THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
- Guardrail: Interface defining a guardrail that guards against a particular usage/condition.
- DefaultGuardrail: Abstract class implementing Guardrail. It implements the default behaviour when the guardrail is triggered consisting on throwing warnings or errors.
- GuardrailsFactory: Interface defining a factory for building instances of Guardrail.
- DefaultGuardrailsFactory: Class implementing GuardrailsFactory, it builds instances of DefaultGuardrail.
- CustomGuardrailsFactory: Abstract class instantiating a custom GuardrailsFactory, so users can provide their own implementations of guardrails through a system property named
cassandra.custom_guardrails_factory_class. - GuardrailsConfig: Configuration settings for Guardrails, which are populated from
cassandra.yaml. This contains a main settingenabled, controlling if Guardrails are globally active or not, and individual settings to control each Guardrail. - cassandra.yaml: allows configuring individual Guardrails, being globally disabled by default.
- Guardrails: Entry point for guardrails, storing all the defined guardrail instances and additional helper methods. These Guardrail instances are built at startup with the provided GuardrailsFactory and GuardrailsConfig.
...
Guardrails allow C* operators to impose system-wide restrictions that are configured through yaml. Capability restrictions are focused on imposing restrictions on particular users and offer a new CQL API to do so. Both concepts are not mutually exclusive and are complementary.
...
Event logging
In their initial form, Guardrails would issue warnings/failures to the server log file, and also to the client connection when applicable. It would make sense to also emit such events as Diagnostic Events to help troubleshooting these issues. Emitting diagnostic events is an idea for the future and it is not part of this CEP.
Test Plan
- unit and integration tests for every single guardail guardrail will be added (handling erroneous input, proper notification of warnings/failures, guardrail boundary settings, no warnings/failures when disabled, ...)
...