m-cmp / mc-iam-manager

https://github.com/m-cmp/docs/tree/main
Apache License 2.0
3 stars 5 forks source link

FOSSA Status GitHub go.mod Go version GoDoc Release Version License

M-CMP IAM Manager docs

M-CMP IAM Manager

This repository provides a Multi-Cloud IAM Management Framework.

A sub-system of M-CMP platform to deploy and manage Multi-Cloud Infrastructures.

Overview

The Multi-Cloud Authorization and Access Control Framework provides platform account/role management, integrated management of cloud account/access control information, and workspace management functionalities. It offers features compatible with security policy determination, establishment, and enforcement for existing multi-cloud services. Additionally, it provides the capability to establish and manage independent security policies within the framework. It defines an access control reference model for multi-cloud, distinguishing between user access control and service provider access control. This model adopts a prominent Role-Based Access Control (RBAC) approach and integrates it with existing policy management solutions for application and utilization.

Quick Start with docker

Use this guide to start MC-IAM-MANAGER using the docker. The Quick Start guide sets the default Admin, Operator, Viewer account, and environment.

Prequisites

Step one : Clone this repo

git clone <https://github.com/m-cmp/mc-iam-manager> <YourFolderName>

Step two : Go to Scripts Folder

cd <YourFolderName>/scripts

Step three : Excute keycloakimportsetting.sh

./keycloakimportsetting.sh

## MC-IAM-MANAGER Init Setup ##
 - Please enter the changes. If not, use the environment variable.
 - You can set Values in ./.mciammanager_init_env

COMPANY_NAME  : 
...

This step defines the environment variables that you want to use by default or creates ./scripts/container-volume/mc-iam-manager/keycloak/data/import/realm-import.json based on the variables defined in ./scripts/.env. Therefore, "Keycloak" completes the initial setup based on the file, creating the first login user in the process.

Step four: Excute docker-compose

cd scripts
sudo docker-compose up --build -d

This step is time consuming. Don't worry if the console fails. "Keycloak" is a natural error that occurs during initial installation when MC-IAM-MANAGER requests Keyclaok readiness and certification to initialize the database and import the required data.

Once the server completes successfully, you can access the readyz endpoint with the message that it has been loaded successfully.

Step final: Check Readyzenpoint

$ curl https://<yourdomain.com>:5000/readyz
# {"ststus":"ok"}

If {"stststus":"ok"} is received from the endpoint, it means that the service is being deployed normally.

WELCOME : Now you can use MC-IAM-MANAGER

To use MC-IAM-MANAGER, you need to register the resources of the framework to be used as the first registered user.

For example, MC-WEB-CONSOLE must register a menu so that the user can load the web screen normally.

This section describes how to use scripts that made the process simple.

swagger docs

https://m-cmp.github.io/mc-iam-manager/


How to Contribute

License

FOSSA Status