smengcl commented on a change in pull request #3177:
URL: https://github.com/apache/ozone/pull/3177#discussion_r834851726
##########
File path: hadoop-ozone/interface-client/src/main/proto/OmClientProtocol.proto
##########
@@ -1409,19 +1409,39 @@ message SetS3SecretResponse {
message TenantInfo {
optional string tenantId = 1;
optional string bucketNamespaceName = 2;
- optional string accountNamespaceName = 3;
- optional string userPolicyGroupName = 4;
- optional string bucketPolicyGroupName = 5;
+ repeated string policyNames = 3;
Review comment:
We could. Should we do that?
We didn't have tenant -> roleNames mapping before.
Unless:
1. we are intending to store some roleIndex -> roleName mapping in
TenantInfo (TenantState) and use roleIndex in ExtendedAccessIdInfo to reduce
redundancy. e.g. tenant1-UserRole = index 0, tenant1-AdminRole = index 1.
2. it is required to iterate all role names assigned in this tenant quickly
3. the Ranger sync thread would need it when deleting a tenant
(3) might be valid? @prashantpogde
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
