Service Mesh DSOP Role Testing

DSOP Role Testing

RECOMMENDATION:
Advocate for service mesh as 4.x feature. Cost and timeline to write all explicit pod traffic allow rules is prohibitive and required to meet default "deny all" policy.

NOTES: Existing IaC Role test results: Job succeeded with default configurations.

3.11 Implementation Hurdles:

• Identify Labor Cost & Timeline for 3.11 implementation
• Compare against 4.x Deliverable & negative impact to 4.x Delivery timeline
• For Zero Trust policy
  1. Write explicit allow rules against every service/pod for Istio
  2. Remove Openshift Routes & Routers + Replace with Istio Routes