[jira] [Updated] (HDDS-6576) [Multi-Tenant] Update documentation around Ranger policy on bucket sharing

Tue, 12 Apr 2022 11:04:08 -0700 


     [ 
https://issues.apache.org/jira/browse/HDDS-6576?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Siyao Meng updated HDDS-6576:
-----------------------------
    Description: 
If a cluster admin or tenant admin wants the bucket owner (regular tenant user) 
to be able to edit their own bucket's policy , the admin need to create an 
Ozone policy in Ranger for that bucket manually. Then make that bucket owner a 
"delegated admin" for that policy.
With this new policy, as long as the bucket owner can log in to the Ranger Web 
UI, he/she could edit this bucket policy on his own, for example, to share the 
bucket with others without an admin's manual intervention.

We are not providing a dedicated multi-tenancy CLI for that.

  was:
If a cluster admin or tenant admin wants the bucket owner (regular tenant user) 
to be able to edit their own bucket's policy (to allow the bucket owner to 
share the bucket with others without involving an admin, for example), the 
admin need to create an Ozone policy in Ranger for that bucket manually. Then 
make that bucket owner a "delegated admin" for that policy.

We are not providing a dedicated multi-tenancy CLI for that.


> [Multi-Tenant] Update documentation around Ranger policy on bucket sharing 
> ---------------------------------------------------------------------------
>
>                 Key: HDDS-6576
>                 URL: https://issues.apache.org/jira/browse/HDDS-6576
>             Project: Apache Ozone
>          Issue Type: Sub-task
>            Reporter: Siyao Meng
>            Assignee: Siyao Meng
>            Priority: Major
>
> If a cluster admin or tenant admin wants the bucket owner (regular tenant 
> user) to be able to edit their own bucket's policy , the admin need to create 
> an Ozone policy in Ranger for that bucket manually. Then make that bucket 
> owner a "delegated admin" for that policy.
> With this new policy, as long as the bucket owner can log in to the Ranger 
> Web UI, he/she could edit this bucket policy on his own, for example, to 
> share the bucket with others without an admin's manual intervention.
> We are not providing a dedicated multi-tenancy CLI for that.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to