big-book-3239
05/05/2022, 12:06 PMcurved-magazine-23582
07/20/2022, 1:45 PMwitty-motorcycle-52108
09/23/2022, 1:54 PMchilly-potato-57465
09/28/2022, 8:54 AMworried-flower-88750
11/10/2022, 9:10 PMwitty-butcher-82399
12/12/2022, 5:21 PM• Ability to define Metadata Policies against multiple reosurces scoped to particular “Containers” (e.g. A “schema”, “database”, or “collection”)Just going higher in the hierarchy up to the platform instance level. In the current status, I was thinking on solving this with
resource_urn
criteria https://datahubproject.io/docs/authorization/policies#resources
Does that criteria support other operators different from EQUALS
such as starts with, contains or even regexp? Definitely in the UI this is not possible, is it possible via policy as code?
Second question is about applying to owners.
Whether this policy should be apply to owners of the Metadata asset. If true, those who are marked as owners of a Metadata Asset, either directly or indirectly via a Group, will have the selected privileges.Can this be restricted to some ownership in particular?
dazzling-microphone-98929
02/23/2023, 12:59 PMPipelineInitError: Failed to configure the source (powerbi): Powerbi authorization failed . Please check your input configuration.
rich-daybreak-77194
03/18/2023, 3:23 AMwonderful-tomato-83083
06/21/2023, 3:50 PMwonderful-tomato-83083
06/21/2023, 3:50 PMlimited-dentist-50437
09/14/2023, 11:21 AMlimited-dentist-50437
09/18/2023, 7:51 AMcurl -X POST '<http://localhost:9002/api/graphql>' \
--header 'X-DataHub-Actor: urn:li:corpuser:datahub' \
--header 'Content-Type: application/json' \
--data-raw '{ "query":"mutation { createAccessToken(input: { type: PERSONAL, actorUrn: \"urn:li:corpuser:datahub\", duration: ONE_HOUR, name: \"dt token\" } ) { accessToken metadata { id name description} } }", "variables":{}}'
The token does not get created.
Via postman, and the response is a 401 Unauthorized.
Which has me wondering, from the PAT guide it is stated that the User must have the Generate Personal Access Tokens or Manage All Access Tokens.
Which is present for the datahub superuser[see screen shot]
But I’m still getting the 401 response.
My ultimate goal is to have a bash script that runs after the datahub is deployed, which generates the PAT to be used by another downstream process.
Is there anything I’m missing here please?
Thanks for the help.bulky-shoe-65107
10/16/2023, 12:16 AM