英文:
Is there any way having restrictions on dags by their owners upon roles
问题
I have some dags owner by user 'abc' and I want to this user a role with permissions to show just those dags on airflow GUI which are owned by user 'abc' and this user can pause or unpause or run its own owned dag. Just to clear here that I cannot use RBAC as RBAC is cloud based authentication, I am having Airflow 2.5.2 installed over docker-compose.
英文:
I have some dags owner by user 'abc' and I want to this user a role with permissions to show just those dags on airflow GUI which are owned by user 'abc' and this user can pause or unpause or run its own owned dag. Just to clear here that I cannot use RBAC as RBAC is cloud based authentication , I am having Airflow 2.5.2 installed over docker-compose.
```airflow roles del-perms [-h] [-a [ACTION [ACTION ...]]] -r
[RESOURCE [RESOURCE ...]] [-v]
[role [role ...]]```
答案1
得分: 1
从Airflow文档中,dag-level permission
例如,如果用户尝试查看example_dag_id的DAG信息,并且端点需要DAGs.can_read访问权限,如果用户具有DAGs.can_read或DAG:example_dag_id.can_read访问权限,则将授予访问权限。
您需要为每个DAG设置用户权限,并删除全局的DAG权限。
英文:
From airflow docs, dag-level permission
For example, if a user is trying to view DAG information for the example_dag_id, and the endpoint requires DAGs.can_read access, access will be granted if the user has either DAGs.can_read or DAG:example_dag_id.can_read access
You need to set to user permissions per dag and remove the Dags global permission.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论