You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We currently do not support authorizing requests against HDFS.
This epic is intended to track the subtasks that we need to accomplish in order to add this functionality.
For the purpose of this epic I think we can ignore authentication, which should be covered under a separate issue: #178
This needs serious refining, below I have added a few first thoughts around this issue that hopefully can serve as pointers during refinement:
investigate if we can reuse the Ranger authorizer with OPA (I have some code available for this)
adapt operator to allow enabling secure mode
integrate with opa operator
create opa ruleset to authorize based on data sent by authorizer
define crds to specify access control lists for hdfs in k8s and cretae functionality for operator to translate this for opa
much more
The text was updated successfully, but these errors were encountered:
We currently do not support authorizing requests against HDFS.
This epic is intended to track the subtasks that we need to accomplish in order to add this functionality.
For the purpose of this epic I think we can ignore authentication, which should be covered under a separate issue: #178
This needs serious refining, below I have added a few first thoughts around this issue that hopefully can serve as pointers during refinement:
The text was updated successfully, but these errors were encountered: