[
https://issues.apache.org/jira/browse/AURORA-348?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Bill Farner updated AURORA-348:
-------------------------------
Description: Add a new {{Capability}} for a group to invoke machine
maintenance RPCs. (was: We currently use the {{@Requires}} annotation to
cherry-pick RPCs that non-"root" groups may perform. We would like to add
similar support for host maintenance RPCs. Rather than play whack-a-mole, we
should plumb access grants for all admin RPCs out to the command line.)
Summary: Add machine maintenance auth capability (was: Support
configurable authorization for all admin RPCs)
Reworded this ticket to reflect feedback from [~kevints] about the merits of
logical groupings of behavior rather than free-form piecemeal auth. Added
benefit of keeping the status quo is resilience to future refactors. Going to
keep the current approach, to revisit in the future if we decide fine-grained
ACLs are a necessity.
> Add machine maintenance auth capability
> ---------------------------------------
>
> Key: AURORA-348
> URL: https://issues.apache.org/jira/browse/AURORA-348
> Project: Aurora
> Issue Type: Story
> Components: Scheduler, Security
> Reporter: Bill Farner
> Assignee: Bill Farner
>
> Add a new {{Capability}} for a group to invoke machine maintenance RPCs.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
