Cross-cluster delegation » History » Version 1
Peter Amstutz, 06/20/2017 08:49 PM
| 1 | 1 | Peter Amstutz | h1. Cross-cluster delegation |
|---|---|---|---|
| 2 | |||
| 3 | h2. Use case |
||
| 4 | |||
| 5 | I have a user account on cluster A. I would like to run a container on cluster B, using data from cluster C. (Or more generally, I'd like to give cluster B a limited ability to perform an operation on C on my behalf, e.g. a "role"). |
||
| 6 | |||
| 7 | h2. Design sketch |
||
| 8 | |||
| 9 | I have a federated identity. I have user accounts on clusters B and C which are linked to cluster A. |
||
| 10 | |||
| 11 | I have a token issued by A. I can "salt" the token and use it to access B and C as my identity from A. |