You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ozone.apache.org by "Siyao Meng (Jira)" <ji...@apache.org> on 2023/02/23 22:28:00 UTC
[jira] [Created] (HDDS-8021) [Snapshot] Document snapshot access ACL behavior
Siyao Meng created HDDS-8021:
--------------------------------
Summary: [Snapshot] Document snapshot access ACL behavior
Key: HDDS-8021
URL: https://issues.apache.org/jira/browse/HDDS-8021
Project: Apache Ozone
Issue Type: Sub-task
Reporter: Siyao Meng
(Current design, not final unless resolved)
For OzoneNativeAuthorizer, Ozone directly checks against the native ACL inside the snapshot checkpoint DB. This implies the captured native ACL is immutable because currently Ozone supports read-only snapshots only.
For RangerOzoneAuthorizer, Ozone first checks against the path inside the snapshot. If the explicit policy on the snapshot path doesn't exist, Ozone Manager checks access against the policy on the regular path instead.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org