Skip to Content
PlatformAccess & Governance

Access & Governance

Authentication

All platform services authenticate through AWS Cognito (auth.nhic.moh.gov.rw). For Kubernetes-hosted services, Cognito tokens are bridged to the cluster via OAuth2/Dex (sso.nhic.moh.gov.rw).

ServiceURL
GreenRivernhic.moh.gov.rw
Supersetsuperset.nhic.moh.gov.rw
ArgoCDgitops.awseks.rhos.africa
Authauth.nhic.moh.gov.rw

User groups

Groups are managed in AWS Cognito and synced to Kubernetes via the rbac Helm chart.

GroupAccess Level
k8s-adminsFull cluster admin
k8s-read-writeDeploy and manage workloads
k8s-readonlyRead-only cluster access

Requesting access

Access is provisioned by a Platform Admin via the AWS Cognito user pool. To request access, open an issue in the internal platform tracker with:

  • Your MoH email address
  • The service you need access to
  • The group that matches your role (see tables above)
  • Your team lead or line manager for approval
Last updated on