| CPC H04L 41/0813 (2013.01) [G06F 9/3867 (2013.01); G06F 16/2457 (2019.01); G06F 16/254 (2019.01); G06N 7/01 (2023.01); H04L 63/104 (2013.01); H04L 67/1097 (2013.01)] | 20 Claims |
|
1. A computer-implemented method for managing access control of a data pipeline having data pipeline units deployed on a cloud platform, the method comprising:
receiving a specification of the data pipeline;
generating instructions from the specification for configuring the data pipeline units at the cloud platform;
creating a connection with the cloud platform;
for each of the data pipeline units:
creating a runtime system account on the cloud platform having access to at least a storage unit of the data pipeline unit;
provisioning computing infrastructure on the cloud platform for the data pipeline unit;
creating a group of runtime system accounts including the runtime system account created for the data pipeline unit and each runtime system account created for a data pipeline unit receiving as input, data output by the data pipeline unit; and
granting read access to the output data of the data pipeline unit to each runtime system account in the group of runtime system accounts;
executing the data pipeline;
receiving a modified specification of a respective data pipeline unit of the data pipeline, wherein the respective data pipeline unit provides input to a first set of data pipeline units and is associated with a first group of system accounts having read access to output ports of the respective data pipeline unit;
reconfiguring the respective data pipeline unit to conform to the modified specification including by providing input to a second set of data pipeline units; and
modifying the group of system accounts having read access to the output ports of the respective data pipeline unit according to a difference between the second set of data pipeline units and the first set of data pipeline units.
|