You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@aurora.apache.org by "Bill Farner (JIRA)" <ji...@apache.org> on 2014/04/23 20:28:15 UTC

[jira] [Updated] (AURORA-348) Add machine maintenance auth capability

     [ https://issues.apache.org/jira/browse/AURORA-348?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Bill Farner updated AURORA-348:
-------------------------------

    Description: Add a new {{Capability}} for a group to invoke machine maintenance RPCs.  (was: We currently use the {{@Requires}} annotation to cherry-pick RPCs that non-"root" groups may perform.  We would like to add similar support for host maintenance RPCs.  Rather than play whack-a-mole, we should plumb access grants for all admin RPCs out to the command line.)
        Summary: Add machine maintenance auth capability  (was: Support configurable authorization for all admin RPCs)

Reworded this ticket to reflect feedback from [~kevints] about the merits of logical groupings of behavior rather than free-form piecemeal auth.  Added benefit of keeping the status quo is resilience to future refactors.  Going to keep the current approach, to revisit in the future if we decide fine-grained ACLs are a necessity.

> Add machine maintenance auth capability
> ---------------------------------------
>
>                 Key: AURORA-348
>                 URL: https://issues.apache.org/jira/browse/AURORA-348
>             Project: Aurora
>          Issue Type: Story
>          Components: Scheduler, Security
>            Reporter: Bill Farner
>            Assignee: Bill Farner
>
> Add a new {{Capability}} for a group to invoke machine maintenance RPCs.



--
This message was sent by Atlassian JIRA
(v6.2#6252)