I think we should revisit this issue and maybe re-frame it around designing / implementing FTL identities + authorization capabilities. A Security model is something we are going to be iterating on, especially as the overall architecture is still being iterated on.
Completion of this issue should be a design document, addressing the following:
How are FTL workloads, humans and robot users identified
How is authorization to resources provided by components of FTL represented
What are the security boundaries for humans interacting with FTL components (end-user, module owner, cluster owner, infrastructure owner)
How is cluster integrity maintained (how do we have confidence in what's deployed)
How are FTL resources administered
What security boundaries are enforced vs made visible via audit capabilities
I think we should revisit this issue and maybe re-frame it around designing / implementing FTL identities + authorization capabilities. A Security model is something we are going to be iterating on, especially as the overall architecture is still being iterated on.
Completion of this issue should be a design document, addressing the following: