aswinshakil commented on code in PR #310: URL: https://github.com/apache/ozone-site/pull/310#discussion_r2748277161
########## docs/03-core-concepts/04-security/02-acls/01-native-acls.md: ########## @@ -175,3 +175,54 @@ Ozone ACLs and S3 ACLs differ primarily in their scope and support. - Similarly, HttpFS ACL-related APIs. These limitations should be taken into account when integrating Ozone with applications that rely on S3 or file system ACL operations. + +## Permission comparison table + +The table below shows the mapping between Ozone operations and the required Native ACL permissions. + +`<admin>`: for native ACL, all access is granted for all operations + +`<owner>`: for native ACL, owner of volume / bucket have all access to further hierarchy + +### Volume related operation + +| `Operation` | `Volume permission` | `Bucket permission` | `Key permission` | Review Comment: The actual comparison between Native ACL and Ranger ACL is not being shown here. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
