サポートコンソール開発者トライアルの開始お問い合わせ

このコンテンツは選択した言語では利用できません。

Chapter 3. Approved Access

Red Hat Site Reliability Engineering (SRE) typically does not require elevated access to systems as part of normal operations to manage and support Red Hat OpenShift Service on AWS clusters. Elevated access gives SRE the access levels of a cluster-admin role. See cluster roles for more information.

In the unlikely event that SRE needs elevated access to systems, you can use the Approved Access interface to review and approve or deny access to these systems.

Elevated access requests to clusters on Red Hat OpenShift Service on AWS clusters and the corresponding cloud accounts can be created by SRE either in response to a customer-initiated support ticket or in response to alerts received by SRE as part of the standard incident response process.

When Approved Access is enabled and an SRE creates an access request, cluster owners receive an email notification informing them of a new access request. The email notification contains a link allowing the cluster owner to quickly approve or deny the access request. You must respond in a timely manner otherwise there is a risk to your SLA for Red Hat OpenShift Service on AWS.

  • If customers require additional users that are not the cluster owner to receive the email, they can add notification cluster contacts.
  • Pending access requests are available in the Hybrid Cloud Console on the clusters list or Access Requests tab on the cluster overview for the specific cluster.
Note

Denying an access request requires you to complete the Justification field. In this case, SRE can not directly act on the resources related to the incident. Customers can still use the Customer Support to help investigate and resolve any issues.

3.1. Enabling Approved Access for ROSA clusters by submitting a support case

Red Hat OpenShift Service on AWS Approved Access is not enabled by default. To enable Approved Access for your Red Hat OpenShift Service on AWS clusters, you should create a support ticket.

Procedure

  1. Log in to the Customer Support page of the Red Hat Customer Portal.
  2. Click Get support.

  3. On the Cases tab of the Customer support page:

    1. Optional: Change the pre-filled account and owner details if needed.
    2. Select the Configuration category and click Continue.

  4. Enter the following information:

    1. In the Product field, select Red Hat OpenShift Service on AWS or Red Hat OpenShift Service on AWS Hosted control planes.
    2. In the Problem statement field, enter Enable ROSA Access Protection.
    3. Click See more options.
  5. Select OpenShift Cluster ID from the drop-down list.

  6. Fill the remaining mandatory fields in the form:

    1. What are you experiencing? What are you expecting to happen?

      1. Fill with Approved Access.

    2. Define the value or impact to you or the business.

      1. Fill with Approved Access.
    3. Click Continue.
  7. Select Severity as 4(Low) and click Continue.
  8. Preview the case details and click Submit.

3.2. Reviewing an access request from an email notification

Cluster owners will receive an email notification when Red Hat Site Reliability Engineering (SRE) request access to their cluster with a link to review the request in the Hybrid Cloud Console.

Procedure

  1. Click the link within the email to bring you to the Hybrid Cloud Console.

  2. In the Access Request Details dialog, click Approve or Deny under Decision.

    Note

    Denying an access request requires you to complete the Justification field. In this case, SRE can not directly act on the resources related to the incident. Customers can still use the Customer Support to help investigate and resolve any issues.

  3. Click Save.

3.3. Reviewing an access request from the Hybrid Cloud Console

Review access requests for your Red Hat OpenShift Service on AWS clusters from the Hybrid Cloud Console.

Procedure

  1. Navigate to OpenShift Cluster Manager and select Cluster List.
  2. Click the cluster name to review the Access Request.
  3. Select the Access Requests tab to list all states.
  4. Select Open under Actions for the Pending state.

  5. In the Access Request Details dialog, click Approve or Deny under Decision.

    Note

    Denying an access request requires you to complete the Justification field. In this case, SRE can not directly act on the resources related to the incident. Customers can still use the Customer Support to help investigate and resolve any issues.

  6. Click Save.
Red Hat logoGithubRedditYoutubeTwitter

詳細情報

試用、購入および販売

コミュニティー

Red Hat ドキュメントについて

Red Hat をお使いのお客様が、信頼できるコンテンツが含まれている製品やサービスを活用することで、イノベーションを行い、目標を達成できるようにします。

多様性を受け入れるオープンソースの強化

Red Hat では、コード、ドキュメント、Web プロパティーにおける配慮に欠ける用語の置き換えに取り組んでいます。このような変更は、段階的に実施される予定です。詳細情報: Red Hat ブログ.

会社概要

Red Hat は、企業がコアとなるデータセンターからネットワークエッジに至るまで、各種プラットフォームや環境全体で作業を簡素化できるように、強化されたソリューションを提供しています。

© 2024 Red Hat, Inc.