Xuan Gong updated YARN-1968:
    Component/s: resourcemanager

> YARN Admin service should have more fine-grained ACL which is based on 
> mapping of users with methods/operations.
> ----------------------------------------------------------------------------------------------------------------
>                 Key: YARN-1968
>                 URL: https://issues.apache.org/jira/browse/YARN-1968
>             Project: Hadoop YARN
>          Issue Type: Improvement
>          Components: resourcemanager
>            Reporter: Junping Du
> AdminService's operation today have different dimensions of management, some 
> are on user management while others are on cluster management, etc. 
> Today, we only check if user belongs to some authorized group to see if he 
> can execute operations in admin service. The result is who can either execute 
> all operations or none which is a simple strategy but not very precisely so 
> we cannot separate different management roles to several admins. We may need 
> more fine-grained ACLs which can authorized user with partial operations in 
> AdminService.

This message was sent by Atlassian JIRA

Reply via email to