Get all apps (UIs) listed in teleport and backstage

[JosephSalisbury]

Let's break this down into two different use cases:

• Make it simple for us to access our own tooling
• Give customers access to all our tooling to provide transparency and similar control

Teleport (only for us)

Listing all apps in teleport would replace opsctl open functionality. This should be relatively straight forward. Also backstage should be accessible via teleport.

Backstage (for us)

We need to identify if the backstage user is from Giant Swarm. This should include links to all the tools that we are deploying on the management cluster.

We might have to add the oidc proxy in front of the interfaces as well for SSO.

Backstage (for the customer)

Question is how we can give access to tools that do not support any RBAC like access. Do we need to limit customer access to certain applications only? Do we want to support a customer role/group that is allowed to see all the tools like we do?

Apps

• alertmanager
• prometheus
• hubble
• ...

[JosephSalisbury]

ping @teemow plz finish

[teemow]

Teleport currently lists access to some grafana and kyverno instances. But it doesn't look complete.

@gawertm do you remember what the state is here? Are this only Giant swarm installations? is there a reason why there are no other installations?

also /cc @stone-z

[stone-z]

It is just Giant Swarm currently because the feature was still WIP. Spyros plans to add customer MCs in the next week or so

[gawertm]

I think I am missing context of this ticket, but looks like @stone-z is on top of it :)