[ 
https://issues.apache.org/jira/browse/YARN-1968?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Xuan Gong updated YARN-1968:
----------------------------
    Component/s: resourcemanager

> YARN Admin service should have more fine-grained ACL which is based on 
> mapping of users with methods/operations.
> ----------------------------------------------------------------------------------------------------------------
>
>                 Key: YARN-1968
>                 URL: https://issues.apache.org/jira/browse/YARN-1968
>             Project: Hadoop YARN
>          Issue Type: Improvement
>          Components: resourcemanager
>            Reporter: Junping Du
>
> AdminService's operation today have different dimensions of management, some 
> are on user management while others are on cluster management, etc. 
> Today, we only check if user belongs to some authorized group to see if he 
> can execute operations in admin service. The result is who can either execute 
> all operations or none which is a simple strategy but not very precisely so 
> we cannot separate different management roles to several admins. We may need 
> more fine-grained ACLs which can authorized user with partial operations in 
> AdminService.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to