[
https://issues.apache.org/jira/browse/TEZ-671?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14087055#comment-14087055
]
Siddharth Seth commented on TEZ-671:
------------------------------------
With session mode, and support for credentials per DAG - I think it makes sense
to support DAG level ACLs. I'm not sure how we can do this for APIs like
killDAG (if the AM is lost), since YARN does not support changing ACLs for a
running application.
For a user like Hive - I'm guessing App ACLs will be setup to be based on the
Hive super-user - primarily for access to the RM / stop application etc. For
running DAGs (and access via the AppTimelineServer), I'm assuming the per DAG
ACLs will be sufficient.
This is all assuming session mode will be used to submit DAGs on behalf of
multiple users, which I believe is the case. [~hagleitn] ?
> Support View/Modify ACLs for DAGs
> ---------------------------------
>
> Key: TEZ-671
> URL: https://issues.apache.org/jira/browse/TEZ-671
> Project: Apache Tez
> Issue Type: Sub-task
> Reporter: Siddharth Seth
> Assignee: Hitesh Shah
>
--
This message was sent by Atlassian JIRA
(v6.2#6252)
