scenario template

README.md

@@ -1,19 +1,17 @@
-# Multicloud Gitops
+# Zero Trust Validated Pattern with Scenarios
 
 [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
 
 [Live build status](https://validatedpatterns.io/ci/?pattern=mcgitops)
 
 ## Start Here
 
-If you've followed a link to this repository, but are not really sure what it contains
-or how to use it, head over to [Multicloud GitOps](https://validatedpatterns.io/patterns/multicloud-gitops/)
-for additional context and installation instructions
+The goal of this pattern is to be able to easily consume pieces that apply to our products to assist customers to move from traditional to an optimal ZTA maturity.  The first step is to build the scenarios and then be apply to apply a scenario or set of scenarios to the overall pattern.
 
 ## Rationale
 
 The goal for this pattern is to:
 
-* Use a GitOps approach to manage hybrid and multi-cloud deployments across both public and private clouds.
-* Enable cross-cluster governance and application lifecycle management.
-* Securely manage secrets across the deployment.
+* Show that ZTA is not to complex to addopt
+* Show how to move through the ZTA maturity levels
+* Provide examples and scenarios to test and demonstrate

scenarios/README.md

@@ -1,36 +1,13 @@
-# Multicluster Devsecops
+# Scenario Scope
 
 [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
 
 ## Start Here
 
-If you've followed a link to this repository, but are not really sure what it contains
-or how to use it, head over to [Multicluster Devsecops](https://hybrid-cloud-patterns.io/devsecops/)
-for additional context and installation instructions
+Please build out a scenario document for each scenario and then rank as a high, medium, low priority with a high being a customer requested scenario.  Each scenario document file should indicate the scope, products/operators used and priority.
 
-## Cluster requirements
-
-This pattern depends on having three clusters.
-
-* Central Hub - where all the infrastructure components run.
-  * Red Hat Advanced Cluster Management
-  * Red Hat Advanced Cluster Security (Central)
-  * Red Hat Quay Enterprise
-  * Secrets management
-* Development - where CI/CD pipelines and testing run
-  * Red Hat OpenShift Pipelines
-  * Red Hat OpenShift GitOps
-  * Red Hat Advanced Cluster Security (Secured)
-* Production - where the applications run
-
-It can be modified to run everything in a single cluster. Components of `values-development.yaml` and `values-production.yaml` would need to be merged into `values-hub.yaml` where applicable. *Use caution*. In the future the pattern may be enhanced to combine into a single cluster.
-
-## Products/projects used
-
-* Red Hat OpenShift GitOps
-* Red Hat Advanced Cluster Management
-* Red Hat Advanced Cluster Security
-* Red Hat Open Data Foundation
-* Red Hat Quay
-* Red Hat OpenShift Pipelines
-* Hashicorp Vault (Community)
+Scenario 1 - Medium - Zero Trust with SPIFFE/SPIRE
+Scenario 2 - Medium - Short Lived credentials for the stepping stone to Zero Trust
+Scenario 3 - Medium - Zero Trust with Service Mesh
+Scenario 4 - Medium - AI Zero Trust Advanced Maturity for the DoD COA 1
+Scenario 5 - Medium - Zero Trust RMF with the DoD Overlay

scenarios/scenario1.md

@@ -1,36 +1,25 @@
-# Multicluster Devsecops
+# Scenario One - Zero Trust with SPIFFE/SPIRE
 
 [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
 
-## Start Here
+## Scope of Scenario One
 
-If you've followed a link to this repository, but are not really sure what it contains
-or how to use it, head over to [Multicluster Devsecops](https://hybrid-cloud-patterns.io/devsecops/)
-for additional context and installation instructions
 
-## Cluster requirements
+## Priority and explanation for this scenario pattern
 
-This pattern depends on having three clusters.
 
-* Central Hub - where all the infrastructure components run.
-  * Red Hat Advanced Cluster Management
-  * Red Hat Advanced Cluster Security (Central)
-  * Red Hat Quay Enterprise
-  * Secrets management
-* Development - where CI/CD pipelines and testing run
-  * Red Hat OpenShift Pipelines
-  * Red Hat OpenShift GitOps
-  * Red Hat Advanced Cluster Security (Secured)
-* Production - where the applications run
+## Pillars, Capabilities, Activities shown in this pattern
 
-It can be modified to run everything in a single cluster. Components of `values-development.yaml` and `values-production.yaml` would need to be merged into `values-hub.yaml` where applicable. *Use caution*. In the future the pattern may be enhanced to combine into a single cluster.
 
-## Products/projects used
+## Products/projects used for this scenario pattern
 
 * Red Hat OpenShift GitOps
 * Red Hat Advanced Cluster Management
 * Red Hat Advanced Cluster Security
-* Red Hat Open Data Foundation
-* Red Hat Quay
-* Red Hat OpenShift Pipelines
-* Hashicorp Vault (Community)
+
+## References and supporting material
+
+https://next.redhat.com/2024/06/27/spiffe-spire-on-red-hat-openshift/
+https://developers.redhat.com/learn/openshift/implement-cross-cloud-identity-framework-spiffespire-openshift
+https://www.youtube.com/watch?v=eyj0UCmJfjo
+https://www.youtube.com/watch?v=izYzTQYNCMc