Skip to content
Example implementation of the graph-based RBAC pipeline
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

Entitlements in Real-Time

This repository is the accompanying proof-of-concept implementation to the "Entitlements in Real-Time" blog post located here.

There is a docker-compose file for getting up and running with MariaDB, a Confluent cluster, and a TigerGraph instance. Note the POC used a m5a.4xlarge EC2 instance to run all the docker services. You may be able to use something smaller though.


  1. Run all the containers up with docker-compose up -d
  2. Run the database schema create SQL in LDAP.sql in PhpMyAdmin (localhost:3307) or some other interface.
  3. Create the JDBC Source Connectors in Control Center (localhost:9021) or through the REST API. Images for Control Center are located in the images folder, and the JSON configs are located in the kafka-connect folder.
  4. Create the topics as well (ldap-roles, ldap-parties, ldap-party_roles).
  5. Enter into the tigergraph container.
  6. Run gadmin start. This starts up TigerGraph.
  7. Run gsql /home/tigergraph/entitlements.gsql. This creates the schema and loading jobs.
  8. Run gsql to enter the GSQL console.
> USE GRAPH Entitlements
> RUN LOADING JOB load_resources
> RUN LOADING JOB real_time_loader

real_time_loader will continue to run in the foreground of the GSQL shell

  1. Run the SQL inserts
  2. Open up GraphStudio at localhost:14240 and navigate through your graph.
  3. Run the SQL updates and reload GraphStudio to make sure it caught the updates to the graph.
You can’t perform that action at this time.