how might i enforce that every task execution alwa...
# flyte-supportm
miniature-postman-38835
09/30/2022, 5:59 PMhow might i enforce that every task execution always first runs some arbitrary setup script?
miniature-postman-38835
09/30/2022, 6:00 PMdo the
pyflyte-executepyflyte-fast-executeminiature-postman-38835
09/30/2022, 6:05 PMotherwise, would it be too deviating to replace the use of these
pyflytet
thankful-minister-83577
09/30/2022, 6:06 PM
hi
thankful-minister-83577
09/30/2022, 6:07 PM
can you describe your goals here?
thankful-minister-83577
09/30/2022, 6:07 PM
i know it’s auth related, but i’m still not clear on exactly how it fits into the system
m
miniature-postman-38835
10/03/2022, 6:23 PMtwo use cases related to authz:
1. we want our flyte users to be able to use boto3 for accessing s3, but we need to globally patch boto3 to first fetch a signed s3 request from our internal s3-authorization service, before making the request to AWS s3. this signing needs to take place immediately before making the request to s3.
2. our users submit spark apps to our hadoop clusters. before doing that, we want to globally “exchange” the kube JWT for an internal cert, which is validated by our hadoop interface.
in both cases, we cannot expect our users to import some python package in their workflow/task code. it’s also not secure.
159 Views