deckhouse icon indicating copy to clipboard operation
deckhouse copied to clipboard
verified publisher icon deckhouse

[cloud-provider-vSphere] Multitenant proxy

Open raabdullaev opened this issue 1 year ago • 0 comments

Preflight Checklist

  • [X] I agree to follow the Code of Conduct that this project adheres to.
  • [X] I have searched the issue tracker for an issue that matches the one I want to file, without success.

Use case. Why is this important?

Proposed Solution

Implement a multitenant proxy for vSphere which would allow certain users to work only with resources in certain directories.

  1. The proxy has its own set of users and passwords.
  2. The proxy has admin credentials for vSphere.
  3. The proxy has the associantion of users with directories.
  4. The proxy rejects all requests from the user to a directory that is not accessible.
  5. The rest of the requests are proxied as is with the credentials of the vSphere admin.

It is not necessary to support all endpoints, we can only support those that we use in terraform and that are used by CCM/CSI/MCM.

Additional Information

No response

raabdullaev avatar Mar 13 '24 11:03 raabdullaev