Kashif Faraz
abac9e39ed
Revert permission changes to Supervisor and Task APIs ( #11819 )
...
* Revert "Require Datasource WRITE authorization for Supervisor and Task access (#11718 )"
This reverts commit f2d6100124
.
* Revert "Require DATASOURCE WRITE access in SupervisorResourceFilter and TaskResourceFilter (#11680 )"
This reverts commit 6779c4652d
.
* Fix docs for the reverted commits
* Fix and restore deleted tests
* Fix and restore SystemSchemaTest
2021-10-25 14:50:38 +05:30
Kashif Faraz
c2c724c065
Fix docs to explain that WRITE permissions do not include READ ( #11785 )
...
* Fix docs to explain that WRITE and READ are exclusive
* Fix indentation
* Use suggested doc style
2021-10-08 14:10:20 -07:00
Charles Smith
3ecbd3aec4
docs for changes to authorization in #11718 and #11720 ( #11779 )
...
* security recommendation
* Update docs/operations/security-overview.md
Co-authored-by: Victoria Lim <vtlim@users.noreply.github.com>
* Update docs/operations/security-user-auth.md
Co-authored-by: Victoria Lim <vtlim@users.noreply.github.com>
* Update docs/operations/security-user-auth.md
Co-authored-by: Victoria Lim <vtlim@users.noreply.github.com>
* Update security-user-auth.md
add newline
* Update docs/operations/security-overview.md
Co-authored-by: Victoria Lim <vtlim@users.noreply.github.com>
* Update security-overview.md
add suggestion for environment variable dynamic config provider
Co-authored-by: Victoria Lim <vtlim@users.noreply.github.com>
Co-authored-by: Clint Wylie <cwylie@apache.org>
2021-10-08 14:04:04 -07:00
Kashif Faraz
f2d6100124
Require Datasource WRITE authorization for Supervisor and Task access ( #11718 )
...
Follow up PR for #11680
Description
Supervisor and Task APIs are related to ingestion and must always require Datasource WRITE
authorization even if they are purely informative.
Changes
Check Datasource WRITE in SystemSchema for tables "supervisors" and "tasks"
Check Datasource WRITE for APIs /supervisor/history and /supervisor/{id}/history
Check Datasource for all Indexing Task APIs
2021-10-08 10:39:48 +05:30
Clint Wylie
5de26cf6d9
add optional system schema authorization ( #11720 )
...
* add optional system schema authorization
* remove unused
* adjust docs
* doc fixes, missing ldap config change for integration tests
* style
2021-09-21 13:28:26 -07:00
Charles Smith
b51632b0bf
Update security overview with additional recommendations ( #11016 )
...
* updatee security overview with additional recommendations for improved security
* address first set of review questions
* Update docs/operations/security-overview.md
* Update docs/operations/security-overview.md
* apply changes from review
* Update docs/operations/security-overview.md
Co-authored-by: Suneet Saldanha <suneet@apache.org>
* Update docs/operations/security-overview.md
Co-authored-by: Suneet Saldanha <suneet@apache.org>
* Update docs/operations/security-overview.md
Co-authored-by: Suneet Saldanha <suneet@apache.org>
* Update security-overview.md
fix additional comments & typos cc: @suneet-s, @jihoonsoon
Co-authored-by: Suneet Saldanha <suneet@apache.org>
2021-04-14 08:58:17 -07:00
sthetland
ba915b7f56
Security overview documentation ( #10339 )
...
* initial file
* initial file
* security overview added
* ldap added
* spacing adjustments
* nits
* security graphics and doc review
* Update docs/operations/security-overview.md
Co-authored-by: Jonathan Wei <jon-wei@users.noreply.github.com>
* Update docs/operations/security-user-auth.md
Co-authored-by: Jonathan Wei <jon-wei@users.noreply.github.com>
* Update docs/operations/security-overview.md
Co-authored-by: Jonathan Wei <jon-wei@users.noreply.github.com>
* Update docs/operations/security-overview.md
Co-authored-by: Jonathan Wei <jon-wei@users.noreply.github.com>
* updates frm review
* review comments
* finish up review and light edits
* broken links
* spell check
Co-authored-by: Jonathan Wei <jon-wei@users.noreply.github.com>
2020-11-19 15:24:58 -08:00