rprakashg-redhat
commented
2 months ago Gatekeeper/Kyverno operators is another one I would add. We could also build a collection of Guardrails (OPA & Kyverno) policies that are relevant to edge usecase)
Open rprakashg-redhat opened 2 months ago
rprakashg-redhat
commented
2 months ago Gatekeeper/Kyverno operators is another one I would add. We could also build a collection of Guardrails (OPA & Kyverno) policies that are relevant to edge usecase)
jjaswanson4
commented
2 months ago What's the reason for separating out ACP Standard services from ACP Architecture pattern?. Shouldn't they be combined into one?
There's two main reasons:
I'm not strongly attached to one or the other approach honestly.
Add the following I agree with these, but we'll want to change how we describe them - we want to phrase them as services, as opposed to "the technical thing that provides this functionality". The end target persona probably doesn't care about what actually provides the functionality, they just care that it can be enabled and works.
Example: The ACP standard services pattern would include "file integrity service", and then a supporting block would explain how to install/configure the operator.
I question the compliance operator, as not all organizations have a baseline selected and are fine with the "out of the box" recommendations, unless we plan to say "this baseline is our general baseline for everyone".
RBAC Group Sync I do think we need a pattern on "Externally provided IAM tied to RBAC".
What's the reason for separating out ACP Standard services from ACP Architecture pattern?. Shouldn't they be combined into one?
Also to ACP standardized services I would recommend adding following
Should we merge the 2? If not I can send a PR to ACP standard services pattern to include these