Skip to content

canonical/jimm

Folders and files

NameName
Last commit message
Last commit date

Latest commit

2bdd39d · Feb 26, 2025
Feb 26, 2025
Dec 12, 2024
Sep 4, 2024
Jan 30, 2025
Oct 17, 2024
Feb 13, 2025
Feb 25, 2025
Nov 21, 2024
Jan 10, 2025
Jan 6, 2025
Jul 30, 2024
Aug 9, 2024
Aug 27, 2024
Oct 21, 2024
Dec 13, 2024
Jan 14, 2025
Nov 5, 2024
Jul 2, 2024
Dec 13, 2024
Aug 30, 2024
Oct 17, 2024
Feb 26, 2025
Jan 23, 2025
Feb 13, 2025
Feb 13, 2025

Repository files navigation

JIMM - Juju Intelligent Model Manager

JIMM is a Go based webserver used to provide extra functionality on top of Juju controllers. If you are unfamiliar with Juju, we suggest visiting the Juju docs - the open source orchestration engine for software operators.

JIMM provides the ability to manage multiple Juju controllers from a single location with enhanced enterprise functionality.

JIMM is the central component of JAAS (Juju As A Service), where JAAS is a set of services acting together to enable storing state, storing secrets and auth.

Features

JIMM/JAAS provides enterprise level functionality layered on top of your Juju controller like:

  • Federated login via an external identity provider using OAuth2.0 and OIDC.
  • Fine grained access control with the ability to create user groups.
  • A single gateway into your Juju estate.
  • The ability to query for information across all your Juju controllers.

For a full overview of the capabilties, check out the docs.

Dependencies

The project uses Go modules to manage Go dependencies. Note: Go 1.11 or greater needed.

A brief explanation of the various services that JIMM depends on is below:

  • Vault: User cloud-credentials and private keys are stored in Vault. Cloud-credentials are API keys that enable Juju to communicate with a cloud's API.
  • PostgreSQL: All non-sensitive state is stored in Postgres.
  • OpenFGA: A distributed authorisation server where authorisation rules are stored and queried using relation based access control.
  • IdP: An identity provider which supports OAuth2.0 and OIDC.

JIMM versioning

The versioning strategy we follow is to match JIMM's major version to the corresponding Juju major version we support.

Additionally JIMM will also support Juju's last minor version of the previous major to support model migrations.

E.g. JIMM v3 supports Juju v3 controllers AND the last minor version of the previous major, v2.9.

For more information on JIMM's history and previous version strategy see here.

Binaries

This repository contains 3 binaries:

  • jimmsrv: The JIMM server.
  • jimmctl: A CLI tool for administrators of JIMM to view audit logs, manage permissions, etc. Available as a snap.
  • jaas: A plugin for the Juju CLI, extend the base set of command with extra functionality when communicating with a JAAS environment.

Development environment

See here on how to get started.

Testing

See here on how to get started.