Hi Guillaume,

I’ve just finished watching the video playback of the February Community Advisory Board and I’m impressed how creative you guys have been in terms of re-using existing components for new use-cases.

Using an existing cloud controller as a meta service broker, just adding a mere shim in front in order to convert incoming OSB API call to CF API calls, that’s… brilliant.

The 2nd CF-as-IAM solution is very creative either. Leveraging the CF Terraform provider into a Brokerpack for the new Cloud Broker… just blew my mind.

One feedback though, is about off-boardiing. In many companies, revoking authorizations when people go away is harder that granting them in the first place. This arises for many reasons, mostly non-technical. Here with CF-as-IAM, when you update the teammates list in your team CF space, that act as a template to provision authorisations on remote foundations, how do you enforce the new authorizations to the remote foundation ? Maybe you already push those with a `cf update service` API call, but as you didn’t mention this in your talk, I was curious.

Anyway, congrats for those creative experiments around OSB API, and ways to manage complexity in large scale organisations, when provisioning large numbers of CF foundations.

Benjamin

Le 22 févr. 2021 à 18:40, Guillaume Berche <bercheg@...> a écrit :

Hi,

Orange has contributed a component to ease sharing of an open-service-broker marketplace among multiple client platforms. See cab recording at [1], and a longer full slide deck at [2] and actual repo at [3].

Before proposing this project to the cf-extension pmc (or new working group in new CF technical governance), I'd like to hear if there is community interest in using or contributing to this project ?

Thanks in advance for your feedback,

Guillaume.

[1] https://youtu.be/mStbfSaQEPk?t=1205

[2] https://docs.google.com/presentation/d/1z6NfNcqS_fmm809f1CGmFfzHGXSnSaXa/edit?dls=true

[3] https://github.com/orange-cloudfoundry/osb-cmdb