Hello community,
We're looking for a way to solve...
# flyte-supporth
high-gold-37421
10/04/2023, 8:25 AMHello community,
We're looking for a way to solve user management in Flyte but it seems it's not implemented. The doc mentions authorization but that's only OAuth2 authorization which restricts client access to resources but not users to domain entities. We could also find GitHub issues and Slack threads about the topic that mentions RBAC is not going to be implemented in Flyte. One way is to sign up for Union AI but we would like to stay on-premises and that's not feasible with Union AI. Are there other ways of solving this? Has anyone came across this issue and solved it without signing up for Union AI?
v
victorious-zoo-70738
10/04/2023, 12:52 PMHi Mike,
victorious-zoo-70738
10/04/2023, 12:55 PMBy 'on-prem' do you mean in your cloud account? Union Cloud is hybrid architecture with all the compute, data, secrets, etc. residing in your cloud account. Where Union has no access. Sharing because feedback from people that this is not so obvious from the website. Happy to share more if needed.
h
high-gold-37421
10/04/2023, 1:30 PMBy on-premises I mean that we'd like to host Flyte in our own bare-metal cluster. We're wondering if there's a way to have RBAC implemented without signing up for Union Cloud.
v
victorious-zoo-70738
10/04/2023, 1:39 PMOk, understood. Thanks for the clarification. not supported in Flyte today as there is no standard.
f
freezing-airport-6809
10/04/2023, 3:08 PM
With union ai hybrid architecture- it
Is possible to have data plane anywhere and control plane is managed by union. Currently because of the fully managed system union supports AWS and gcp (with more coming ) but, we would be open to explore design partnerships for onprem
c
curved-petabyte-56649
11/30/2023, 5:48 PMHi, we are in a similar situation to what Mike is describing where we really need to have user management, i.e RBAC, on Flyte which runs on our on-prem cluster(s). We have been running Flyte for a few years at this point we appreciate it very much - but wider adoption is not possible without these features. We understand that there is no road map for implementing this in the open source project, but we would liked to know if it's possible to implement it ourselves within the open source framework - and if we could set up some kind of partnership to design this with you the authors, I am pretty sure my employer would be interested, but I would like to just discuss what would be possible.
👍 1
t
tall-lock-23197
12/01/2023, 9:42 AM
cc @freezing-airport-6809
👍 1
c
curved-petabyte-56649
12/13/2023, 9:49 AMHi @tall-lock-23197 @freezing-airport-6809 could we discuss this ?
f
freezing-airport-6809
12/14/2023, 5:27 AM
@curved-petabyte-56649 / @high-gold-37421 lets have a conversation. cc @victorious-zoo-70738 can you help schedule this?
freezing-airport-6809
12/14/2023, 5:27 AM
let me ping you
c
curved-petabyte-56649
12/14/2023, 2:41 PMGreat thanks
b
billions-ability-77172
02/16/2024, 10:48 AMAny news on this topic?
h
high-gold-37421
02/16/2024, 12:11 PMNothing from my end
6 Views