Implement SSO (Epic) #260
Labels
area/docs
Related with documentation in general
area/rgw-sfs
RGW & SFS related
area/tests
Related to tests and testing
area/ui
User Interface
kind/epic
Umbrella issue for a group of related issues
kind/feature
New functionality or support for something
triage/proposal for closure
There are reasons for this issue to be closed
Description
As s3gw is deployed in the field, we must consider users will find the need to maintain the same set of credentials for multiple s3gw instances, may they be in the same cluster or, potentially, across clusters.
It becomes a chore to maintain multiple s3gw instances' credentials in sync.
Supporting Single Sign-On would enable users of s3gw to manage their credentials centrally, and having the various s3gw UI's all relying on the same authority.
Similarly, by supporting STS (#229) we could potentially issue temporary tokens for direct access to an s3gw instance.
We should consider that this topic needs further research to understand how this can be implemented, or stitched together with existing solutions.
For reference, RGW already supports some IAM solutions:
Success criteria
More information
The text was updated successfully, but these errors were encountered: