mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
bfff9dbe1f
new wording for whats new applied PM suggestions and removed the comment out content feature GA now so agreed with PM to commit test remove test
31 lines
2.3 KiB
Plaintext
31 lines
2.3 KiB
Plaintext
:_mod-docs-content-type: ASSEMBLY
|
|
[id="approved-access"]
|
|
= Approved Access
|
|
include::_attributes/common-attributes.adoc[]
|
|
ifdef::openshift-dedicated[]
|
|
include::_attributes/attributes-openshift-dedicated.adoc[]
|
|
endif::[]
|
|
:context: approved-access
|
|
|
|
toc::[]
|
|
|
|
Red{nbsp}Hat Site Reliability Engineering (SRE) typically does not require a elevated access to systems as part of normal operations to manage and support {product-title} clusters. In the unlikely event that SRE needs elevated access to systems, you can use the _Approved Access_ interface to review and _approve_ or _deny_ access to these systems.
|
|
|
|
Elevated access requests to clusters on {product-rosa} clusters and the corresponding cloud accounts can be created by SRE either in response to a customer-initiated support ticket or in response to alerts received by SRE as part of the standard incident response process.
|
|
|
|
When _Approved Access_ is enabled and an SRE creates an access request, _cluster owners_ receive an email notification informing them of a new access request. The email notification contains a link allowing the cluster owner to quickly approve or deny the access request. You must respond in a timely manner otherwise there is a risk to your SLA for {product-rosa}.
|
|
|
|
* If customers require additional users that are not the cluster owner to receive the email, they can link:https://docs.openshift.com/rosa/observability/logging/sd-accessing-the-service-logs.html#adding-cluster-notification-contacts_sd-accessing-the-service-logs[add additional cluster contacts].
|
|
* Pending access requests are available in the {hybrid-console-second} on the clusters list or *Access Requests* tab on the cluster overview for the specific cluster.
|
|
|
|
[NOTE]
|
|
====
|
|
Denying an access request requires you to complete the *Justification* field. In this case, SRE can not directly act on the resources related to the incident. Customers can still use the link:https://access.redhat.com/support/cases/#/case/list[*Customer Support*] to help investigate and resolve any issues.
|
|
====
|
|
|
|
include::modules/support-submitting-a-case-enable-approved-access.adoc[leveloffset=+1]
|
|
include::modules/support-reviewing-an-access-request-from-an-email-notification.adoc[leveloffset=+1]
|
|
include::modules/support-reviewing-an-access-request-from-the-hybrid-console.adoc[leveloffset=+1]
|
|
|
|
|