privilege,backupccl,importer: introduce EXTERNALIOIMPLICITACCESS #87066
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
This change is |
adityamaru
force-pushed
the
implicit-privilege
branch
from
dc5bfdb
to
d3d8809
Compare
stevendanna
approved these changes
Aug 30, 2022
This change introduces an `EXTERNALIOIMPLICITACCESS` privilege that can be granted to users to interact with ExternalStorage resources that require implicit authentication. Previously, implicit authentication resources were only permitted to be used by admin users or users on a node that was started with the `external-io-enable-non-admin-implicit-access` flag. This system privilege is meant to gradually replace the existence of the flag. This change unifies the logic to check that a user has the required privileges to access a URI in the pkg/cloud/cloudprivilege package so that import, restore, backup can all share the same logic. Informs: cockroachdb#86263 Release note (sql change): Users can grant a new `EXTERNALIOIMPLICITACCESS` system privilege that allows a user to interact with an External Storage resource that has implicit authentication. Egs: gs, s3, nodelocal etc. Previously, this was an admin only operation. Release justification: high impact change to introduce fine grained privileges around our interaction with External Storage resources
adityamaru
force-pushed
the
implicit-privilege
branch
from
d3d8809
to
dbf844a
Compare
I agree, I'll open a follow up to also render a notice when we see someone using it to get past this privilege check. |
|
TFTR! bors r=stevendanna |
|
Build failed (retrying...): |
|
Build failed: |
|
bors r=stevendanna |
|
Build succeeded: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This change introduces an
EXTERNALIOIMPLICITACCESSprivilegethat can be granted to users to interact with ExternalStorage resources
that require implicit authentication. Previously, implicit authentication
resources were only permitted to be used by admin users or users on
a node that was started with the
external-io-enable-non-admin-implicit-accessflag. This system privilegeis meant to gradually replace the existence of the flag.
This change unifies the logic to check that a user has the required
privileges to access a URI in the pkg/cloud/cloudprivilege package so
that import, restore, backup can all share the same logic.
Informs: #86263
Release note (sql change): Users can grant a new
EXTERNALIOIMPLICITACCESSsystem privilege that allows a user to interact with an External Storage resource
that has implicit authentication. Egs: gs, s3, nodelocal etc. Previously,
this was an admin only operation.
Release justification: high impact change to introduce fine grained privileges
around our interaction with External Storage resources