Hi All, I drafted a gradation blog post for Sentry and attached here. Please feel free to give recommendations and comments. Thanks a lot!
Best, Hao Sentry Graduation Blog We are very excited to announce that Apache Sentry <http://sentry.apache.org/> has graduated out of Incubator and is now an Apache Top Level Project! Sentry, which provides centralized fine-grained access control on metadata and data stored on Apache Hadoop cluster, is introduced as an Apache Incubator project back in August 2013. In the past two and half years, the development community grew significantly to a large number of contributors from various organizations. Upon graduation, there were more than 50 contributors, 31 of whom had become committers. What’s Sentry While Hadoop has strong security at the filesystem level, it lacked the granular support needed to adequately secure access to data by users and BI applications. This problem forces users to make a choice: either leave data unprotected or lock out users entirely. Most of the time, the preferred choice is the latter, severely inhibiting access to data in Hadoop. Sentry provides the ability to enforce role-based access control to data and/or privileges on data for authenticated users in a fine-grained manner. For example, Sentry allows access control at the server, database, table, view and even column scope at different privilege levels including select, insert, and all for Apache Hive and Apache Impala. What’s new During incubation, Sentry had six releases and has continued to grow on providing unified authorization policy management across different Hadoop components. Some of them including: - most recent integration support with Apache Kafka, Apache Solr and Apache Sqoop; - audit log support for data governance purpose; - improve the service stability with Sentry High Availability (HA); - provides import/export tool for replicating the entire permissions on a Sentry database. Future Work Graduation is a terrific milestone, but only the beginning for Sentry. We are looking forward to continuing to help grow the Sentry community and fostering a strong ecosystem around the project. We are targeting at strength Sentry core with finer granularity authorization model, as well as enable easier integration process with other components to make Sentry highly adaptable. Meanwhile we are aiming at supportability enhancements such as bettering Sentry Web UI. How to Get Involved The Sentry community now includes new core committers, an active developer mailing list where future releases and patches are discussed, and increasing interest in running additional frameworks on Sentry. We strongly encourage new people join Sentry and contribute <https://cwiki.apache.org/confluence/display/SENTRY/How+to+Contribute> through jumping on the discussions on the mailing list, filing bugs through Jira, reviewing other's’ code or even providing new patches.
