Hi All,
Here is an interesting scenario I am looking to set up.
I have an instance of ODH that I have modified to user Azure AD, rather than OpenShift. The use case is that the process here for getting an OpenShift login can be a little time-consuming, and Azure AD is integrated with their on-prem AD so it's just all-around smoother.
Anyway, users are creating Notebook images that only certain users should have access to. They would come pre-installed with certain ipynb files that only particular AD Groups can use. The notebooks in this case function as applications.
I would like to have a single hub, but different users should have access to different sets of images, restricted by the AD group they are a part of.
I can think of two ways of handling this:
1. Restrict the list of images the user is able to see when at the 'spawn' page
2. Restrict the startup of the notebook server itself to users of a particular AD Group
I am guessing there hasn't been much work by the ODH team with Azure integration since the product is meant to work with OpenShift OAuth, but I am wondering, has anyone worked on generally restricting access to certain notebook images on a per-user or per-group basis, using whitelisting or some other means?
Thanks,
Alex