SRE Access to the Control Plane
Overview
This article describes the Red Hat’s Site Reliability Engineers (SREs) access architecture, policies, and procedures for Red Hat Ansible Automation Platform Service on AWS.
Management Framework
Once deployed, the Ansible Automation Platform Service on AWS control plane is fully managed by Red Hat, so that upgrades, patches and maintenance tasks are handled by Red Hat’s SREs. This ensures that customers are always running the latest version of Ansible Automation Platform with access to new features and capabilities.
SRE access is limited to the infrastructure and services running the Ansible Automation Platform control plane. The control plane includes the application UIs, APIs, components, and services used for managing automation. Red Hat manages these within its own infrastructure.
SRE access to control plane resources is restricted to operations that require human intervention and cannot be automated. Any access follows a request-and-approval process and is audited to ensure only authorized personnel can perform these operations.
Red Hat has separated the control plane from the execution plane, which means that Red Hat takes responsibility for managing the entire Ansible Automation Platform control plane infrastructure and components, while customers are responsible for configuring and deploying the execution nodes within their own infrastructure, wherever it makes the most sense. Customer access to the control plane is specific to the Ansible Automation Platform user interfaces and APIs.
The Red Hat SRE team handles all the ongoing management (support, maintenance, and upgrade of your deployment) of Red Hat Ansible Automation Platform Service on AWS, while you focus on expanding your automation strategy within your organization across the hybrid cloud.
Comments