SPIRE-26: Proposal for zero trust workload identity manager #1775
Conversation
openshift-ci
bot
added
the
do-not-merge/work-in-progress
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
anirudhAgniRedhat
force-pushed
the
zero-trust-workload-identity-manager
branch
from
432438d to
f667c6c
Compare
|
|
||
| Customers deploying OpenShift increasingly require a robust zero-trust approach to workload identity management that goes beyond traditional network security models. As microservices architectures become more complex, organizations need a solution that provides dynamic, cryptographically verifiable identities for their workloads, enabling secure and granular authentication across distributed systems. The current approach to identity management often relies on static, perimeter-based security mechanisms that fail to address the sophisticated security challenges of modern cloud-native environments. By implementing a Zero-Trust Workload Identity Manager, customers can achieve more comprehensive protection, reduce manual operational overhead, and ensure that every service interaction is explicitly verified and secured. | ||
|
|
||
| ### User Stories |
There was a problem hiding this comment.
User stories and goals need to be refined. https://github.com/openshift/enhancements/blob/master/guidelines/enhancement_template.md can be referred for examples.
…Constraints section
anirudhAgniRedhat
force-pushed
the
zero-trust-workload-identity-manager
branch
from
c8e7434 to
aff559b
Compare
anirudhAgniRedhat
changed the title
openshift-ci-robot
added
the
jira/valid-reference
openshift-ci
bot
removed
the
do-not-merge/work-in-progress
|
@anirudhAgniRedhat: This pull request references SPIRE-26 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.19.0" version, but no target version was set. In response to this: Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
@anirudhAgniRedhat: This pull request references SPIRE-26 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.19.0" version, but no target version was set. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
anirudhAgniRedhat
force-pushed
the
zero-trust-workload-identity-manager
branch
from
a450c20 to
71c8425
Compare
|
@anirudhAgniRedhat: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
This Enhancement Proposal adds details for a new zero-trust workload identity manager. which installs and manages the upstream Spiffe and Spire components. and creates a secure workload environment.
https://issues.redhat.com/browse/SPIRE-2