Vancouver, BC
May 21-24, 2018

Event Details


A Unified Approach to Role Based Access Control

Delegation allows a user to let someone or something else perform operations on her behalf.  Delegation is the the key to scaling.    In order to delegate, you have to make use of the access control mechanisms of your automation.


Both Keystone and Kubernetes have Role Based Access Control (RBAC).  While there is, as of yet, no interoperability between them.  There is also no attempt to support the applications running on top of them.  In this presentation, we'll go through the RBAC mechanisms of both layers, and then discuss how to extend a unified view of RBAC to the end user facing applications.  Making use of basic Open Source technologies for Ansible Management, LDAP and Web Single Sign On, as well as unified API management, find out how to make a sane strategy for managing your cloud deployments.


What can I expect to learn?

By attending, you’ll learn:

How Role Based Access control works in:

  • Keystone and OpenStack.
  • Kubernetes.
  • ManageIQ.
  • Red Hat Ansible Tower.

How to use LDAP and FreeIPA to integrate with the above technologies.

How to set up delegation strategies for agents within your deployment.

The secret commonalities between these technologies.

Monday, May 21, 3:10pm-3:50pm
Level: Intermediate
Red Hat
Adam Young is a Cloud Solutions Architect at Red Hat, responsible for helping people develope their cloud strategies. He has been a long time core developer on Keystone, the authenticationand authorization service for OpenStack. Adam has worked on various systems management tools,including the Identity Management component of Red Hat Enterprise Linux based on the FreeIPAtechnology. A 20 year... FULL PROFILE