Overview

This is an older version of the document. To view the most recent version of the document, click here.

Authorization

Overview of Authorization

  • Alike authentication, Spinnaker has various mechanisms of authorization. In this page we are going to explore, on how to setup and configure Fiat, an authorization microservice of Spinnaker.

  • First of all, what is Authorization got to do with Spinnaker?

    • Using Spinnaker’s - Fiat authorization mechanism one can define roles and responsibilities for a user. To explain in other words, an admin can define what can user see and access while accessing Spinnaker, by restricting access.

Requirements to Setup Authorization

  • Primarily, its mandate to have Authentication setup for Gate.

  • To enable persistent Storage (S3 or GCS), ensure to have front 50 configured.

  • Enable role any one of the role provider from the below

    • Using Google Groups by accessing G Suite Admin Console

    • GitHub Team

    • LDAP server

    • SAML Identity Provider (IdP) – In SAML user roles are fixed, and cannot be changes until the user needs to re-authenticate.

Last updated