[ATLAS-2459] Authorization enhancements to support instance level access controls - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.0.0
Component/s: atlas-core
Labels:
None

Description

Current authorization model in Atlas supports policies at the level of operations - like which users/groups can create/update/delete of types/classifications/entities.

This model needs to be enhanced/replaced to support more finer level of control - for example:

control operations on entity instances based on entity-type/entity-classification/entity-id
- users/groups allowed to create/update/delete entities, add/update/remove classifications on entities, what classifications users are allowed to add/update/remove, etc
control operations on types based on type-name/type-category
- users/groups allowed to create/update/delete classifications, relationships, etc
control access to admin operations - like import/export

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

ATLAS-2459.patch
23/Feb/18 13:41
151 kB
Nixon Rodrigues

Issue Links

requires

ATLAS-2515 add classification to the entity fails if there is no read classification permission

Resolved

ATLAS-2463 Documentation for Atlas authorization at instance level

Resolved

ATLAS-2486 Policy json file for authorization in distro conf

Resolved

ATLAS-2503 Fix authorization while creating/updating EnumDef

Resolved

ATLAS-2505 Set client IP to authorization request call for audit logging.

Resolved

ATLAS-2544 Initialize Atlas Authorizer after typedef initialization

Resolved

(1 requires)

Activity

People

Assignee:: Nixon Rodrigues

Reporter:: Srikanth Venkat

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 23/Feb/18 00:18

Updated:: 16/May/18 21:09

Resolved:: 16/May/18 21:06