github-actions[bot]
commented
3 days ago This issue is being marked as stale because it has been open for 60 days with no activity. Remove stale label or comment to keep the issue open.
Open tom-webber opened 2 months ago
github-actions[bot]
commented
3 days ago This issue is being marked as stale because it has been open for 60 days with no activity. Remove stale label or comment to keep the issue open.
Describe the bug.
The AP Control Panel Warehouse Data page shows the data sources (s3 buckets) created through the Control Panel. What gets displayed to users is read from the Control Panel database, not from aws IAM policies.
This means that a user may have access to a data source listed in the Warehouse Data page (e.g. via standard-database-access), but Control Panel will show the user as not having access.
To Reproduce
Add a fresh user to standard-database-access, then look for the
alpha-everyonedata source in the Warehouse Data page of Control Panel - it should say that the user does not have access, even though they have bucket and key access in their alpha_user IAM policies.Expected Behaviour
Warehouse Data should reflect the state of the alpha_user access policies, matching up permissions granted outside Control Panel with the data sources listed in Warehouse Data.
Additional context
Relevant Slack thread. Relevant user issue.