[MESOS-4178] Add persistent volume support to the Authorizer - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
- mesosphere
- persistent-volumes

Epic Link:
Persistence
Sprint:
Mesosphere Sprint 24
Story Points:
1

Description

This ticket is the first in a series that adds authorization support for persistent volume creation and destruction.

Persistent volumes should be authorized with the principal of the reserving entity (framework or master). The idea is to introduce Create and Destroy into the ACL.

  message Create {
    // Subjects.
    required Entity principals = 1;

    // Objects? Perhaps the kind of volume? allowed permissions?
  }

  message Destroy {
    // Subjects.
    required Entity principals = 1;

    // Objects.
    required Entity creator_principals = 2;
  }

ACLs for volume creation and destruction must be added to authorizer.proto, and the appropriate function overloads must be added to the Authorizer.

Attachments

Issue Links

is depended upon by

MESOS-4179 Extend `Master` to authorize persistent volumes

Resolved

Activity

People

Assignee:: Greg Mann

Reporter:: Greg Mann

Shepherd:: Michael Park

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 15/Dec/15 21:04

Updated:: 26/Nov/18 12:20

Resolved:: 26/Nov/18 12:20