Solved

Groups with id-scoped timeseriesAcl

3 months ago
November 25, 2024
5 replies
46 views

Kristian Nymoen
MVP
37 replies

Hi.

I would like to set up a time series scoped iam group - that is scoped with read access to specific time series.

For other resources (e.g. data sets), the scope can be set with reference to the external id. But for time series, it fails unless the internal id is used. Is external-id referencing of time series IDs for timeseriesAcl on the roadmap?

capabilities:
  - timeSeriesAcl:
      actions:
        - READ
      scope:
        idScope:
          ids:
            - my.external.id


*******



ValueError: invalid literal for int() with base 10: 'my.external.id'

Best answer by Glen Sykes

Hi Kristian,

Our future direction for the product with regard to this (and other capabilities) is to leverage our data modelling backend. As you might be aware, we recently announced the availability of Time Series as a native type in our Core Data Model concept.

As we move forward, enhancements to our access controls will be based on this architecture, with approaches such as nested spaces, and attribute based access control both under consideration. Our expected timeline for availability for these enhanced access control methods is currently H2 2025.

In light of this, we are not planning to implement any enhanced forms of access control on the ‘classic’ methods we currently have.

To take advantage of these enhanced access control capabilities will require a migration to the new time series type.

We are active in planning low friction migration pathways for existing CDF customers to be able to take advantage of the new architecture and expect to see updates from us in the future on that part.

I hope that sounds reasonable, and we would be happy to take your feedback.

Kind Regards, Glen

View original

Did this topic help you find an answer to your question?

Mithila Jayalath
Seasoned Practitioner
369 replies
3 months ago
November 25, 2024

@Kristian Nymoen I’ll check on this with the engineering team and get back to you with an update.

Glen Sykes
Seasoned Practitioner
123 replies
Answer
3 months ago
November 26, 2024

Glen | Cognite Product Management

Anders Albert
Seasoned Practitioner
96 replies
3 months ago
November 27, 2024

@Kristian Nymoen

The timeseries scope is case sensetive, so `idScope` should be `idscope`

```yaml
capabilities:

- timeSeriesAcl:

    actions: - READ

 scope: idscope:

    ids:

      - my.external.id
```

Kristian Nymoen
Author
MVP
37 replies
3 months ago
December 2, 2024

Thanks both @Anders Albert and @Glen Sykes.

Then I know the plans in the long run, and the lowercase idscope solved my problem in the short run. (idScope with capital S has worked for me when setting datasetsAcl - but I see that the docs use a lowercase)

Glen Sykes
Seasoned Practitioner
123 replies
3 months ago
December 2, 2024

Excellent, I’m glad you’re able to proceed in the interim with @Anders Albert’s advice, and thanks for your patience!

Glen | Cognite Product Management

Reply

Cookie Policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

Cookie settings

We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.

Basic
Functional

Normal
Functional + analytics

Complete
Functional + analytics + social media + embedded videos

Reply

Related topics

Cognite Charts - flag the far-off datapointsicon

Product Release Spotlight - June 2024 Release

Product Release Spotlight - March 2024 Release │ Cognite Data Fusion

Charts: "Status Flag Filter" function improvements

Product Release Spotlight - January 2024 Release │ Cognite Data Fusion

Sign up

Log in to the community

Scanning file for viruses.

This file cannot be downloaded

Cookie Policy

Cookie settings