Ramesh Mani created RANGER-2222:
-----------------------------------
Summary: Apache RangerKafkaPlugin support to handle Kafka Cluster
as a new resource
Key: RANGER-2222
URL: https://issues.apache.org/jira/browse/RANGER-2222
Project: Ranger
Issue Type: Bug
Components: Ranger
Affects Versions: 2.0.0
Reporter: Ramesh Mani
Currently, cluster resource permissions are exposed in Ranger with Topic
resource as *. This is not the right convention as cluster resource is not a
super set including topic resources.
Cluster resource permissions:
Alter
AlterConfigs
ClusterAction
Create
Describe
DescribeConfigs
IdempotentWrite
Topic resource operations:
Alter
AlterConfigs
Create
Delete
Describe
DescribeConfigs
Read
Write
Users should be able to define policies with cluster resource and topic
resource with respective permissions. Names of some of the permissions are same
in topic and cluster but they are meant for the different purpose.
Example: AlterConfigs on the topic resource is about altering configs of a
topic only but AlterConfigs permission on Custer resource is meant for altering
configs on the broker.
Upgrading cluster should upgrade existing policies in to topic and cluster
resource level policies with respective permissions. I believe that the default
policy that is getting created would address this.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
