Authentication Architecture
Authentication for Spinnaker involves three pieces, the Spinnaker UI (Deck), the Spinnaker API (Gate), and your identity provider.
Authentication & Authorization
This is a high-level explanation of how authentication and authorization work within Spinnaker itself.
- Redis stores computed roles, default permissions, and roles from external systems
- Clouddriver gets known accounts
- Front50 gets known apps
Setup & Configuration
For more information on actual use of this see Setup Authentication and Authorization .
Authorization Architecture
Fiat works closely with Front50 (apps permissions), Clouddriver (account permissions), and Igor (build services permissions).
Last modified May 4, 2021: rest of migration (700781a)