[RANGER-3828] Fine-grained Access Control over nested structures - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.0.0, 2.4.0
Component/s: plugins, Ranger
Labels:
None

Description

It would be nice to be able to do fine-grained access control (FGA) over nested structures, e.g., the JSON responses of API calls. This requires the individual attributes in a JSON object to be first-class metadata objects which can be tagged and on which policies can be written. We have built a plugin and the corresponding Apache Atlas metadata structures and tagsync-mapper to support TBAC/RBAC/ABAC FGA over JSON structures. Our instigating use case was FGA over the JSON responses of API calls, but this plugin has potential value anywhere FGA over the individual attributes of nested structures is needed, eg JSON messages read from Kafka topics.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

image003.png
08/Feb/23 18:27
52 kB
Eckman, Barbara
image002.png
08/Feb/23 18:27
369 kB
Eckman, Barbara
image001.png
08/Feb/23 18:27
401 kB
Eckman, Barbara

Activity

People

Assignee:: Barbara Eckman

Reporter:: Barbara Eckman

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 13/Jul/22 16:37

Updated:: 09/Feb/23 18:20

Resolved:: 08/Oct/22 00:48