Sentry currently integrates with Apache Hive, Apache Sqoop, Apache Solr, HDFS and Cloudera Impala. Sentry is pluggable and it is fairly simple to delegate Sentry your authorization and policy management needs. In this document we talk about the main modules required for integration, code organization and examples to get you started.
Main modules:
Binding: Authorization checks happen here
Model: Define what are the objects in your system that you want to control access and define the granularity
Policy engine: Define how you want to evaluate policies. For example: Wildcards?
E2E tests
Example:
Sqoop integration: https://issues.apache.org/jira/browse/SENTRY-612
Code organization:
Repo: https://github.com/apache/incubator-sentry
Binding code: https://github.com/apache/incubator-sentry/tree/master/sentry-binding
Model: https://github.com/apache/incubator-sentry/tree/master/sentry-core
Policy engine: https://github.com/apache/incubator-sentry/tree/master/sentry-policy
E2E tests: https://github.com/apache/incubator-sentry/tree/master/sentry-tests
Some notes on places where there is a divergence:
Impala binding lives in Impala's code base.