[ https://issues.apache.org/jira/browse/ATLAS-3755?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Bolke de Bruin updated ATLAS-3755: ---------------------------------- Description: Atlas does not operate in a isolated environment, this is one of the reasons the "homeId" system attribute was introduced. Unfortunately system attributes can only be updated when importing. This means any integration with other services is significantly limited (Kafka, Rest API will not work). (See also ATLAS-3754) To resolve this I propose to make it possible to update the system attributes when policy allows it. This introduces new AtlasPrivilege.ENTITY_UPDATE_SYSTEM_ATTRIBUTE and AtlasPrivilege.ENTITY_CREATE_SYSTEM_ATTRIBUTE next to AtlasPrivilege.ENTITY_UPDATE_ATTRIBUTE and AtlasPrivilege.ENTITY_CREATE_ATTRIBUTE rather than just checking on the entity level. In certain places we will then drop the requirement for an import to be active as this can now happen through other channels as well. This allows operators to specify policies that allow granular controls over attributes and system attributes. was: Atlas does not operate in a isolated environment, this is one of the reasons the "homeId" system attribute was introduced. Unfortunately system attributes can only be updated when importing. This means any integration with other services is significantly limited (Kafka, Rest API will not work). (See also ATLAS-3754) To resolve this I propose to make it possible to update the system attributes when `homeId` is present in the entity update. An access check should then verify whether such an update can happen if a `homeId` is present. > Allow system attributes to be updated when policy allows > -------------------------------------------------------- > > Key: ATLAS-3755 > URL: https://issues.apache.org/jira/browse/ATLAS-3755 > Project: Atlas > Issue Type: Improvement > Components: atlas-core > Affects Versions: 2.0.0, 2.1.0 > Reporter: Bolke de Bruin > Assignee: Bolke de Bruin > Priority: Critical > > Atlas does not operate in a isolated environment, this is one of the reasons > the "homeId" system attribute was introduced. Unfortunately system attributes > can only be updated when importing. This means any integration with other > services is significantly limited (Kafka, Rest API will not work). (See also > ATLAS-3754) > To resolve this I propose to make it possible to update the system attributes > when policy allows it. This introduces new > AtlasPrivilege.ENTITY_UPDATE_SYSTEM_ATTRIBUTE and > AtlasPrivilege.ENTITY_CREATE_SYSTEM_ATTRIBUTE next to > AtlasPrivilege.ENTITY_UPDATE_ATTRIBUTE and > AtlasPrivilege.ENTITY_CREATE_ATTRIBUTE rather than just checking on the > entity level. In certain places we will then drop the requirement for an > import to be active as this can now happen through other channels as well. > This allows operators to specify policies that allow granular controls over > attributes and system attributes. -- This message was sent by Atlassian Jira (v8.3.4#803005)