k8ssandra / cass-operator

The DataStax Kubernetes Operator for Apache Cassandra
https://docs.datastax.com/en/cass-operator/doc/cass-operator/cassOperatorGettingStarted.html
Apache License 2.0
185 stars 66 forks source link

Add the feature in cass-operator to provision user permissions(RBAC) through CRD file #154

Open sync-by-unito[bot] opened 3 years ago

sync-by-unito[bot] commented 3 years ago

In https://github.com/datastax/cass-operator/pull/94 there is a function to define users through the CRD file, e.g

  users:
    - secretName: <a normal username>
       superuser: false

It is good to have the RBAC permissions associated with the users/roles so that end-users do not have to log in the cluster with superuser and do it manually.

e.g in CRD file, it can be like:

  users:
    - secretName: <a normal username>
       superuser: false
       permissions: create, drop on keyspace, table

┆Issue is synchronized with this Jira Story by Unito ┆Issue Number: CASS-57

jsanda commented 2 years ago

I think this is an excellent idea. Note that the design being proposed for https://github.com/k8ssandra/k8ssandra-operator/issues/556 will impact this.