Uploaded image for project: 'Apache Drill'
  1. Apache Drill
  2. DRILL-5671

Set secure ACLs (Access Control List) for Drill ZK nodes in a secure cluster

    XMLWordPrintableJSON

    Details

      Description

      All Drill ZK nodes, currently, are assigned a default [world:all] ACL i.e. anyone gets to do CDRWA(create, delete, read, write, admin access). This means that even on a secure cluster anyone can perform all CRDWA actions on the znodes.

      This should be changed such that:

      • In a non-secure cluster, Drill will continue using the current default [world:all] ACL
      • In a secure cluster, all nodes should have an [authid: all] ACL i.e. the authenticated user that created the znode gets full access. The discovery znodes i.e. the znodes with the list of Drillbits will have an additional [world:read] ACL, i.e. the list of Drillbits will be readable by anyone.

        Attachments

          Activity

            People

            • Assignee:
              karthikm Karthikeyan Manivannan
              Reporter:
              karthikm Karthikeyan Manivannan
              Reviewer:
              Sorabh Hamirwasia
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: