Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
Support for ACLs #78
Adds support for Access Control Lists (ACLs). This allows filtering permissions on users/groups. Three access categories are supported:
The first two are just forwarding application acls to YARN, and match YARN's semantics and defaults. Note that while these parameters will be forwarded in all cases, YARN will ignore them unless the cluster has been properly configured. See https://www.cloudera.com/documentation/enterprise/6/6.0/topics/cm_mc_yarn_service1.html for more information.
By default, ACLs are disabled. If enabled, the default behavior is to restrict access for all 3 categories to only the application owner. Note that the application owner will always have access. Additional access can be granted for other users/groups as needed. The wildcard
From a specification standpoint, this looks like:
# Enables acls # Gives ui permissions to tom and nancy, # modify access to anyone in the engineering group, # and view access to everyone acls: enable: true ui_users: - tom - nancy modify_groups: - engineering view_users: - '*'