The National Institute for Nuclear Physics (INFN) has been operating and supporting Italy’s
largest research and academic distributed infrastructure for several decades. In March 2021,
INFN launched the “INFN Cloud” initiative which provides a federated cloud infrastructure
and a customizable service portfolio tailored for the scientific communities supported by the
institute. The federation middleware of the INFN Cloud platform is built upon the INDIGO PaaS
Orchestration system, which consists of interconnected open-source microservices. Among them, there is the INDIGO PaaS Orchestrator which receives high-level deployment requests from users and coordinates the deployment process over IaaS platforms.
In this work, we address an issue within INFN Cloud concerning the proliferation of INDIGO
Identity and Access Management (INDIGO-IAM) clients and S3 buckets. Specifically, these
resources are created during the on-demand deployment of most high-level services with no
control from the INDIGO PaaS Orchestrator. This results in a scenario where, upon deployment
deletion or failure, the related resources are not removed. This leads to an increasing number of unused INDIGO-IAM clients and buckets, consequently causing a decrease in the performance of the services hosting such resources. Our proposed solution involves delegating the management of such resources to the INDIGO PaaS Orchestrator, offering the users enough flexibility without losing control over them.