Enable authorization management options in the catalog plugin architecure

Description

Since we will be adding access control (service-level and entity-level) to our Connector, Data Source, and Data Sets, we may want to have our catalog plugin architecture support the option of allowing a plugin to update the security of the underlying system to match the access control defined in Kylo. The reason for this is that, just because we restrict a user's visibility to a data set representing a Teradata or Hive table in Kylo, it does not mean the user does not have access to that table directly using some other means. It could be beneficial for management purposes if we supported plugins that kept the access control settings in Kylo in sync with the security settings in the underlying system.

This is a proposal to design this capability into our plugin architecture, not necessarily whether any particular plugin implements this capability. This should only be optional functionality that a plugin could provide as not all technologies might support security management, nor might it be desired even if it could be supported of a particular system.

Status

Assignee

Unassigned

Reporter

Sean Felten

Labels

Reviewer

None

Epic Link

Priority

Medium
Configure