You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@trafficcontrol.apache.org by "Nir Sopher (JIRA)" <ji...@apache.org> on 2017/07/25 18:25:00 UTC

[jira] [Created] (TC-467) Delivery-service tenancy based access control - DNSSEC and SSL Keys

Nir Sopher created TC-467:
-----------------------------

             Summary: Delivery-service tenancy based access control - DNSSEC and SSL Keys
                 Key: TC-467
                 URL: https://issues.apache.org/jira/browse/TC-467
             Project: Traffic Control
          Issue Type: Improvement
          Components: Traffic Ops
            Reporter: Nir Sopher


We have recently added "tenancy" to the project. 
With tenancy, every resource have a tenant, where resource can be a delivery-service, a server (future) and even a user.
We are now starting to enforce access-control based on the resource tenancy. A user can manage a resource only if the resource is under the user tenancy.

This JIRA deals with another step of "delivery-service as a resource" - enforcing via the API access control on the management of ssl keys and DNSSEC, according to their Delivery service.
We still need to finalize the specification of this access control, and it would not be included in the first phase of tenancy introduction, assuming that the application hide from the user the ability to deal with entries relating to DSes which are not under his tenancy.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)