[
https://issues.apache.org/jira/browse/SENTRY-2225?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16471707#comment-16471707
]
Alexander Kolbasov commented on SENTRY-2225:
--------------------------------------------
Hmm, this is a bit confusing. If HMS already has all the information about
these attribute, why would we want to copy then to Sentry so that HMS can
(again) get them if it has these attributes in the first place? Are you
suggesting implementing column-level masking without storing these attributes
in Sentry and by storing them in HMS directly or you propose something else?
Can you clarify your proposal?
> Generic Attribute Ingestion and Default Implementation
> ------------------------------------------------------
>
> Key: SENTRY-2225
> URL: https://issues.apache.org/jira/browse/SENTRY-2225
> Project: Sentry
> Issue Type: Sub-task
> Components: Core
> Affects Versions: 2.1.0
> Reporter: Anthony Young-Garner
> Priority: Major
> Labels: ABAC
>
> As discussed in the design document linked on SENTRY-2140, attributes and
> their mapping to columns are created and stored in an external system. In
> order for Sentry to make masking decisions based upon these attributes and
> mappings, this information must be ingested from the external system. The
> scope of this Jira is to :
> # implement the generic extensible framework by which different external
> systems may contribute attributes (the specific details of the design are
> still under discussion on the parent Jira; whether there is a full plugin
> model implemented in Sentry or whether the ingestion process will run
> entirely external to Sentry and send the information to Sentry via Thrift API
> is not yet decided).
> # Implement at least one default implementation (whether this will be an
> example implementation only for reference like a static text file or a
> full-featured implementation more suitable for production use is under
> discussion)
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
