ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "junni (Jira)" <j...@apache.org>
Subject [jira] [Commented] (RANGER-1974) Ranger Authorizer and Audits for AWS S3
Date Thu, 12 Nov 2020 08:47:00 GMT

    [ https://issues.apache.org/jira/browse/RANGER-1974?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17230449#comment-17230449

junni commented on RANGER-1974:


> Ranger Authorizer and Audits for AWS S3 
> ----------------------------------------
>                 Key: RANGER-1974
>                 URL: https://issues.apache.org/jira/browse/RANGER-1974
>             Project: Ranger
>          Issue Type: New Feature
>          Components: Ranger
>            Reporter: Srikanth Venkat
>            Assignee: Bosco
>            Priority: Blocker
> As an enterprise security admin, I need to be able to define and manage authorization
policies for data stored in AWS S3 so that I can manage my access control and authorization
entitlements in hybrid and cloud environments along with other data in platforms that Ranger
currently authorizes. This feature will should allow interoperability with AWS IAM policies
and be able to gather audits from the native cloud audit capabilities such as via AWS CloudTrail.
> Implementation considerations:
>  # AWS S3 IAM  information: https://aws.amazon.com/documentation/iam/
>  # AWS CloudTrail information: https://aws.amazon.com/documentation/cloudtrail/
>  # This could be a policy mapping or sync mechanism (either online or offline) that
will allow Ranger policy conditions, and user/group/role or other policy elements to be
mapped to what is available in AWS IAM. This might entail having a different model where
the Ranger plugin might not be running in the cloud native service and might require a proxy
or other paradigms to be effective.

This message was sent by Atlassian Jira

View raw message