A permission management tool for AWS Redshift.
Project description
Redtape
A permission management tool for AWS Redshift, with plans to extend it to other database systems. Inspired by permifrost, and pgbedrock.
Installing
Repo
Clone this repo and install with poetry:
git clone git@github.com:tomasfarias/redtape.git redtape
cd redtape
poetry install
PyPI
Install with pip:
python -m pip install redtape-py
Usage
❯ redtape run --help
Usage: redtape run [OPTIONS] [SPEC_FILE]
Run the queries necessary to apply a specification file.
Arguments:
[SPEC_FILE] A specification or a path to a file containing it.
Options:
--dry / --no-dry Print changes but do not run them.
[default: no-dry]
--skip-validate / --no-skip-validate
Skip specification file validation.
[default: no-skip-validate]
--user TEXT Apply operations only to users named as
provided.
--group TEXT Apply operations only to groups named as
provided.
--operation [CREATE|DROP|DROP_FROM_GROUP|GRANT|REVOKE|ADD_TO_GROUP]
Apply only provided operations.
--dbname TEXT A Redshift database name to connect to.
--host TEXT The host where a Redshift cluster is
located.
--port TEXT The port where a Redshift cluster is
located.
--database-user TEXT A user to connect to Redshift. The user
should have user-management permissions.
--password TEXT The passaword of the given Redshift
username.
--connection-string TEXT A connection string to connect to Redshift.
--quiet / --no-quiet Show no output except of validation errors,
run errors, and queries. [default: no-
quiet]
--help Show this message and exit.
Specification file
A YAML specification file is used to define groups, users, and their corresponding privileges.
Sample:
groups:
- name: group_name
privileges:
table:
select:
- table_name
- ...
insert:
- table_name
- ...
update:
- table_name
- ...
drop:
- table_name
- ...
delete:
- table_name
- ...
references:
- table_name
- ...
database:
create:
- database_name
- ...
temporary:
- database_name
- ...
temp:
- database_name
- ...
schema:
create:
- schema_name
- ...
usage:
- schema_name
- ...
function:
execute:
- function_name
- ...
procedure:
execute:
- function_name
- ...
language:
usage:
- language_name
- ...
users:
- name: group_name
is_superuser: boolean
member_of:
- group_name
- ...
password:
type: str
value: str
privileges:
table:
select:
- table_name
- ...
insert:
- table_name
- ...
update:
- table_name
- ...
drop:
- table_name
- ...
delete:
- table_name
- ...
references:
- table_name
- ...
database:
create:
- database_name
- ...
temporary:
- database_name
- ...
temp:
- database_name
- ...
schema:
create:
- schema_name
- ...
usage:
- schema_name
- ...
function:
execute:
- function_name
- ...
procedure:
execute:
- function_name
- ...
language:
usage:
- language_name
- ...
To do
redtape should be considered in Alpha status: things may break, and test coverage is low. The following tasks are planned for a 1.0.0 release:
- Increase and track test coverage.
- Documentation.
- Support for wildcard (
*) in specification file. - Support for ownership.
- Support for
ASSUMEROLE. - Support for
EXTERNALobjects. - Complete support for
mypystatic type-checking.
License
MIT
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file redtape_py-0.4.2.tar.gz.
File metadata
- Download URL: redtape_py-0.4.2.tar.gz
- Upload date:
- Size: 22.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.8.2 CPython/3.12.1 Linux/6.7.9-arch1-1
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
84c261f79869d8a4af1b9034e782f7120949a0a702c65143f43107437a065345
|
|
| MD5 |
6e6a010cb447f36ef17c7279668843d2
|
|
| BLAKE2b-256 |
b98ba768009fd8f3f7a990a4243d8b2ce0ab279538e39f29daeef8312cd45023
|
File details
Details for the file redtape_py-0.4.2-py3-none-any.whl.
File metadata
- Download URL: redtape_py-0.4.2-py3-none-any.whl
- Upload date:
- Size: 24.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.8.2 CPython/3.12.1 Linux/6.7.9-arch1-1
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
dbfb60caaa26ee5f2c24bdc95fe36dc9624ef7a0789bb2a74442cbc5e5f53911
|
|
| MD5 |
a20745653df528f114ae4a088bdae69c
|
|
| BLAKE2b-256 |
3993763f7cc953cabd9c1775b6b84566d976c163066ece2516c09c501333ea5c
|
