Page tree
Skip to end of metadata
Go to start of metadata

 

 

Goals

  1. Key Management

  2. Secure impersonation
  3. Authorization of dataset and stream access
  4. Authorization for listing and viewing entities
  5. Ability to map a namespace to user-provided storage provider namespaces
  6. Cross-namespace dataset access
  7. Support long-running programs in secure (kerberos) mode

Checklist

  • User stories documented (Rohit/Ali/Bhooshan)
  • User stories reviewed (Nitin)
  • Design documented (Rohit/Ali/Bhooshan)
  • Design reviewed (Andreas)
  • Feature merged (Rohit/Ali/Bhooshan)
  • Examples and guides (Rohit)
  • Integration tests (Ali) 
  • Documentation for feature (Bhooshan)
  • Blog post 

User Stories

  1. As a CDAP security admin, I want CDAP programs to be run as the user running the program, and not as the headless "cdap" user. (User Impersonation)
  2. As a CDAP user, I would like to specify a user for a namespace and all program running in that namespace should be run as the specified user. (User Impersonation)
  3. As a CDAP/Hydrator security admin, I want all sensitive information like passwords not be stored in plaintext. (Key Management)
  4. As a CDAP security admin, I want all operations on datasets/streams to be governed by my configured authorization system. (Authorization)
  5. As a CDAP security admin, I want list operations for all CDAP entities to only return entities that the logged-in user is authorized to view. (Authorization)
  6. As a CDAP security admin, I want view operations for a CDAP entity to only succeed if the logged-in user is authorized to view that entity (Authorization)
  7. As a CDAP user, I would like to specify the namespace in an underlying storage provider (e.g. HBase namespace, Hive database) to use for a particular CDAP namespace. (Namespaces)
  8. As a CDAP admin, I want to allow users to access a dataset from a program in a different namespace, as long as the said user is authorized to access that dataset. (Namespaces)
  9. As a CDAP user, I want to be able to run long running Mapreduce, Spark or Hive programs on a secure (kerberos-enabled) cluster.

Design

Hue Integration

Namespace - Security 3.5

Authorization - CDAP 3.5

Secure Impersonation - Security 3.5