Re: [PR] HDDS-13848. [STS] Artifacts for Ranger to authorize STS token [ozone]

via GitHub Thu, 13 Nov 2025 11:44:00 -0800


fmorg-git commented on code in PR #9214:
URL: https://github.com/apache/ozone/pull/9214#discussion_r2524715390



##########
hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/security/acl/IAccessAuthorizer.java:
##########
@@ -67,7 +90,9 @@ enum ACLType {
     READ_ACL,
     WRITE_ACL,
     ALL,
-    NONE;
+    NONE,
+    ASSUME_ROLE;   // ability to create STS tokens

Review Comment:
   yes, I believe so - I am not seeing anything in Ozone or Ranger code that 
constrains the permissions in ALL.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Re: [PR] HDDS-13848. [STS] Artifacts for Ranger to authorize STS token [ozone]

Reply via email to