Versions Compared

Old Version 3

changes.mady.by.user Bhooshan Mogal

Saved on

compared with

New Version Current

changes.mady.by.user Bhooshan Mogal

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Task marked complete

...

  1. Key Management

  2. Secure impersonation
  3. Authorization of dataset and stream access
  4. Authorization for listing and viewing entities
  5. Ability to map a namespace to user-provided storage provider namespaces
  6. Cross-namespace dataset access
  7. Support long-running programs in secure (kerberos) mode

Checklist

  •  User stories documented (Rohit/Ali/Bhooshan)
  •  User stories reviewed (Nitin)
  •  Design documented (Rohit/Ali/Bhooshan)
  •  Design reviewed (Andreas)
  •  Feature merged (Rohit/Ali/Bhooshan)
  •  Examples and guides (Rohit)
  •  Integration tests (Ali) 
  •  Documentation for feature (Bhooshan)
  •  Blog post 

User Stories

 

  1. As a CDAP security admin, I want CDAP programs to be run as the user running the program, and not as the headless "cdap" user. (User Impersonation)
  2. As a CDAP user, I would like to specify a user for a namespace and all program running in that namespace should be run as the specified user. (User Impersonation)
  3. As a CDAP/Hydrator security admin, I want all sensitive information like passwords not be stored in plaintext. (Key Management)
  4. As a CDAP security admin, I want all operations on datasets/streams to be governed by my configured authorization system. (Authorization)
  5. As a CDAP security admin, I want list operations for all CDAP entities to only return entities that the logged-in user is authorized to view. (Authorization)
  6. As a CDAP security admin, I want view operations for a CDAP entity to only succeed if the logged-in user is authorized to view that entityentity (Authorization)
  7. As a CDAP user, I would like to specify the namespace in an underlying storage provider (e.g. HBase namespace, Hive database) to use for a particular CDAP namespace. (Namespaces)
  8. As a CDAP admin, I want to allow users to access a dataset from a program in a different namespace, as long as the said user is authorized to access that dataset. (Namespaces)
  9. As a CDAP user, I want to be able to run long running Mapreduce, Spark or Hive programs on a secure (kerberos-enabled) cluster.

Scenarios

Scenario #1

Scenario #2

Scenario #3

Entities, Operations and Privileges

...

...

NOTE: Cells marked green were done in 3.4

Design

Hue Integration

Testing

Installation

Questions

...

Namespace - Security 3.5

...

  1. As a CDAP admin, I should be able to authorize reads/writes to datasets
  2. As a CDAP admin, I should be able to authorize metadata changes to CDAP entities
  3. As a CDAP system, I should be able to push down ACLs to storage providers
  4. As a CDAP admin, I should be able to authorize reads/writes to custom datasets
  5. As a CDAP system, I should be able to judge, document and improve the performance impact of authorization
  6. As a CDAP authorization system, I should be able to interact with an external authentication system
  7. As a CDAP admin, I should be able to use external UIs like Hue for ACL Management
  8. As a CDAP admin, I should be able to see an audit log of all authorization-related changes in CDAP
  9. As a CDAP admin, I should be able to authorize all thrift-based traffic, so transaction management is also authorized.

...

Authorization - CDAP 3.5

Secure Impersonation - Security 3.5