Aeolus_User_Stories

Name: Event Management
ID: US946
Description: As a CloudForms user, I need to manage events produced by the entities of my cloud so that I may perform event analysis to support operations, governance, risk and compliance in the cloud.<br />
Notes:
Children:
- Name: Event Log Analysis
- ID: US959
- Description: As a System Administrator, I need the event messages of the systems that operate in the cloud to be readily interpreted and understood so that the messages can effectively support the operational needs of a broad range of analytic functions.
- Notes:
- Children:
  - Name: Event Severity Level
  - ID: US961
  - Description: As a System Administrator, I want an event log to contain a pre-defined event severity level that is assigned by the system so that I may properly prioritize any analysis and responsive actions due to the event occurrence.
  - Notes: Implementation Note:<br /><br>- The pre-defined 8 severity levels for syslog are the de-facto levels in use
  - Name: Event Message Unique Identifier
  - ID: US963
  - Description: As a System Administrator, I want an event log to contain a unique message identifier that specifies teh meaning and format of the event so I can readily analyze the information contained in the event log payload.
  - Notes: Implementation Notes:<br /><br>- The event id should define the contents of the message (e.g. fields)<br>- Event id’s make it easy for external systems to identify and parse message<br>- Documentation should detail events/message ids<br>- The event id space can be used for organize event category ranges
  - Name: Event Component/Sub-system Source
  - ID: US962
  - Description: As a System Administrator, I want an event log to identify the component/sub-system that generated the event so that I may attain the full context of the the system operation the event occurrence describes.
  - Notes:
  - Name: Timestamp Event Occurrence
  - ID: US960
  - Description: As a System Administrator, I need an event log to contain the timestamp of the event occurrence so that I may properly analyze the event.
  - Notes: Implementation Consideration:<br /><br>- Note that the timestamp for the event occurrence may be different than the timestamp of the event being transported.
- Name: Retain System Event Messages
- ID: US954
- Description: As a System Adiministrator, I need to retain the system messages generated during the operation of my cloud so that I may adhere to information retention policies defined by the regulations for my enterprise.
- Notes:
- Children:
  - Name: Forward Events to Remote Logging Server
  - ID: US955
  - Description: As a System Administrator, I need to forward event log messages generated by the cloud management system to a remote logging server so that I may centrally retain and analyze all the events generated by the IT infrastructure.
  - Notes:
  - Children:
    - Name: Send Event Logs in XML Format
    - ID: US953
    - Description: As a System Administrator, I want to enable event log messages to be sent in XML format so that they can be readily used in external customized monitoring tools.
    - Notes:
    - Name: Forward Events Using Syslog over TCP
    - ID: US958
    - Description: As a System Administrator, I need to forward evetn log messages utilizing Syslog over TCP transport protocol so that I may reliably transfer messages to a remote event logging system.
    - Notes:
    - Name: Forware Event to Up to Multiple Remote Logging Servers
    - ID: US956
    - Description: As a System Administrator, I need to forward event log message to multiple remote logging servers so that I may support distinct analysis operations (e.g. security, faults, accounting, etc.).
    - Notes:
    - Name: Forward Events Using Syslog over UDP
    - ID: US957
    - Description: As a System Administrator, I need to forward event log messages utilizing the Syslog over UDP transport protocol so that I may integrate the most prevalent event analysis tools.
    - Notes:
- Name: Cloud Operational Events
- ID: US964
- Description: As a System Administrator, I need my cloud system to generate operational event log messages for all components of the system so that I may understand the operation, utilization and condition of the system.
- Notes:

Name: Cloud Resource Pools
ID: US916
Description: As an Infrastructure Manager, I need to define Cloud Resource Pools that will contain the collection of abstracted cloud computing resources so that self-service Infrastructure Consumers may be simply concerned with the behavioral aspects of the application they need to interact with to perform a job function.
Notes:
Children:
- Name: Create Resource Pool
- ID: US917
- Description: As a System Administrator I want to create a cloud resource Pool that will group/contain all the applications that are running in the cloud that have related characteristics so that I may share access to these resources with self-service infrasctructure consumusers.
- Notes:
- Children:
  - Name: Create Testing Resource Pool
  - ID: US919
  - Description: As a System Administrator, I need to create a cloud resource Pool so that applications running in the cloud that are in the testing phase of the SDLC may be shared and accessed by self-service (QE) users.
  - Notes:
  - Name: Create Production Resource Pool
  - ID: US920
  - Description: As a System Administrator, I need to create a cloud resource Pool so that applications running in the cloud that are in the production phase of the SDLC may be shared and accessed by self-service (production application) users.
  - Notes:
  - Name: Create Development Resource Pool
  - ID: US918
  - Description: As a System Administrator, I need to create a cloud resource Pool so that applications running in the cloud that are in the development phase of the SDLC may be shared and accessed by self-service (developer) users.
  - Notes:
- Name: Disable Cloud Resource Pool
- ID: US921
- Description: As a System Administrator, I need to be able to disable a cloud resource Pool so that it may be de-activated with out requiring that the cloud resource Pool be deleted.
- Notes: There are a number of implementation considertations:<br /><br>- When the pool is in the disabled state, it should prevent additional applications from being launched into the pool.<br>- What should the behavior be for applications that are presently running in the pool when it is disabled? There are a number of options (stop, terminate, let them run, prevent interactions, etc.)
- Name: Delete Resource Pool
- ID: US928
- Description: As a System Administrator, I need to delete an existing resource Pool so that it is no longer used for the placement of application deployments running in the cloud.
- Notes: Implementation considerations include:<br />- What if there are deployments still running in the pool?<br>- Wait until they terminate, force termination, etc.
- Name: Manage Resource Pool Application Deployments
- ID: US933
- Description: As a System Adminstrator, I need to manage the application deployments in a resource Pool so that operational processes can be performed.
- Notes:
- Children:
  - Name: Connect to Appllication Deployment Instance Console
  - ID: US940
  - Description: As an Infrastructure Consumer, I want to connect and interact with a (server) instance that is a member of my Application Deployment so that I may perform operational and administrative tasks.
  - Notes: Implementation Considerations:<br /><br>- Security, Instance keys<br>- Network access (management network?)
  - Name: Review Resource Pool Running Application Deployments
  - ID: US934
  - Description: As a System Administrator, I would like to see the applications deployments running in a resource Pool and review their primary attributes so that I may monitor applications running in the cloud.
  - Notes: Implementation Notes:<br /><br>- How to view, filter, organize? Pretty View and List view concepts<br>- Primary attributes such as name, owner, template, duration, operatonal state, etc.
  - Name: Restart Application Deployment Instance
  - ID: US936
  - Description: As a System Administrator, I would like to restart a machine instance of the Application Deployment so that I may restore the operational capacity of the Application Deployment.
  - Notes:
  - Name: Scale Application Deployment
  - ID: US941
  - Description: As a System Adminsitrator, I need scale my Application Deployment in the cloud so that I can add or remove capacity from the tiers of my application in order to optimally provision (thereby managing expense).
  - Notes:
  - Children:
    - Name: Remove Instance From Running Application Deployment
    - ID: US943
    - Description: As a System Administrator, I want to scale down the computing capacity of my running Application Deployment so that I may respond to a decrease in the utilization of the application and optimally provision the application (e.g. thereby reducing expense)
    - Notes: Implementation Consideration:<br /><br>- Again, does scaling only apply to multi-tier apps?<br>- Need to prevent the removal of the last system in a tier?<br>- etc.
    - Name: Add Instance to Running Application Deployment
    - ID: US942
    - Description: As a System Administrator, I want to scale up the computing capacity of my running Application Deployment so that I may increase the performance modularly so that I may respond to increases in utilization of the application.
    - Notes: Implementation Notes:<br /><br>- Trace back from deployment to templates to know the systems that can be added<br>- Can this operation be supported for single server apps? It may require other (network) services to be added to app in which case stop and relaunch may be the way to do this<br>- For multi-tier apps, the operation will need to be contextual to the application definition (e.g. launch/add into tier topology)
  - Name: Review Application Deployment Instances
  - ID: US937
  - Description: As a System Administrator, I need to review all the instances that comprise an Application Deployment so that I may monitor the operational status of the application.
  - Notes: Implementation Considerations:<br /><br>- An application deployment will contain one or more instances<br>- Review the list of instances<br>- Review the primary attributes of an instance (name, uptime, operational status, etc.)<br>- Instance Log review<br>- etc.
  - Children:
    - Name: Review Application Deployment Instance Topology
    - ID: US938
    - Description: As a System Administrator, I want to view the topology of the instances in an Application Deployment so that I may understand and verify the server and network relationships.
    - Notes: Implementaiton Consideration:<br /><br>- Rendered view<br>- Of abstracted resources<br>- Addressing details, etc.<br>- Hover over item, drill into
  - Name: Terminate Application Deployment
  - ID: US935
  - Description: As a System Administrator, I need to terminate an application deployment running in the cloud so that I may reelase the cloud resources that associated with the resource Pool.
  - Notes: Implementation Considerations:<br /><br>- Temination should include all instances that are associated with the application deployment<br>- Subscriptions, etc. should be returned<br>- How do you synch the termination so that there aren’t a flood of application exceptions/errors triggered
- Name: Manage Resource Pool Instance Quota
- ID: US929
- Description: As a System Administrator, I need to define a limit to the number of running virtual machine instances that will be allowed to run in the resource Pool so that I may limit the aggregate cloud (instance) resources that users assigned to the pool can concurrently consume.
- Notes: Implementation consideration:<br />- The launch of a multi-tier application should check first that entire app can be launched within quota<br>- Specifically, is this a check at request time or will it be applied during launch processing<br>- If there are concurrent launches in progress, what will the behavior be (e.g. when does quota get decremented)
- Children:
  - Name: Resource Pool Instance Quota Notification
  - ID: US931
  - Description: As a System Administrator, I would like to receive a notification when the instance quota for a resource pool reaches a threshold so that I may consider increasing the instance quota limitation for the resource pool.
  - Notes:
  - Name: Review Resource Pool Instance Quota
  - ID: US930
  - Description: As a System Administrator, I would like to review the consumption of the instance quota for a resource Pool so that I may understand its current utilization.
  - Notes:
  - Name: Update Resource Pool User Instance Quota
  - ID: US939
  - Description: As a System Administrator, I would like to modify the User instance quota for a resource Pool so that I may adapt to the utilization of cloud resources by users associated with the Pool.
  - Notes: Implementation Considerations:<br /><br>- Similar to Pool instance quota<br>- Instance quota limitation on a per user basis. <br>- Presumption that User is the “Owner” of a Deployment.
  - Name: Update Resource Pool Instance Quota
  - ID: US932
  - Description: As a System Administrator, I would like to modify the instance quota for a resource Pool so that I may adapt to the utilization of cloud resources by users associated with the Pool.
  - Notes: Implementaion Consideration:<br /><br>- When the quota is redueced, what behaviors should there be if running instances exceeds reduced quota?<br>- How is unlimited quota expressed (e.g. no limit)<br>- Is not quota an allowed value?

Name: Non-functional requirements
ID: US823
Description: See childrenz!
Notes:
Children:
- Name: STUB: Scaling minimums [Epic]
- ID: US902
- Description: Systems/Resources: 250,000? <div>Users: 1000?</div>
- Notes:
- Name: Section 508 Accessibility
- ID: US912
- Description: Note: <a href="[http://en.wikipedia.org/wiki/Web\_accessibility">http://en.wikipedia.org/wiki/Web\_accessibility</a>](http://en.wikipedia.org/wiki/Web_accessibility%22>http://en.wikipedia.org/wiki/Web_accessibility</a>)
- Notes:
- Children:
  - Name: 508: Color Blindness
  - ID: US909
  - Description: As a color blind user,<br /><br>I want to be able to use the CloudForms UI,<br><br>so that I can clearly differentiate between color differences<br><br>NOTE: <a href=“[https://bugzilla.mozilla.org/show\_bug.cgi?id=578994">https://bugzilla.mozilla.org/show\_bug.cgi?id=578994</a> is](https://bugzilla.mozilla.org/show_bug.cgi?id=578994%22>https://bugzilla.mozilla.org/show_bug.cgi?id=578994</a> is) a start / example of what needs to be done.<br>Also… <a href=”[http://en.wikipedia.org/wiki/Web\_accessibility">http://en.wikipedia.org/wiki/Web\_accessibility</a>](http://en.wikipedia.org/wiki/Web_accessibility%22>http://en.wikipedia.org/wiki/Web_accessibility</a>)
  - Notes:
  - Name: 508: Motor-skills disability
  - ID: US980
  - Description: As a disabled user,<br /><br>I want the UI to be insensitive to motor-skill mistakes;<br>I want the UI to not rely on absolute precision;<br><br>so that destructive actions require reasonable “are you sure” dialogs and buttons, forms, and links can be selected and edited without requiring skilled hand/eye coordination<br><br>NOTE: <a href=“[http://en.wikipedia.org/wiki/Web\_accessibility">http://en.wikipedia.org/wiki/Web\_accessibility</a>](http://en.wikipedia.org/wiki/Web_accessibility%22>http://en.wikipedia.org/wiki/Web_accessibility</a>)
  - Notes:
  \
  - Name: 508: Auditory, Seizure sufferers, Mental disability
  - ID: US979
  - Description: As a disabled user,<br /><br>I don’t want to be presented with unnecessary blinking/flashing objects;<br>I don’t want the interface to rely on any auditory clues;<br>But I don’t expect the interface to be so simplified in deference to exceptionally mentally challenged persons,<br><br>so that the interface is clean, simple, but robust without sacrificing potential powerful workflows.<br><br>NOTE: <a href=”[http://en.wikipedia.org/wiki/Web\_accessibility">http://en.wikipedia.org/wiki/Web\_accessibility</a><br>](http://en.wikipedia.org/wiki/Web_accessibility%22>http://en.wikipedia.org/wiki/Web_accessibility</a><br>)
  - Notes:
  - Name: 508: Visual acuity
  - ID: US981
  - Description: As a disabled user,<br /><br>I want to be able to zoom in and zoom out of the UI with losing a sensible structure of the UI and without losing functionality,<br><br>so that if I need to zoom in to see information that the UI is still usable<br><br>NOTE: <a href=“[http://en.wikipedia.org/wiki/Web\_accessibility">http://en.wikipedia.org/wiki/Web\_accessibility</a>](http://en.wikipedia.org/wiki/Web_accessibility%22>http://en.wikipedia.org/wiki/Web_accessibility</a>)
  - Notes:
  \
  - Name: 508: VPAT declarations
  - ID: US987
  - Description: As a CloudForms prospect,<br /><br>I want to be best informed how CloudForms complies with Section 508 by reading a posted VPAT declaration for each component of CloudForms,<br><br>so that I can make a decision about CloudForms acceptability in my organization<br><br>NOTE: <a href=”[http://en.wikipedia.org/wiki/Web\_accessibility">http://en.wikipedia.org/wiki/Web\_accessibility</a><br>and](http://en.wikipedia.org/wiki/Web_accessibility%22>http://en.wikipedia.org/wiki/Web_accessibility</a><br>and) <a href=“[http://www.itic.org/resources/voluntary-product-accessibility-template-vpat/">http://www.itic.org/resources/voluntary-product-accessibility-template-vpat/</a><br>and](http://www.itic.org/resources/voluntary-product-accessibility-template-vpat/%22>http://www.itic.org/resources/voluntary-product-accessibility-template-vpat/</a><br>and) <cite><a href=”[http://www.state.gov/documents/organization/126552.pdf">http://www.state.gov/documents/organization/126552.pdf</a><br></cite>](http://www.state.gov/documents/organization/126552.pdf%22>http://www.state.gov/documents/organization/126552.pdf</a><br></cite>)
  - Notes:
- Name: Localization / Internationalization
- ID: US983
- Description: See children
- Notes:
- Children:
  - Name: Localization / Internationalization: remaining RHEL-normalezed
  - ID: US974
  - Description: As a user,<br /><br>I want CloudForms to be localized to remaining RHEL supported languages
  - Notes:
  - Name: Localization / Internationalization: Korean
  - ID: US972
  - Description: As a user,<br /><br>I want CloudForms to be localized to Korean
  - Notes:
  - Name: Localization / Internationalization: timezones
  - ID: US976
  - Description: As a user,<br /><br>I want CloudForms to honor my browser timezone settings<br><br>so that I can see and experience all dates and times in my locale
  - Notes:
  - Name: Localization / Internationalization: Japanese
  - ID: US968
  - Description: As a user,<br /><br>I want CloudForms to be localized to Japanese
  - Notes:
  - Name: Localization / Internationalization: French
  - ID: US969
  - Description: As a user,<br /><br>I want CloudForms to be localized to French
  - Notes:
  - Name: Localization / Internationalization: Chinese Simplified
  - ID: US971
  - Description: As a user,<br /><br>I want CloudForms to be localized to Chinese Simplified
  - Notes:
  - Name: Localization / Internationalization: Chinese Traditional
  - ID: US973
  - Description: As a user,<br /><br>I want CloudForms to be localized to Chinese Traditional
  - Notes:
  - Name: Localization / Internationalization: Portuguese
  - ID: US970
  - Description: As a user,<br /><br>I want CloudForms to be localized to Portuguese <br><br> <div><br /></div>
  - Notes:
  - Name: Localization / Internationalization: English
  - ID: US967
  - Description: As a user,<br /><br>I want CloudForms to be localized to English
  - Notes:
  - Name: Localization / Internationalization: date and time formats
  - ID: US975
  - Description: As a user,<br /><br>I want CloudForms to allow my choice of date and time formats
  - Notes:
- Name: Browsers and such
- ID: US982
- Description: See children for more info
- Notes:
- Children:
  - Name: Browser support
  - ID: US910
  - Description: As a user, any user,<br /><br>I want to be able to use the browser of my choice<br><br>so that browsers like…<br> <ul> <li>Internet Explorer vBLAH or better </li> <li>Firefox vBLAH or better</li> <li>Chrome vBLAH or better</li> </ul> …function but I don’t care so much about…<br /> <ul> <li>Safari<br /></li> <li>Opera</li> </ul>
  - Notes:
  - Name: Mobile support: Android
  - ID: US977
  - Description: As a user, any user,<br /><br>I want to be able to functionally use my Android smartphone<br><br>so that I can login and view status and respond to alerts and notifications
  - Notes:
  - Name: Mobile support: iPhone
  - ID: US978
  - Description: As a user, any user,<br /><br>I want to be able to functionally use my iPhone smartphone<br><br>so that I can login and view status and respond to alerts and notifications
  - Notes:
- Name: Release Engineering
- ID: US984
- Description: See children for more info
- Notes:
- Children:
  - Name: RHN Channel
  - ID: US986
  - Description: As a CloudForms developer or tester,<br /><br>I want to CloudForms to be installable and accessible as a CloudForms user would<br><br>so that I can install and update CloudForms via software access in some RHN or RHN-like channel
  - Notes:
  - Name: Brew-based builds
  - ID: US985
  - Description: As a CloudForms release engineer,<br /><br>I want to be able to build CloudForms in brew
  - Notes:

Name: STUB: CloudForms deployment procedures, architectures, topology, etc.
ID: US818
Description: Things like… <div><br /></div> <div>Installation</div> <div>Backup and Restore</div> <div>HA</div> <div>Federation</div> <div>Clustering failover configuration</div> <div>Clustering failover stateful (?)</div>
Notes:
Children:
- Name: Cold Backup and Restore
- ID: US901
- Description: As an admin, <div><br /></div> <div>I want a procedure to place CloudForms into “maintenance mode”, back it up, and then restore it from backup,</div> <div><br /></div> <div>so that I can gracefully manage this process :)</div>
- Notes:
- Name: Smart Proxy installation
- ID: US819
- Description: As an admin, <div><br /></div> <div>I want to be able to deploy Smart Proxies as an add-on to CloudForms proper in my datacenters and/or providers,</div> <div><br /></div> <div>so that I can scale out my deployment and jump networks.</div>
- Notes:
- Name: Endpoint security expiration notification
- ID: US992
- Description: As an admin, <div><br /></div> <div>I want to be informed of impending security expirations for any endpoints</div> <div><br /></div> <div>so that CloudForms is operationally secure (cryptic communications) and endpoints are correctly authenticated without interruption</div>
- Notes:
- Name: CloudForms installation
- ID: US988
- Description: As an admin, <div><br /></div> <div>I want to be able to download CloudForms ISO (s) and install to one or more federated servers,</div> <div><br /></div> <div>so that I can deploy as either connected or disconnected</div>
- Notes:
- Name: Endpoint security update
- ID: US991
- Description: As an admin, <div><br /></div> <div>I want to gracefully redeploy updated security credentials to all endpoints,</div> <div><br /></div> <div>so that CloudForms is operationally secure (cryptic communications) and endpoints are correctly authenticated without interruption</div>
- Notes:
- Name: HA CloudForms installation
- ID: US993
- Description: As an admin, <div><br /></div> <div>I want to be able to install CloudForms in an HA context,</div> <div><br /></div> <div>so that I rest assured that if a component goes down, CloudForms does not go down</div>
- Notes:
- Name: Hot Backup and Restore
- ID: US989
- Description: As an admin, <div><br /></div> <div>I want a procedure to backup a running instance of CloudForms and then restore it,</div> <div><br /></div> <div>so that usage of the platform is minimally paused and the infrastructure doesn’t need to necessarily shutdown</div>
- Notes:
- Name: Endpoint security deployment
- ID: US990
- Description: As an admin, <div><br /></div> <div>I want to deploy security credentials to all endpoints,</div> <div><br /></div> <div>so that CloudForms is operationally secure (cryptic communications) and endpoints are correctly authenticated</div>
- Notes:

Name: STUB: Client Registration and Subscription
ID: US895
Description: I.e., the process of registration and subscription
Notes:
Children:
- Name: Subscription compliance
- ID: US695
- Description: As an internal auditor, <div><br /></div> <div>I want to ensure that end systems under management are compliance to purchased products/SKUs from Red Hat, third party, and internal sources,</div> <div><br /></div> <div>so that these managed systems do not violate contract.</div>
- Notes:
- Name: STUB: Subscription determination and consumption
- ID: US897
- Description:
- Notes:
- Name: STUB: Activation keys
- ID: US896
- Description:
- Notes:
- Name: STUB: Existing Client bootstrapping
- ID: US913
- Description:
- Notes:

Name: STUB: Reporting and Audit
ID: US891
Description:
Notes:
Children:
- Name: ? OpenVAS?
- ID: US906
- Description: From US Patent and Trade Office… <div>“Scenarios: Build an environment to use Nessus (OpenVAS in the future), scale as we rev rev rev, scans clean and get it into the baseline early. I.e., we are compliant early in the development process. We need to push security to the beginning of the life cycle”</div>
- Notes:
- Name: STUB: PCI DSS Compliance Reporting
- ID: US903
- Description:
- Notes:
- Name: STUB: JasperSoft adhoc reporting
- ID: US894
- Description:
- Notes:
- Name: STUB: spacewalk-reports-like canned reporting
- ID: US893
- Description:
- Notes:
- Name: ??? OpenSCAP Support
- ID: US892
- Description: Or should this be a configuration and compliance thing?
- Notes:
- Name: STUB: FISMA Compliance Reporting
- ID: US904
- Description:
- Notes:
- Name: ??? Tenable?
- ID: US907
- Description:
- Notes:

Name: STUB: Multi-tenancy
ID: US853
Description:
Notes:
Children:
- Name: STUB: Organizations
- ID: US890
- Description:
- Notes:
- Name: STUB: Tenants
- ID: US889
- Description:
- Notes:

Name: STUB: Subscription “repo” management
ID: US914
Description:
Notes:

Name: STUB: Configuration repo management
ID: US854
Description:
Notes:

Name: Content repo management
ID: US691
Description: As an administrator, <div>       <div>I want to be able to schedule and synchronize authorized content from Red Hat, third party, and internal/external basic repo sources to my on-premise repositories,</div> <div><br /></div> <div>so that I can define and manage products to be consumed by my templates.</div> </div>
Notes:
Children:
- Name: ??? Standard Operating Environments in the Cloud
- ID: US672
- Description: As a System Administrator, I need to maintain the software that is specific to providers, templates and virtual images so that Infrastructure Users can utilize standard operating environments for their application servers.
- Notes:
- Name: Securely connect to a public cloud provider CDN (eg. Amazon)
- ID: US837
- Description: As an admin, <div><br /></div> <div>I want to be able to connect to a cloud provider’s CDN (for example, Amazon)</div> <div><br /></div> <div>so that I can have access to that cloud provider’s OS images (for example Amazon’s AMIs)</div>
- Notes:
- Name: Associate Amazon AMIs to products
- ID: US840
- Description: As an admin, <div><br /></div> <div>I want an Amazon AMI to identify as a member of a product object</div> <div><br /></div> <div>so that the AMI is accessible to anything that has access to the associated product</div>
- Notes:
- Name: Associate Red Hat Base OSes to products
- ID: US839
- Description: As an admin, <div><br /></div> <div>I want a RH base OS to identify as a member of a product object</div> <div><br /></div> <div>so that the base OS is accessible to anything that has access to the associated product</div>
- Notes:
- Name: Support RH Errata
- ID: US830
- Description: As an admin, <div><br /></div> <div>I want to be able to sync errata metadata that are associated to a RH product or repo</div> <div><br /></div> <div>so that we have the concept of errata available for inclusion in templates</div>
- Notes:
- Name: Govern access to public cloud provider’s CDN content via subscription entitlement
- ID: US838
- Description: As cloud provider, <div><br /></div> <div>I want to govern access to our content via subscription similarly to what Red Hat does</div> <div><br /></div> <div>so that customers consume only what they have purchased, and so that they meet their own compliance requirements</div>
- Notes:
- Name: Support 3rd party Errata
- ID: US831
- Description: As an admin, <div><br /></div> <div>I want to be able to sync 3rd party errata metadata that are associated to a 3rd party product or repo</div> <div><br /></div> <div>so that we have the concept of errata available for inclusion in templates</div>
- Notes:
- Name: Support RPM comps
- ID: US841
- Description: As an admin, <div><br /></div> <div>I want to be able to sync comps information when I sync products and repos</div> <div><br /></div> <div>so that we have the concept of comps available for inclusion in templates and promotable into environments</div>
- Notes:
- Name: Support RPM repos (YUM)
- ID: US807
- Description: As an admin, <div><br /></div> <div>I want to be able to understand the particulars of RPMs and YUM</div> <div><br /></div> <div>so that CDNs can be easily set up as YUM repos</div>
- Notes:
- Name: Support Base OS ISOs
- ID: US808
- Description: As an admin, <div><br /></div> <div>I want to be able to sync Base OS ISOs that represent prepared, minimalist jeOS bootable disk images that are associated to products and repos</div> <div><br /></div> <div>so that they can be used as foundations for SOE and instance templates</div>
- Notes: Example: jeOS ISOs
- Name: Connect to arbitrary CDNs
- ID: US798
- Description: As an admin, <div><br /></div> <div>I want to be able to easily configure CloudForms to connect to any number of arbitrary CDNs via an authenticated or non-authenticated SSL session,</div> <div><br /></div> <div>so that I can have access to content without firm requirements for security</div>
- Notes:
- Name: Import CDN content from disk
- ID: US802
- Description: As an admin, <div><br /></div> <div>I want to incrementally import CDN content into CloudForms that was previously sync’ed to disk,</div> <div><br /></div> <div>so that I don’t have to have CloudForms directly connected outside of my network</div>
- Notes: Can this be done by keeping the syncing mechanism separate, architecturally, from CloudForms proper?
- Name: Create custom products/repos via filters
- ID: US813
- Description: As an admin, <div><br /></div> <div>I want to create custom spins of content via the use of filters that block list specific content or allow only certain specific content versions</div> <div><br /></div> <div>so that I can define a custom spin as “base content product or repo” plus filter rules</div>
- Notes: Note: filtered product or repo is now addressable by its only label, tag or other identifying thing
- Name: Support Red Hat Product syncing
- ID: US811
- Description: As an admin, <div><br /></div> <div>when appropriate, I want to be able to sync Red Hat products instead of repos if thusly defined,</div> <div><br /></div> <div>so that I avoid the complexity of many repos representing a single subscribed product</div>
- Notes:
- Name: Govern access to Red Hat CDN content via subscription entitlement
- ID: US804
- Description: As Red Hat, <div><br /></div> <div>we want CloudForms customers to only have access to content they have paid for</div> <div><br /></div> <div>so that we both avoid customers consuming what they haven’t purchased, and so that they meet their own compliance requirements</div>
- Notes:
- Name: Support arbitrary “any content” repos
- ID: US810
- Description: As an admin, <div><br /></div> <div>I want to be able to sync repos that contain arbitrary files</div> <div><br /></div> <div>so that I can eventually deliver these files to end systems and instances</div>
- Notes:
- Name: Schedule CDN synchronization
- ID: US800
- Description: As an admin, <div><br /></div> <div>I want to be able to set and alter synchronization schedules for each CDN CloudForms connects to,</div> <div><br /></div> <div>so that I can absolutely control when and how often synchronization occurs</div>
- Notes:
- Name: Support tar ball archive repos
- ID: US809
- Description: As an admin, <div><br /></div> <div>I want to be able to consume repos that contain tarballs</div> <div><br /></div> <div>so that I can also deliver these to end systems</div>
- Notes:
- Name: Securely connect to Red Hat CDN
- ID: US797
- Description: As an admin, <div><br /></div> <div>I want to CloudForms to automatically be configured, by default, to connect to Red Hat’s CDN in an authenticated SSL session</div> <div><br /></div> <div>so that CloudForms can have access to content delivered by Red Hat</div>
- Notes:
- Name: Sync content from CDN providers
- ID: US803
- Description: As an admin, <div><br /></div> <div>I want to incrementally sync content (only what I don’t have already) from CDN providers,</div> <div><br /></div> <div>so that I can have that content available for consumption by end systems</div>
- Notes:
- Name: Sync CDN content to disk
- ID: US801
- Description: As an admin, <div><br /></div> <div>I want to be able to incrementally synchronize CDN content to storage media</div> <div><br /></div> <div>so that I can stage that content for import into CloudForms, but leave CloudForms disconnected from the CDNs</div>
- Notes:
- Name: Disable syncing of CDN’s upon subscription expiration
- ID: US806
- Description: As Red Hat or a 3rd party CDN provider that governs content by subscription, <div><br /></div> <div>I want CDN sync-flow to cease until subscription compliance is re-established if it expires</div> <div><br /></div> <div>so that the service that is new content is properly paid for and that a customer maintains their own compliance needs</div>
- Notes:
- Name: Support 3rd party Product syncing
- ID: US812
- Description: As an admin, <div><br /></div> <div>when appropriate, I want to be able to sync 3rd party products instead of repos if thusly defined,</div> <div><br /></div> <div>so that I avoid the complexity of many repos representing a single subscribed product</div>
- Notes:
- Name: Support Amazon Base OSes (AMIs)
- ID: US828
- Description: As an admin, <div><br /></div> <div>when appropriate, I want to be able to sync Amazon supported Base OSes (jeOSes or AMIs) as precreated by Amazon</div> <div><br /></div> <div>so that have all core bootable ISOs needed for foundational template work that are in compliance with Amazon’s requirements</div>
- Notes:
- Name: Govern access to 3rd Party CDN content via subscription entitlement
- ID: US805
- Description: As a 3rd party CDN provider, <div><br /></div> <div>I want to govern access to our content via subscription similarly to what Red Hat does</div> <div><br /></div> <div>so that customers consume only what they have purchased, and so that they meet their own compliance requirements</div>
- Notes:
- Name: Support Red Hat Base OSes (jeOSes)
- ID: US827
- Description: As an admin, <div><br /></div> <div>when appropriate, I want to be able to sync Red Hat base OSes (jeOSes) as precreated by RH</div> <div><br /></div> <div>so that have all core bootable ISOs needed for foundational template work</div>
- Notes:
- Name: Securely connect to 3rd Party CDN
- ID: US799
- Description: As an admin, <div><br /></div> <div>I want to be able to connect to a 3rd party CDN that uses authenticated SSL to deliver its products,</div> <div><br /></div> <div>so that I can have secure access to its content</div>
- Notes:

Name: Life cycle environments and paths
ID: US720
Description: As an admin, <div><br /></div> <div>I want life cycle environments and environmental promotional paths,</div> <div><br /></div> <div>so that templates, which define end system state, can have life cycle context.</div>
Notes:
Children:
- Name: Create llife cycle environment
- ID: US721
- Description: As an admin, <div><br /></div> <div>I want to be able to create a life cycle environment, with a descriptive label,</div> <div><br /></div> <div>so that I can associate it to templates, content, and config in order to give them life cycle context/scope.</div>
- Notes:
- Name: Alter life cycle promotional paths
- ID: US723
- Description: As an admin, <div><br /></div> <div>I want to be able to perform CRUD actions on an existing life cycle path of linked environments,</div> <div><br /></div> <div>so that I can reorder environmental paths of promotion to suit changing need of scope progression within the organization</div>
- Notes:
- Name: Moderated promotion
- ID: US911
- Description: As an admin, <div><br /></div> <div>I want a promotion of any object from one environment to another to go through an approval process</div> <div><br /></div> <div>so that we have a check and balance process</div> <div><br /></div> <div><br /></div> <div>NOTE: Too vague, but gets the point across. Moderated actions is something we need for all actions. Maybe a permission flag? Dunno.</div>
- Notes: Q: Do we want to optionally drag all the associated objects with it?
- Name: content object promotion
- ID: US846
- Description: As an admin, <div><br /></div> <div>I want to be able to promote a content object (product, package, erratum, comps grouping) from its current environment to the next environment on the environment path</div> <div><br /></div> <div>so that the object is available in the context of that next environment</div>
- Notes: Q: Do we want to optionally drag all the associated objects with it?
- Name: object availability (comps grouping)
- ID: US845
- Description: As an admin, <div><br /></div> <div>I want to be able to promote a specific comps group (and associated packages, from the root environment (locker) to an environment linked to the content locker (target environment contains repo to be updated),</div> <div><br /></div> <div>so that I can make that object available for usage within the scope of the target environment</div>
- Notes:
- Name: object availability (template)
- ID: US788
- Description: As an admin, <div><br /></div> <div>I want to be able to promote a template object from the root environment (locker) to an environment linked to the content locker,</div> <div><br /></div> <div>so that I can make that object available for usage within the scope of the target environment</div>
- Notes:
- Name: object availability (config repo)
- ID: US792
- Description: As an admin, <div><br /></div> <div>I want to be able to promote a configuration repo object from the root environment (locker) to an environment linked to the content locker,</div> <div><br /></div> <div>so that I can make that object available for usage within the scope of the environment promoted into</div>
- Notes:
- Name: Destroy life cycle environment
- ID: US784
- Description: As an admin, <div><br /></div> <div>I want to be able to destroy a life cycle environment</div> <div><br /></div> <div>so that I can restructure how my environments are defined and terminate associates to this environment</div>
- Notes: Question: What happens to associated objects?
- Name: Root environment (Locker)
- ID: US787
- Description: As an admin, <div><br /></div> <div>I want there to be a root environment that all life cycle promotion paths branch from (the locker),</div> <div><br /></div> <div>so that all paths can have access, potentially, to all available content and configuration</div>
- Notes:
- Name: object availability (repo)
- ID: US790
- Description: As an admin, <div><br /></div> <div>I want to be able to promote a repo object (non-product) from the root environment (locker) to an environment linked to the content locker,</div> <div><br /></div> <div>so that I can make that object available for usage within the scope of the environment promoted into</div>
- Notes:
- Name: object availability (ISO)
- ID: US791
- Description: As an admin, <div><br /></div> <div>I want to be able to promote an ISO object from the root environment (locker) to an environment linked to the content locker,</div> <div><br /></div> <div>so that I can make that object available for usage within the scope of the environment promoted into</div>
- Notes:
- Name: object availability (product)
- ID: US789
- Description: As an admin, <div><br /></div> <div>I want to be able to promote a product repository object from the root environment (locker) to an environment linked to the content locker,</div> <div><br /></div> <div>so that I can make that object available for usage within the scope of the environment promoted into</div>
- Notes:
- Name: XXX object availability (filtered product/repo)
- ID: US814
- Description: As an admin, <div><br /></div> <div>I want to be able to promote a filtered object from the root environment (locker) to an environment linked to the content locker,</div> <div><br /></div> <div>so that I can make that object available for usage within the scope of the target environment</div>
- Notes:
- Name: object availability (errata)
- ID: US793
- Description: As an admin, <div><br /></div> <div>I want to be able to promote a specific erratum or set of errata (and associated packages), from the root environment (locker) to an environment linked to the content locker (target environment containing the repo to be updated),</div> <div><br /></div> <div>so that I can make that object available for usage within the scope of the target environment</div>
- Notes:
- Name: Create life cycle promotional paths
- ID: US786
- Description: As an admin, <div><br /></div> <div>I want to be able to link (associate with an order) environments creating a path of life cycle promotion,</div> <div><br /></div> <div>so that objects associated to an environment can follow a logical path of scope/life-cycle context promotion</div>
- Notes: Maybe create environments as we go?
- Name: template object promotion
- ID: US816
- Description: As an admin, <div><br /></div> <div>I want to be able to promote a template from its current environment to the next environment on the environment path and, in the process, bump its version</div> <div><br /></div> <div>so that the two versions can be altered independently of each other keeping context with the environment the template resides</div>
- Notes: Q: Do we want to optionally drag all the associated objects with it? For example, if I promote an Application Template, I would think that all associated Runtime Templates would be promoted as well… and the SOE Templates associated the Runtime Templates… and the products, packages, errata, jeOSes, etc…

Name: STUB: Base-OS / jeOS
ID: US944
Description:
Notes:

Name: SOE/Image Template management
ID: US817
Description: As an admin, <div><br /></div> <div>I want to manage Standard Operating Environment (SOE) Templates, made up of jeOS Templates (base operating system), additional software content, and configuration</div> <div><br /></div> <div>so that I can define the standard operating environment (SOE) for application server instances and ongoing runtime management in the cloud.</div> <div><br /></div> <div><br /></div> <div>Everything is done in the context of an environment</div>
Notes: <div style=“background-color: transparent;”><font class=“Apple-style-span” face=“Arial”><span class=“Apple-style-span” style=“font-size: 14px; white-space: pre-wrap;”><br /></span></font></div>
Children:
- Name: Review products for SOE Template
- ID: US715
- Description: <div> <div>As an admin,</div> <div><br /></div> <div>I would like to review the set of available products in the template’s environment</div> <div><br /></div> <div>so that I may select one for inclusion in the SOE Template.</div> </div> <div><br /></div>
- Notes:
- Name: Configure kickstart rules for SOE Template [Epic]
- ID: US856
- Description: As an admin, <div><br /></div> <div>I want to optionally build kickstart rules for a SOE Template</div> <div><br /></div> <div>so that if the Template is targeting a traditional datacenter system, the “image” is built on that system versus deployed as a binary image</div>
- Notes:
- Name: Select additional packages for SOE Template
- ID: US844
- Description: As an admin, <div><br /></div> <div>I want to select a set of packages, beyond the core jeOS base OS image</div> <div><br /></div> <div>so that the SOE meets our internal spec for an SOE</div>
- Notes:
- Name: Create and store images representing an SOE Template [Epic]
- ID: US829
- Description: As an admin, <div><br /></div> <div>I want to selected a completed SOE Template (has products and associated jeOSes), pick target types, and trigger the image creation process</div> <div><br /></div> <div>so that images are created for each target type and stored for future usage in some image store location</div> <div>and so that a decomposed package manifest is snapshot’ed reflecting build-based traditional management as one of the target types (maybe)</div>
- Notes:
- Name: Select product for SOE Template
- ID: US824
- Description: <div>As an admin,</div> <div><br /></div> <div>I would like to select a product and associated Base OS</div> <div><br /></div> <div>so that I may select one product for inclusion in a SOE Template.</div> <div><br /></div>
- Notes:
- Name: Create empty SOE Template
- ID: US825
- Description: As an admin, <div><br /></div> <div>I would like t create an empty SOE Template that will be used as the foundation for a Runtime Template</div> <div><br /></div> <div>so that it can then be eventually be used as part of an Application Template deployment</div> <div><br /></div>
- Notes:
- Name: Associate selected product’s Base OS to SOE Template
- ID: US826
- Description: As an admin, <div><br /></div> <div>I want to associate a selected Base OS (based on selected product) to an SOE Template</div> <div><br /></div> <div>so that it can serve as the foundation for the SOE Template</div>
- Notes:

Name: Runtime/System Template management
ID: US847
Description: As an admin, <div><br /></div> <div>I want to manage Runtime Templates consisting of a base SOE Template, additional layered products, packages, and configuration</div> <div><br /></div> <div>so that I can further define the desired end state of a running system, instance, or cloud resource</div> <div><br /></div> <div><br /></div> <div>Everything is done in the context of an environment</div>
Notes: <div style=“background-color: transparent;”><font class=“Apple-style-span” face=“Arial”><span class=“Apple-style-span” style=“font-size: 14px; white-space: pre-wrap;”><br /></span></font></div>
Children:
- Name: Select configurations for Runtime Template
- ID: US855
- Description: As an admin, <div><br /></div> <div>I want to select a set of configuration classes / scripts and associate them to a Runtime Template</div> <div><br /></div> <div>so that they are executed upon system association to the Runtime Template</div>
- Notes:
- Name: Select additional packages for Runtime Template
- ID: US852
- Description: As an admin, <div><br /></div> <div>I want to select a set of packages within the current environment and associated to the allowable products associated to the already selected SOE Template</div> <div><br /></div> <div>so that the Runtime Template meets our internal spec for an application or application component</div>
- Notes:
- Name: Create empty Runtime Template
- ID: US849
- Description: As an admin, <div><br /></div> <div>I would like t create an empty Runtime Template that will be used as a member of an application template and used to maintain running systems over time</div> <div><br /></div> <div>so that I can have completed definition for end systems</div>
- Notes:
- Name: Configuration initd services for Runtime Template
- ID: US857
- Description: As an admin, <div><br /></div> <div>I want to configure what will be running upon boot once a system is associated to a Runtime Template</div> <div><br /></div> <div>so that only the appropriate services are running on that resource</div>
- Notes:
- Name: Review SOE Templates for Runtime Template
- ID: US850
- Description: <div> <div>As an admin,</div> <div><br /></div> <div>I would like to review the set of available SOE Template in the current environment</div> <div><br /></div> <div>so that I may select one for inclusion in a Runtime Template.</div> </div> <div><br /></div>
- Notes:
- Name: Select SOE Template for Runtime Template
- ID: US851
- Description: <div>As an admin,</div> <div><br /></div> <div>I would like to select a SOE Template</div> <div><br /></div> <div>so that I may select one SOE Template for inclusion in a Runtime Template.</div> <div><br /></div>
- Notes:

Name: Application Template management
ID: US858
Description: As an admin, <div><br /></div> <div>I want to manage Application Templates consisting of a set of Runtime Template references that then have associated SOE Templates, that have associated Base OSes (jeOSes)… and configuration</div> <div><br /></div> <div>so that I can build something to deploy to cloud and traditional resources and then have them linked to and managed from their associated Runtime Templates</div> <div><br /></div> <div><br /></div> <div>Everything is done in the context of an environment</div>
Notes: <div style=“background-color: transparent;”><font class=“Apple-style-span” face=“Arial”><span class=“Apple-style-span” style=“font-size: 14px; white-space: pre-wrap;”><br /></span></font></div>
Children:
- Name: Review Runtime Templates for Application Template
- ID: US860
- Description: <div> <div>As an admin,</div> <div><br /></div> <div>I would like to review the set of available Runtime Template in the current environment</div> <div><br /></div> <div>so that I may select one or more for inclusion in an Application Template.</div> </div> <div><br /></div>
- Notes:
- Name: Configure cloud network settings for Application Template
- ID: US863
- Description: <div>As an admin,</div> <div><br /></div> <div>I want to configure any specific cloud network settings needed to satisfy deployment requirements</div> <div><br /></div> <div>so that the running instances of will have access to CloudForms and to each other</div> <div><br /></div> <div>[see notes]</div>
- Notes: <div>Not sure if we do this here or as part of the deployment execution phase. I.e., should this be a part of the template, or outside of the template?</div> <div><br /></div>
- Name: Select Runtime Templates for Application Template
- ID: US862
- Description: <div>As an admin,</div> <div><br /></div> <div>I would like to select a set of Runtime Templates</div> <div><br /></div> <div>so that I populate my Application Template with member Runtime Templates</div> <div><br /></div>
- Notes:
- Name: Create empty Application Template
- ID: US859
- Description: As an admin, <div><br /></div> <div>I would like o create an empty Application Template</div> <div><br /></div> <div>so that it can be used as a deployment container of Runtime Templates</div> <div><br /></div>
- Notes:

Name: Application deployment
ID: US865
Description: Deployment of an application template to end systems
Notes:
Children:
- Name: Execute Runtime configurations
- ID: US874
- Description: <div>As CloudForms,</div> <div><br /></div> <div>I want a registered resource to execute the configuration classes and scripts defined by the Runtime Template that resource is associated to</div> <div><br /></div> <div>so that the running instance is appropriately configured</div>
- Notes:
- Name: Select Application from Catalog
- ID: US866
- Description: As a self-service user or admin, <div><br /></div> <div>I want to review available Applications (defined by Application Templates) in an Application Catalog and select one</div> <div><br /></div> <div>so that I can then deploy it to some resource</div>
- Notes:
- Name: Select deployment resources from…cloud pool and datacenter pool? Policies?
- ID: US867
- Description: As a self-service user or admin, <div><br /></div> <div>I want to review and select available resources for each Runtime Template component making up the Application Template I have chosen,</div> <div><br /></div> <div>so that I can then deploy this application template to those resources</div>
- Notes:
- Name: Mirror (stage) chosen SOE images to cloud storage
- ID: US868
- Description: <div>As CloudForms,</div> <div><br /></div> <div>I want SOE images associated to a selected Application Template to be staged on-site within a cloud provider</div> <div><br /></div> <div>so that those images, which are of the correct target type, can be trivially deployed to resources locally</div>
- Notes:
- Name: Update package set to reflect Runtime Template
- ID: US873
- Description: <div>As CloudForms,</div> <div><br /></div> <div>I want a registered resource to update its package set to comply with what is its associated Runtime Template</div> <div><br /></div> <div>so that the running instance has its application software fully deployed</div>
- Notes:
- Name: Boot deployed resources
- ID: US871
- Description: <div>As CloudForms,</div> <div><br /></div> <div>I want newly deployed resources</div> <div><br /></div> <div>so that we have running instances and that can then register and finish runtime package installation</div>
- Notes:
- Name: Register deployed resources to Runtime Templates
- ID: US872
- Description: <div>As CloudForms,</div> <div><br /></div> <div>I want newly deployed and booted resources to register and associate to their originating Runtime Template</div> <div><br /></div> <div>so they can be finish the deployment process and prep for runtime maintenance</div>
- Notes:
- Name: Configure deployment resource policies
- ID: US870
- Description: As a self-service user or admin, <div><br /></div> <div>after I have chosen resources to deploy to, I want to configure the rules surrounding how resources are used</div> <div><br /></div> <div>so that I can then deploy this application template to those resources as configured… (lame, I know)</div>
- Notes:
- Name: Deploy SOE images to selected cloud resources
- ID: US869
- Description: <div>As CloudForms,</div> <div><br /></div> <div>I want mirrored SOE images, associated to a selected Application, deployed to the selected cloud resources governed by configured policy</div> <div><br /></div> <div>so that we have deployed images! ;)</div>
- Notes:

Name: STUB: Runtime management
ID: US864
Description: should “Patch management” epic… maybe?
Notes:
Children:
- Name: Configuration deployment
- ID: US694
- Description: As an admin, <div><br /></div> <div>I want to be able to deploy complex configurations to end systems,</div> <div><br /></div> <div>so that they remain compliant to internal and external requirements.</div>
- Notes:
- Children:
  - Name: STUB: Enable USGCB procedures
  - ID: US905
  - Description:
  - Notes:
- Name: STUB: Drift management [Epic]
- ID: US848
- Description: As an administrator, <div><br /></div> <div>I want to be able to track and remediate template to deployment changes as versions of each is altered over time,</div> <div><br /></div> <div>so that I can keep both in compliance to internal and external requirements.</div>
- Notes:
- Name: Event Management [Epic?]
- ID: US876
- Description: Maintenance windows <div>Etc.</div>
- Notes:
- Name: Patch deployment
- ID: US908
- Description: As an admin, <div><br /></div> <div>I want to be able to deploy patches to groups of end resources</div> <div><br /></div> <div>so that they remain compliant to internal and external requirements.</div>
- Notes:
- Children:
  - Name: STUB: Patch security compliance [Epic]
  - ID: US690
  - Description: As an administrator, <div>     <div>I want to ensure that security vulnerabilities (RHSAs, CVEs, etc.) are managed from template to deployment according to internal policy,</div> <div><br /></div> <div>so that, dependent on type of vulnerability, I can selectively keep end systems in compliance and templates current.</div> </div>
  - Notes:
  - Name: Address patches by group ID
  - ID: US898
  - Description: As an administrator, <div>     <div>I want to be able to select eligible patches by Comps Grouping, RHSA, CVE, or IAVA identifiers</div> <div><br /></div> <div>so that I can meet internal standards of flexible patch criteria and nomenclature</div> </div>
  - Notes:
  - Name: Address patches by severity
  - ID: US900
  - Description: As an administrator, <div>     <div>I want to be able to select eligible patches by “Severity” if that differentiation is available,</div> <div><br /></div> <div>so that I can choose whether I am picking something that is most relevant to our policies</div> </div>
  - Notes:
  - Name: Address patches by type
  - ID: US899
  - Description: As an administrator, <div>     <div>I want to be able to select eligible patches by “Type” if that type is available,</div> <div><br /></div> <div>so that I can choose whether I am deploying a Bug, Enhancement, or Security fix</div> </div>
  - Notes:

Name: Role Based Access Control
ID: US733
Description: As a Coud Architect, I need my cloud enterprise management appilcations to implement role based access control features so that the cloud oeprations will be consistent with the database management systems, security management systems, network and operating system products that are already used in the enterprise.
Notes: Use roles as opposed ot users as authorization subjects.
Children:
- Name: RBAC Conformance and Assurance
- ID: US737
- Description: As a System Administrator, I need to be able to review the creation and maintenance of the system access controls so that I may meet the needs of conformance testing and assurance.
- Notes:
- Name: Assign Permissions to Roles
- ID: US734
- Description: As a System Administrator, I want to assign permissions to roles so that I may associatte the authority and responsiblities conferred on a user assigned to the role according to the job function of the user in the context of the organization.
- Notes: Abide by the principle of least privilege<br /><br>User<~~user assignment~~>Role<~~permission assignment~~>{Permissions on Object/operations}
- Name: Add Role
- ID: US738
- Description: As a System Administrator, I want to create a new role definition so that I may organize the permissions necessary for a user needing to access resources to perform a job funciton.
- Notes:
- Name: Access Control Mechanism
- ID: US736
- Description: As a System Administrator, I need an access control mechansim so that I may protect system resources that contain or recieve information or that represent exhaustible system or cloud  resources.
- Notes:
- Name: Assign Users To Roles
- ID: US735
- Description: As a System Administrator, I need to be able to assign users to roles so that I may have a way for naming the many-to-many relationships amoung users and permissions and so that a user is not granted more access to resources than is needed for the job function the user performs.
- Notes: The implementation is to provide a command that assigns a user to a role. The command is valid for valid users and roles and the user is not already assigned to the role.
- Name: Check User Access
- ID: US743
- Description: As a System Administrator, I need the CloudForms management application to determine whether an active user is allowed or not to perform a given operation on a given object (e.g. managed entity) so that the user is prevented from accessing resources that are not required for their job function.
- Notes: The implementation should provide a function for each managed entity in the application that checks if a user is allowed or not to perform a given operaton on the selected object. The user has the permission to perform the operation iff that permission is assigned to at least one of the users active roles.
- Name: User Group Membership
- ID: US777
- Description: As a System Administrator, I want to be able to make a user a member of more than one group so that they may inherit permissions and other attributes that are associated with the group.
- Notes:
- Name: Grant Permission (on an object to a role)
- ID: US741
- Description: As a System Administrator, I want to grant a role the permission to perfrom an operation on an object to a role so that users assigned to the role may perform the operation.
- Notes: The implementation should provide a command that is valid iff the operation specified and the object represents a permission and the role is valid.<br /><br>Based on the object, the implementation will need to determine the valid operations.
- Name: Review Role Permissions
- ID: US758
- Description: As a System Administrator I need to review the set of permissions (e.g. operations on an object) granted to a role so that I can determine the access to resources for users that are assigned to the role.
- Notes: The implementation should provide a function to generate the set of permissions (e.g. an operation on an object) granted to a given role. An implementation consideration would be to organize/filter the information according to the object (e.g. managed entity) named for the role.
- Name: Groups of Users
- ID: US775
- Description: As a System Administrator, I want to manage user attributes by creating groups so that I can significantly reduce the time it takes to set up a permission model for users wit hthe same job functions.
- Notes:
- Name: Review User Permissions
- ID: US761
- Description: As a System Administrator I need to review the set of permissions (e.g. operations on an object) granted to a user so that I can determine the resources the user has access to.
- Notes: The implementation should return the permissions (e.g. operations, on a object) a user gets through the set of roles assigned to the user. <br /><br>An implemention consideration is the set of roles a user has been assigned to may be as a result of a direct assignment or as a result of the users membership in a group that has been assigned to a role.
- Name: Revoke Permission (of an operation on an object)
- ID: US742
- Description: As a System Administrator, I need to revoke teh permission to perform an operation on an object from the set of permissions assigned to the role so that users assigned to the role may no longer perform the operation.
- Notes: The implementation should provide a command that is valid iff the operation on the object represents a permission, the role is valid and the permission is currently assigned to the role.
- Name: Deassign a User From a Role
- ID: US740
- Description: As a System Administrator, I need to delete the assignment of a user to a role so the users access to resources can be revoked when the users job function changes.
- Notes: In the implementation, a command should be provided that deletes the assignment of a user to a role. The command is valid if the user is valid, the role is valid and the user is currently assigned to the role.<br /><br>It is an implementation detail on how to process with any sessions in which the user has an active role. The options are to wait for normal terminsation, forced termination or inactivate the role for the user (e.g. to apply at the start of the user’s next active session).
- Name: Clone Role
- ID: US779
- Description: As a System Administrator, I want to be able to clone an existing role so that I may rename and modify the role for assignment to users or groups on objects.
- Notes:
- Name: Assign Group Roles (Permissions) to User
- ID: US783
- Description: As a System Administrator, I need a user that has not been assigned a permission for an object to be assinged the union of priviliges (e.g. roles) assigned to the groups for that object so that the user’s group membership will define what operations the user can perform.
- Notes:
- Name: Initial RBAC Mode
- ID: US781
- Description: During the initial installation and deployment of CloudForms, as a System Administrator, I need to ensure that no users have permissions on any object (e.g. cannot view or perform and operatoin) so that I may assign permissions to users (groups) to allow them to perform the tasks necessary for their job function.
- Notes:
- Name: Delete Role
- ID: US739
- Description: As a System Administrator, I need to delete an existing role so that it is no longer used for the assignment of permissions to users.
- Notes: Implementation consideration is how to proceed with the user sessions in which the role to be deleted is active. Options could be to wait for normal termination, a forced termination or perform the deletion while allowing the session to continue.
- Name: Edit Existing Role
- ID: US780
- Description: As a System Administrato, I need to edit and existing role so that I can change the privileges selected for that role that that upon complete, the revised permissions will be applied to any user or group assigned to the role.
- Notes:
- Name: Review Object (e.g. Managed Entity) Operations
- ID: US764
- Description: As a System Administrator, I need to review the set of operations that can be performed on an object (e.g. managed entity) so that I can assign operations to a role with the least access necessary for a job function.
- Notes: The implementation should provide a general mechanism for a managed entity to provide the enumeration of operations that can be assigned to a role. <br /><br>All objects should minimally have the operation to access (e.g. read) the object.
- Name: Review Role Access on Object
- ID: US765
- Description: As a System Administrator, I need to review the set of operations that a role has been assigned on an object so that I can ensure the minimal access to the resource has been granted.
- Notes: The implementation should consider the need to select a role and then select the object to check access against.
- Name: Review Users Assigned to a Role
- ID: US744
- Description: As a System Administrator, I need to review the set of users currently assigned to a role so that I may review the the access permissions that have been granted to the users in the organization.
- Notes: The implementation should provide a command that generates the set of users that have been assigned to the role. <br /><br>An implemention consideration is the set of roles a user has been assigned to may be as a result of a direct assignment or as a result of the users membership in a group that has been assigned to a role.
- Name: Review Roles Assigned to a User
- ID: US745
- Description: As a System Administrator, I need to review the set of roles currently assigned to a user so that I may ensure they are in accordance with the uses job function in the organization.
- Notes: The implementation should provide a command that generates the set of roles that the user has been assigned to.<br /><br>An implemention consideration is the set of roles a user has been assigned to may be as a result of a direct assignment or as a result of the users membership in a group that has been assigned to a role.
- Name: Default Cloud Roles
- ID: US778
- Description: As a System Administrator, I need a default set of (permanent) cloud roles that group together sets of permissions for the predominant object access and operations so that I may assign the roles to users that will perform these defined activities across the components of the system.
- Notes: Cloud Roles can be further decomposed:<br /><br>[Examples]<br><br>NO*ACCESS role that prevents a user from accessing, viewing and performing an operation on any object <br><br>READ*ONLEY role that shall enable a usr to access and review the objects in the system but cannot perform any actions on the objects.<br><br>Self-Service user: group the permissions to access a catalog, request instantiation, access deployments running in a pool, interactions console/controls of the running vm instances, etc.<br><br>Cloud Power User - A set of priviliges to allow the user to launch, interact and manage the lifecycle of an application in the cloud as well as perform start, stop, snapshot operations, etc. Usually granted on a catalog/pool.<br><br>Cloud User - A set of privileges to allow the user to interact with an Application Deployment, access console, insert media, perform certain lifecycle operations. Does not grant privileges to make changes to the running application instance (e.g. scale, etc.). Should be described as “all priviliges, selected privileges, no privileges”<br><br>Resource and Pool Administrator - Set up providers and pools. Allow permission to grant down, etc.<br><br>Image Store - Privileges to allow a user to consume space in the image warehouse on which the role is gratned.<br><br>Power Template Developer<br><br>Analyst<br><br><br>
- Name: Review User Access On Object
- ID: US766
- Description: As a System Administrator, I need to review the set of operations a given user is permitted to perform on a given object so that I determine the access to the resource that is defined through the roles assigned to the user.
- Notes:
- Name: User Permission Precedence
- ID: US782
- Description: As a System Administrator, I need to have a permission defined for a user on an object to take precedence over all group permissions  that they might otherwise inherit so that I can realize granular access control.
- Notes:

Name: Working with Catalogs
ID: US698
Description: As a System Administrator, I need to organize and publish the inventory of Application Templates that have been created so that they can be made avaliable to on-demand self-service users of the cloud.
Notes:
Children:
- Name: Disable Catalog
- ID: US708
- Description: As a System Administrator, I need to disable a Catalog so that operations may not be performed on the Catalog contents (e.g. including requests to launch)
- Notes: Catalog may still be visible but access to it, review of contenets and launching of Application Templates should be prohibited.<br /><br>The operational status for the Catalog (disabled) should be readily determined through the interface.
- Name: Access a Catalog
- ID: US701
- Description: As a System Adminstrator, I need to access  the set of Catalogs that exist so that I may review the properties and the Application Templates that are contained in each Catalog.
- Notes:
- Name: Enable Catalog
- ID: US709
- Description: As a System Administror, I need to Enable a Catalog (that was previously Disabled) so that it may be accessed and so that operations may be performed on it.
- Notes: The complement to administratively disabling the Catalog. The contents of the Catalog should not be affected.<br /><br>The operational status for the Catalog should be readily determined through the interface.
- Name: Revoke Access To a Catalog
- ID: US705
- Description: As a System Administrator, I need to revoke access to a Catalog for one or more Infrastructure Consumers so that they may no longer access and review the Application Templates that are contained in the Catalog.
- Notes:
- Name: Add Catalog
- ID: US699
- Description: As an System Administrator, I need to create a new Catalog so that I can group the Application Templates.
- Notes:
- Name: Publish to a Catalog
- ID: US702
- Description: As a System Adminstrator, I need to publish an Application Template to a Catalog so that the Application Template may be available to an Infrstructure Consumer who will need to launch the Application Template to the cloud.
- Notes:
- Name: Delete Catalog
- ID: US706
- Description: As a System Administrator, I need to delete a Catalog so that it will no longer be used for the operation of the cloud.
- Notes:
- Name: Modify the Properties of a Catalog
- ID: US707
- Description: As a System Administrator, I need to modify the properties of a Catalog so that the operations and behaviors of the Catalog can be maintained.
- Notes: It is likely that we will have rules constraining operations on the Catalog (and other entities) based on its properties. For example, if there is the concept of a Catalog “owner”, that user may not be deleted unless the catalog ownership is changed.
- Name: Bind Catalog to an Enviornment
- ID: US700
- Description: As a System Administrator, I need to associate a Catalog to an Environment so that I may manage the Application Templates conatined in the according to the content they contain, the cloud resources the Application Templates run on and the set of Infrastructure Consumers that can request them.
- Notes:
- Name: Remove Catalog Entry
- ID: US703
- Description: As a System Administrator, I need to remove an Application Template from a Catalog so that it can no longer be accessed by an Infrastructure Consumer and launched into the cloud.
- Notes:
- Name: Grant Access to a Catalog
- ID: US704
- Description: As a System Administrator, I need to grant access to one or more Infrastructure Consumers so that they may access and review  the Application Templates that are contained in the Catalog.
- Notes:

Name: Linux 6.x Image Template
ID: US685
Description: As a System Administrator, I want to define an image template for the Linux 6.x Operating System so that it can be used as a standard operating environment for all application server instances in the cloud.
Notes: Q: Why is this specifically called out? And not just part of the “review and select” user stories.

Name: Application Release Lifecycle
ID: US684
Description: As an Infrastructure Consumer, I want to coordinated the release of my application so that I can maintain a software development lifecycle for application services in the cloud (e.g. Dev, Test, UAT, Production).
Notes: Are these environments?

Name: On Demand Infrastructure Requests
ID: US683
Description: As an Infrastructure Consumer, I need to request and decomission cloud/computing infrastructure so that I may align my application/service with a software development lifecycle and benefit from the elasiticity provided by the cloud and pay for only the resources that I use.
Notes:

Name: Usage Policies
ID: US682
Description: As the Cloud Architect, I need to set policies around the usage of resources, applications and services for the offerings made available to Infrastructure Consumers in the cloud.
Notes:

Name: Encryption Enforcement
ID: US681
Description: As the Cloud Architect, I want to enforce disk or network encryption for certain types of applications in the cloud so that corporate privacy and data security compliance requirements are met in the cloud.
Notes:

Name: Default Cloud Security Policies
ID: US680
Description: As the Cloud Architect, I want to set cloud specific default settings and security policies so that enterprise IT governance and compliance objectives are maintained for applications that run on cloud infrastructure resources.
Notes:

Name: Aggregate Cloud Provider View
ID: US679
Description: As a System Administrator, I want to rollup data from multiple cloud providers so that I may generate an aggregate view of the operation and utilizaton of the cloud (infrastructure).
Notes:

Name: Cloud Provider Instrumentation
ID: US678
Description: As a System Administrator, I want to integrate cloud provider instrumentation into my existing monitoring infrastructure so that I may monitor the cloud operations.
Notes:

Name: Backup Management
ID: US677
Description: As a System Administraor, I want to extend my existing enterprise backup management solutions into the cloud or deploy a cloud specific implementation so Infrastructure Consumers can ensure data access and resiliency for the applications they operate in the cloud.
Notes:

Name: Data Backup and Restoration (DR)
ID: US676
Description: As a System Administrator, I want to ensure that the cloud management solution I use and that providers that it manages provide adequate data backup facilities so that operations in the cloud adhere to corporate backup and retention standards.
Notes:

Name: Network Policy
ID: US675
Description: As a System Administraor, I need to enforce network policy in the cloud so that security and compliance is maintained for connecivity to the cloud.
Notes:

Name: Application Software Development Lifecycle (SDLC)
ID: US673
Description: As a System Administrator, I want to ensurer that Infrastructure Consumers can quickly deploy an application in the cloud comprised of standard system images that contain specific software so that the software development lifecycle of the application server can be attained in the cloud.
Notes:

Name: Data Replication across Cloud Providers
ID: US671
Description: As an Infrastructure Manager, I need to maintain data replications between corporate facilities and cloud providers so that cloud operations can be maintained and so that data availbility and application resiliency is attained.<br />
Notes:

Name: Network Connectivity
ID: US670
Description: As an Infrastructure Manager, I need to maintain network connectivity between corporate facilities and cloud providers so that optimal cloud operations can be maintained.
Notes:

Name: Cloud Management Tools
ID: US669
Description: As an Infrastructure Manager, I want to use management tools that aer provider neutral so that I can minimize investment and training required to make provider resources available to Infrastructure Consoumers.
Notes:

Name: Evaluate Cloud Providers
ID: US668
Description: As an Infrastructure Manager, I need to evaluate and select a cloud provider so that resources can be made availble to Infrastructure Consumers.
Notes:

Name: Multiple Hypervisors in the cloud
ID: US667
Description: As an Infrastructure Manager I want to support multiple/disparate hypervisors in the cloud so that I may account for evolving business needs.
Notes:

Name: Switch cloud providers
ID: US666
Description: As an Infrastructure Manager I need to be able to switch cloud providers so that I may bring online additional cost-effective providers.
Notes:

Name: Private Cloud using virtualization cluster installations
ID: US665
Description: As an Infrastructure Manager, I want to host a private cloud using the existing virtualization cluster installations in the enteprise so that I may attain greater utilization of the server resources and so that I may provide an on-demand self service portal for virtual machines.
Notes:

Name: GRC in the Cloud
ID: US664
Description: As an Infrastructure Manager, I need to implement audit mechanisms to track and control infrastructure management activities so that governance, risk and compliance requirements can be attained in the cloud.
Notes:

Name: Cloud Independence
ID: US663
Description: As an Infrastructure Manager, I want to implement a strategy for cloud independence so that I can adapt to the needs of the business as provider capabilties and costs change.
Notes:

Name: Reduce Operational Costs of Deploying Virtual Machines
ID: US662
Description: As an Infrastructure Manager, I need to reduce operational costs assocaited with the provisioning and deployment of virtual machines.
Notes:

Name: Application Portal
ID: US661
Description: As an Infrastructure Manager, I want to deploy infrastructure and application portals that enable self-service so that Infrastructure Consumers can acquire cloud resources on-demand.
Notes:

Name: Track Cloud Based Resources
ID: US659
Description: As an Infrastructure Manager, I want to have an asset/service management solution so that cloud based resources can be fully tracked.
Notes:

Name: Measure Cloud Provider Service Level
ID: US658
Description: As an Infrastructure Manager, I want to measure the level of service attained by a cloud provider so that I may determine when contractual agreements have been breached.
Notes:

Name: Enforce Infrastructure Standards
ID: US657
Description: As an Infrastructure Manager, I want to set and enforce standards that apply to cloud providers so that I can maintain IT governance while supporting the strategic objectives of the business to adopt an IaaS cloud service model.
Notes:

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Aeolus_User_Stories

Clone this wiki locally