Hello community We re looking for a way to solve user manage Flyte #ask-the-community

Hello community, We're looking for a way to solve...

Mike Olasz

10/04/2023, 8:25 AM

Hello community, We're looking for a way to solve user management in Flyte but it seems it's not implemented. The doc mentions authorization but that's only OAuth2 authorization which restricts client access to resources but not users to domain entities. We could also find GitHub issues and Slack threads about the topic that mentions RBAC is not going to be implemented in Flyte. One way is to sign up for Union AI but we would like to stay on-premises and that's not feasible with Union AI. Are there other ways of solving this? Has anyone came across this issue and solved it without signing up for Union AI?

Sean Chiarito

10/04/2023, 12:52 PM

Hi Mike,

Sean Chiarito

10/04/2023, 12:55 PM

By 'on-prem' do you mean in your cloud account? Union Cloud is hybrid architecture with all the compute, data, secrets, etc. residing in your cloud account. Where Union has no access. Sharing because feedback from people that this is not so obvious from the website. Happy to share more if needed.

Mike Olasz

10/04/2023, 1:30 PM

By on-premises I mean that we'd like to host Flyte in our own bare-metal cluster. We're wondering if there's a way to have RBAC implemented without signing up for Union Cloud.

Sean Chiarito

10/04/2023, 1:39 PM

Ok, understood. Thanks for the clarification. not supported in Flyte today as there is no standard.

Ketan (kumare3)

10/04/2023, 3:08 PM

With union ai hybrid architecture- it Is possible to have data plane anywhere and control plane is managed by union. Currently because of the fully managed system union supports AWS and gcp (with more coming ) but, we would be open to explore design partnerships for onprem

Pontus

11/30/2023, 5:48 PM

Hi, we are in a similar situation to what Mike is describing where we really need to have user management, i.e RBAC, on Flyte which runs on our on-prem cluster(s). We have been running Flyte for a few years at this point we appreciate it very much - but wider adoption is not possible without these features. We understand that there is no road map for implementing this in the open source project, but we would liked to know if it's possible to implement it ourselves within the open source framework - and if we could set up some kind of partnership to design this with you the authors, I am pretty sure my employer would be interested, but I would like to just discuss what would be possible.

Samhita Alla

12/01/2023, 9:42 AM

cc @Ketan (kumare3)

Pontus

12/13/2023, 9:49 AM

Hi @Samhita Alla @Ketan (kumare3) could we discuss this ?

Ketan (kumare3)

12/14/2023, 5:27 AM

@Pontus / @Mike Olasz lets have a conversation. cc @Sean Chiarito can you help schedule this?

Ketan (kumare3)

12/14/2023, 5:27 AM

let me ping you

Pontus

12/14/2023, 2:41 PM

Great thanks

Miguel Peixoto

02/16/2024, 10:48 AM

Any news on this topic?

Mike Olasz

02/16/2024, 12:11 PM

Nothing from my end

4 Views

Open in Slack

Previous Next