Project based authorization

Notes:

  1. Project based authorization is currently experimental.

  2. This feature requires PostgreSQL to be installed, and OPA authorization to be enabled.

Setup

  1. Make sure Open Policy Agent authorization is enabled as per the installation guide.

  2. Set the policies in the seldon-deploy-policy config map as shown here:

cat <<EOF | kubectl apply -n seldon-system -f -
apiVersion: v1
kind: ConfigMap
metadata:
  name: seldon-deploy-policies
data:
  data: '{
  "role_grants": {
    "data-scientist": [
      {
        "resource": "project/iris",
        "action": "read"
      }
    ]
  },
  "user_grants": {
    "*": [
      {
        "resource": "namespace/seldon",
        "action": "read"
      },
      {
        "resource": "namespace/seldon",
        "action": "write"
      },
      {
        "resource": "project/default",
        "action": "read"
      },
      {
        "resource": "project/default",
        "action": "write"
      }
    ],
    "alice": [
      {
        "resource": "project/income",
        "action": "write"
      },
      {
        "resource": "project/income",
        "action": "read"
      },
      {
        "resource": "project/iris",
        "action": "read"
      },
      {
        "resource": "project/iris",
        "action": "write"
      }
    ]
  }
}'
EOF

Note how all users (*) will have access to the seldon namespace and default project. Seldon Deploy should automatically pick up the changes in the config map after a few seconds, but if you want to reload it immediately you can restart the Seldon Deploy pod.

  1. Create two users. If using the default installation with Keycloak you can create a user as described in the official documentation and you can assign them to a group as described there as well. Note you might have to create the data-scientist group first. The two users must be:

    1. alice with no groups associated with her. According to the policies above, she will have read/write access to 3 projects - default, iris, and income.

    2. bob in the data-scientist group. According to the policies above, he will have read/write access only to the default project, and read only access to the iris project.

Confirm policies are working

  1. Login as alice.

    alice_login

  2. Go to the Model Catalog page and create the following models:

    1. URI: gs://seldon-models/sklearn/iris, Project: default, Artifact Type: SciKit Learn

    2. URI: gs://seldon-models/sklearn/iris, Project: iris, Artifact Type: SciKit Learn

    3. URI: gs://seldon-models/sklearn/income/model-0.23.2, Project: income, Artifact Type: SciKit Learn

    create_models

  3. Create a deployment from each of these models using the Deploy functionality from the Model Catalog. Confirm all three deployments are shown in the Deployments tab.

    create_deployments

  4. Logout from the alice profile and login as bob.

    bob_login

  5. Confirm you only see the default and iris deployments, but not the income deployment.

    bob_deployments

  6. Confirm you only see the default and iris models, but not the income one.

    bob_models

  7. Confirm that you cannot delete or modify the iris model since bob has only read permissions on the iris project.

    bob_write_fail