Mirantis Container Cloud (MCC) becomes part of Mirantis OpenStack for Kubernetes (MOSK)!
Starting with MOSK 25.2, the MOSK documentation set will cover all product layers, including MOSK management (formerly MCC). This means everything you need will be in one place. The separate MCC documentation site will be retired, so please update your bookmarks for continued easy access to the latest content.
Identity and access management¶
Identity and access management (IAM) provides a central point of users and permissions management of a MOSK cluster resources in a granular and unified manner. Also, IAM provides infrastructure for single sign-on user experience across all MOSK web portals.
IAM for MOSK consists of the following components:
- Keycloak
Provides the OpenID Connect endpoint
Integrates with an external identity provider (IdP), for example, existing LDAP or Google Open Authorization (OAuth)
Stores roles mapping for users
- IAM Controller
Provides IAM API with data about MOSK projects
Handles all role-based access control (RBAC) components in Kubernetes API
- IAM API
Provides an abstraction API for creating user scopes and roles
See also