Skip to content

Define security of iaas service software #749

@josephineSei

Description

@josephineSei

In SovereignCloudStack/issues#528 we define sets of mandatory and supported APIs.
This is a lengthy discussion.

But we may not only define, what APIs we expect to see in a cloud but also how old they are allowed to be.
On the KaaS Layer there is already a standard: https://github.com/SovereignCloudStack/standards/blob/main/Standards/scs-0210-v1-k8s-new-version-policy.md , which advises to closely follow the K8s releases.

We need to also define a period of Liveness for the IaaS Layer.

Definition of Done:

Please refer to scs-0001-v1 for details.

  • Proposal has been written with name of the form scs-xxxx-v1-slug.md (only substitute slug)
  • Proposal has the fields status, type, track set
  • Proposal has been voted upon in the corresponding team
  • Status has been changed into Draft, file renamed: xxxx replaced by document number
  • If applicable: test script has been written (this item may be moved into a separate issue so long as the state is Draft)

Metadata

Metadata

Assignees

Labels

IaaSIssues or pull requests relevant for Team1: IaaSSCS is standardizedSCS is standardizedSCS-VP10Related to tender lot SCS-VP10standardsIssues / ADR / pull requests relevant for standardization & certification

Type

No type

Projects

Status

Done

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions