[jira] [Work logged] (HDDS-939) Add S3 access check to Ozone manager

Mon, 25 Mar 2019 14:28:07 -0700 


     [ 
https://issues.apache.org/jira/browse/HDDS-939?focusedWorklogId=218275&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-218275
 ]

ASF GitHub Bot logged work on HDDS-939:
---------------------------------------

                Author: ASF GitHub Bot
            Created on: 25/Mar/19 21:27
            Start Date: 25/Mar/19 21:27
    Worklog Time Spent: 10m 
      Work Description: ajayydv commented on issue #634: HDDS-939. Add S3 
access check to Ozone manager. Contributed by Ajay Kumar.
URL: https://github.com/apache/hadoop/pull/634#issuecomment-476384461
 
 
   > And also we can add few tests to verify the volumeName generated from the 
newly added function validates with the HddsUtils.verifyResourceName()? So, 
that in future if someone is changing the logic in this place, it can be caught 
immediately if it causes any issues.
   I am open for this but since volume name is not exposed to s3 clients i 
think it has less value. We test bucket name instead which is already validated 
in secure-robot test case. Do you still want to verify volume name?
   
 
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
[email protected]


Issue Time Tracking
-------------------

    Worklog Id:     (was: 218275)
    Time Spent: 2h 10m  (was: 2h)

> Add S3 access check to Ozone manager
> ------------------------------------
>
>                 Key: HDDS-939
>                 URL: https://issues.apache.org/jira/browse/HDDS-939
>             Project: Hadoop Distributed Data Store
>          Issue Type: Bug
>          Components: Ozone Manager, S3
>            Reporter: Anu Engineer
>            Assignee: Ajay Kumar
>            Priority: Blocker
>              Labels: pull-request-available
>          Time Spent: 2h 10m
>  Remaining Estimate: 0h
>
> Add the mapping from S3 User Identity to UGI inside Ozone Manager.  Also add 
> the access check permission, that is call into the checkAccess, which will be 
> intercepted by Ranger or Ozone access check.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to