You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@aurora.apache.org by "Bill Farner (JIRA)" <ji...@apache.org> on 2014/04/23 20:28:15 UTC
[jira] [Updated] (AURORA-348) Add machine maintenance auth
capability
[ https://issues.apache.org/jira/browse/AURORA-348?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Bill Farner updated AURORA-348:
-------------------------------
Description: Add a new {{Capability}} for a group to invoke machine maintenance RPCs. (was: We currently use the {{@Requires}} annotation to cherry-pick RPCs that non-"root" groups may perform. We would like to add similar support for host maintenance RPCs. Rather than play whack-a-mole, we should plumb access grants for all admin RPCs out to the command line.)
Summary: Add machine maintenance auth capability (was: Support configurable authorization for all admin RPCs)
Reworded this ticket to reflect feedback from [~kevints] about the merits of logical groupings of behavior rather than free-form piecemeal auth. Added benefit of keeping the status quo is resilience to future refactors. Going to keep the current approach, to revisit in the future if we decide fine-grained ACLs are a necessity.
> Add machine maintenance auth capability
> ---------------------------------------
>
> Key: AURORA-348
> URL: https://issues.apache.org/jira/browse/AURORA-348
> Project: Aurora
> Issue Type: Story
> Components: Scheduler, Security
> Reporter: Bill Farner
> Assignee: Bill Farner
>
> Add a new {{Capability}} for a group to invoke machine maintenance RPCs.
--
This message was sent by Atlassian JIRA
(v6.2#6252)