You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@sentry.apache.org by "Anthony Young-Garner (JIRA)" <ji...@apache.org> on 2018/05/01 14:10:00 UTC

[jira] [Updated] (SENTRY-2196) Expand Sentry data model to store attributes for use in ABAC

     [ https://issues.apache.org/jira/browse/SENTRY-2196?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Anthony Young-Garner updated SENTRY-2196:
-----------------------------------------
    Description: Once attributes are ingested (see SENTRY-2189), they need to be made available at runtime for use in authorization and masking actions within Sentry. For reasons of both performance and scale, these attributes will be maintained (cached) locally on the Sentry server rather then constantly pulled from the attribute ingestion source. In addition, the attributes should be highly available in situations where the connection to the attribute source might be lost and where the Sentry server might experience one or more downed nodes. Therefore, the Sentry data model will be expanded to store attribute information as a persistent backstop for the in-memory cache.  (was: Once attributes are ingested (see SENTRY-2189), they need to be made available at runtime for use in authorization and masking actions within Sentry. For reasons of both performance and scale, these attributes will be maintained locally to the Sentry server rather then constantly pulled from the attribute ingestion source. In addition, the attributes should be highly available in situations where the connection to the attribute source might be lost and where the Sentry server might experience one or more downed nodes. Therefore, the Sentry data model will be expanded to store attribute information (this may be a considered an ad-hoc persistent cache for attributes).)

> Expand Sentry data model to store attributes for use in ABAC
> ------------------------------------------------------------
>
>                 Key: SENTRY-2196
>                 URL: https://issues.apache.org/jira/browse/SENTRY-2196
>             Project: Sentry
>          Issue Type: New Feature
>          Components: sentrystore
>    Affects Versions: 2.0.0
>            Reporter: Anthony Young-Garner
>            Priority: Major
>              Labels: ABAC
>
> Once attributes are ingested (see SENTRY-2189), they need to be made available at runtime for use in authorization and masking actions within Sentry. For reasons of both performance and scale, these attributes will be maintained (cached) locally on the Sentry server rather then constantly pulled from the attribute ingestion source. In addition, the attributes should be highly available in situations where the connection to the attribute source might be lost and where the Sentry server might experience one or more downed nodes. Therefore, the Sentry data model will be expanded to store attribute information as a persistent backstop for the in-memory cache.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)