Authentication & Authorization
This is a high-level explanation of how authentication and authorization work within Spinnaker itself.
- Redis stores computed roles, default permissions, and roles from external systems
- Clouddriver gets known accounts
- Front50 gets known apps
Setup & Configuration
For more information on actual use of this see Setup Authentication and Authorization .
Authentication Architecture
Authentication for Spinnaker involves three pieces, the Spinnaker UI (Deck), the Spinnaker API (Gate), and your identity provider.
Authorization Architecture
Fiat works closely with Front50 (apps permissions), Clouddriver (account permissions), and Igor (build services permissions).
Last modified May 4, 2021: rest of migration (700781a)