[KUDU-428] fine-grained authorization through Sentry integration - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Resolved
Priority: Critical
Resolution: Fixed
Affects Version/s: 1.2.0
Fix Version/s: 1.10.0
Component/s: master, security, tserver
Labels:
- roadmap-candidate

Target Version/s:

1.10.0

Description

We need to support basic SQL-like access control:

grant/revoke on tables, columns
service-level grant/revoke
probably need some group/role mapping infrastructure as well

Attachments

Issue Links

relates to

KUDU-2729 Consider refreshing authorization metadata upon altering tables

Resolved

links to

design document

Sub-Tasks

1.	server-side Sentry Client		Resolved	Dan Burkert
2.	Fill-out AuthzToken definition		Resolved	Andrew Wong
3.	client authorization token support		Resolved	Andrew Wong
4.	Master access control enforcement of CREATE/ALTER/DROP table operations		Resolved	Hao Hao

Activity

People

Assignee:: Hao Hao

Reporter:: Todd Lipcon

Votes:: 13 Vote for this issue

Watchers:: 19 Start watching this issue

Dates

Created:: 31/Jul/14 13:07

Updated:: 09/Jul/19 00:37

Resolved:: 09/Jul/19 00:37