pjain1 commented on issue #9380: URL: https://github.com/apache/druid/issues/9380#issuecomment-643406533
@jon-wei I have removed config and state and added following resource types - `Server, Lookup, Compaction, Internal and Inputsource`. - Endpoints which druid nodes uses to talk to each other are covered by `INTERNAL` - Endpoints related to changing node config or getting some status of server are covered by `SERVER` - Securing Inputsource at druid side can be done using `INPUTSOURCE` resource type, however I am not sure of this approach yet, I was thinking we should somehow expose `do-as` functionality where user's credentials can be used. I believe reindexing from druid should be covered by read on datasource permission. - Lookup and Compaction configs are protected by `LOOKUP` and `COMPACTION` resources. Please have a look at `Proposed State resources` and `Proposed Config resources` tab in sheet here - https://docs.google.com/spreadsheets/d/1fXD5n9gHIL0RbAoiFnu9s_2So2c2K4W8dtQZVeCaux8/edit#gid=301120055 ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
