Changes for data plane AuthN/Z in PaaS (!65) · Merge requests · OSDU Software / OSDU Data Platform / Deployment and Operations / helm-charts-azure · GitLab

Starting on April 8th, The Open Group will require Two Factor Authentication for all GitLab users. For instructions on setting up 2FA, see the Knowledge Article or GitLab Documentation. Note in particular that any HTTPS clones will require the use of a Personal Access Token (rather than a user’s password) once 2FA is enabled.

Abhishek Patil requested to merge abpatil/oep-august-21 into oep-august-21 Aug 26, 2021

Updated istio rules to allow pod identity tokens.
Updated EnvoyFilters to extract appid from pod identity tokens and populate in x-user-id header.
Onboarded podIdentityAuthEnabled flag. This will enable the use of pod identity for token generation instead of SPN credentials if set to true.
Onboarded oidAuthEnabled flag. This will enable the use of oid for x-user-id header instead of upn and unique_name if set to true.

Edited Sep 01, 2021 by Abhishek Patil