Uploaded image for project: 'Eucalyptus'
  1. EUCA-10334

Federation of identity information between Eucalyptus "regions"

    Details

    • Type: Epic
    • Status: Closed (View workflow)
    • Priority: Blocker
    • Resolution: Completed
    • Affects Version/s: None
    • Fix Version/s: 4.2.0
    • Component/s: None
    • Labels:
      None
    • Epic Status:
      Done
    • Rank:
      0|i01q8n:

      Description

      Federation of identity information means that a Cloud Administrator can create a federation of (otherwise independent) Eucalyptus "clouds" where a Cloud User, using the same credentials as always, can use any of these federated Eucalyptus cloud regions. For the parts of IAM & STS that Eucalyptus implements, the experience exposed to the Cloud User is the same as that seen by an AWS user working across AWS regions.

      A user can interact with any region using the same credentials, subjected to the same policies, and having uniformly accessible and structured principals (Accounts, Users, Groups, Roles, etc.). The globality also includes the STS service functionality, the temporary credentials produced by the STS service also work globally.

      Notably, this feature is restricted to IAM/STS and does not include other services which have pseudo-global characteristics, e.g., global bucket name space for S3.

        Gliffy Diagrams

          Attachments

            Issue links

              Activity

                People

                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: