Skip to content

Permission should support multiple name patterns #4510

New issue
New issue
Closed
#4633
Closed
Permission should support multiple name patterns#4510
#4633
Labels
kind/featureNew feature or request
@dmartinol

Description

@dmartinol
dmartinol
opened on Sep 10, 2024

Is your feature request related to a problem? Please describe.
As of today RBAC permissions can match resources by type and a single name_pattern field, as in:

Permission(
    name="reader",
    types=[FeatureView],
    name_pattern=".*risky.*",
    policy=RoleBasedPolicy(roles=["trusted"]),
    actions=[AuthzedAction.QUERY_OFFLINE],
)

We should extend this concept by allowing multiple patterns instead, to simplify the customer configuration.

Describe the solution you'd like
Support a list of name_patterns instead:

Permission(
    name="reader",
    types=[FeatureView],
    name_pattern=[".*risky.*", "critical_data"],
    policy=RoleBasedPolicy(roles=["trusted"]),
    actions=[AuthzedAction.QUERY_OFFLINE],
)

In this case, the permission would apply to all the feature views matching any of the configured patterns.

Describe alternatives you've considered
Do not rename the name_pattern field for backward compatibility.

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/featureNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions