https://dagster.io/ logo
#ask-community
Title
# ask-community
m

Mohit.ASingh

10/22/2021, 6:46 AM
Hey everyone... is they any way to define an
access control
on dagit ui?
dagster bot resolve to issue 1
v

Viktor Voronin

10/22/2021, 9:55 AM
No but watch this issue for updates https://github.com/dagster-io/dagster/issues/2219.
Recommended way as of now is to put a proxy with OAuth in front of Dagit.
m

Mohit.ASingh

10/22/2021, 10:10 AM
thanks can you share any doc if have.
v

Viktor Voronin

10/22/2021, 10:14 AM
The exact implementation of the setup is contextual and varies a lot.
Here is a proxy, for example. https://github.com/oauth2-proxy/oauth2-proxy

https://cloud.githubusercontent.com/assets/45028/8027702/bd040b7a-0d6a-11e5-85b9-f8d953d04f39.png

How one implements the arrows depends on the deployment and IaaS.
m

Mohit.ASingh

10/22/2021, 10:15 AM
Sure thanks @Viktor Voronin i will check..
👊 1
j

johann

10/22/2021, 2:25 PM
Also note https://github.com/dagster-io/dagster/issues/2219#issuecomment-870784871 A lot of cases can be handled by having two dagits deployed, protected by an auth proxy like described above
m

Mohit.ASingh

10/22/2021, 2:32 PM
@johann if i am not wrong what you are saying is spin up one more instance of dagit with
enableReadOnly: true
then secure it with auth proxy
j

johann

10/22/2021, 2:34 PM
You would have one dagit (or set of replicas) with --read-only, and one set without. Then you use separate proxies to control who has access to either
m

Mohit.ASingh

10/22/2021, 2:39 PM
got it 👍
19 Views