Authorization

Authorization is the operation that checks whether a particular “role” or “principal” is allowed to perform a certain operation. This section describes how to manage authorization in Streamlio Cloud.

You can run the authorization configuration commands currently via the pulsar-admin utility that is installed alongside the streamlio installation. The utility gets automatically configured as part of the authentication process.

Grant Permissions

You can grant permissions to specific roles for lists of operations such as produce, consume .

Use the grant-permission subcommand and specify a namespace, actions using the --actions flag, and a role using the --role flag:

pulsar-admin namespaces grant-permission tenant1/ns1 \
--actions produce,consume \
--role admin10

Get permissions

You can see which permissions have been granted to which roles in a namespace.

Use the permissions subcommand and specify a namespace:

pulsar-admin namespaces permissions tenant1/ns1
{
"admin10": [
"produce",
"consume"
]
}

Revoke Permissions

You can revoke permissions from specific roles, which means that those roles will no longer have access to the specified namespace.

Use the revoke-permission subcommand and specify a namespace and a role using the --roleflag:

pulsar-admin namespaces revoke-permission tenant1/ns1 --role admin10

_____ Copyright 2019 Streamlio, Inc. Apache, Apache BookKeeper, Apache Pulsar and associated open source project names are trademarks of the Apache Software Foundation.