International Business Machines Corporation
Cognitive access control policy management in a multi-cluster container orchestration environment

Abstract:

Dynamically enforcing access control policies unique to respective users in a multi-cluster container orchestration environment is provided. Resource-permission-role mappings are generated for users in the multi-cluster container orchestration environment based on preset access control criteria. Dynamic access control criteria are learned from the multi-cluster container orchestration environment over time. The resource-permission-role mappings for the users in the multi-cluster container orchestration environment are updated based on the dynamic access control criteria learned from the multi-cluster container orchestration environment over time. The resource-permission-role mappings are enforced to respective users in the multi-cluster container orchestration environment in response to receiving corresponding user resource access requests.