Central Time Zone


Reinventing Access Control: Access Rules in OpenStack Keystone

One of the core tenets of The Cloud is application-driven, self-service infrastructure management. Until now, OpenStack's system for managing access control has fundamentally hindered a true self-service user experience and required users to file tickets with their administrators in order to get their applications the access they need to do work. With the introduction of access rules for keystone application credentials, we can finally empower OpenStack users to take full control over their own cloud-native applications by delegating a minimal set of permissions to their applications without the need for operator interference.

In this talk, attendees will learn about the evolution of this new  access control system in OpenStack keystone, how it works in tandem with  the current policy system in OpenStack, and how it compares with other  authorization models like OAuth2, AWS IAM, or Istio Authorization.  Attendees will gain an understanding of how the keystone project is  transitioning away from being only a user-centric service and why it is  so important to start thinking in terms of application-driven workloads.


What can I expect to learn?

In this talk, attendees will learn about the evolution of this new access control system in OpenStack keystone, how it works in tandem with the current policy system in OpenStack, and how it compares with other authorization models like OAuth2, AWS IAM, or Istio Authorization. Attendees will gain an understanding of how the keystone project is transitioning away from being only a user-centric service and why it is so important to start thinking in terms of application-driven workloads.

Monday, November 4, 1:50pm-2:00pm (5:50am - 6:00am UTC)
Difficulty Level: Intermediate
Cloud Developer, SUSE
Colleen is a software engineer for the cloud team at SUSE. She has been contributing to OpenStack since 2014, including sitting on the OpenStack Technical Committee, and currently serves as the Project Team Lead for the keystone project. Colleen lives in beautiful Portland, Oregon in the USA. FULL PROFILE