-
Notifications
You must be signed in to change notification settings - Fork 3.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bulkio: lock down RESTORE/IMPORT/BACKUP on sql tenants #47913
Comments
From the sounds of this, BACKUP should also be locked down, correct? It doesn't pull in data from the outside world, but it does open a connection to the outside world. It also currently uses protected timestamps. |
Yes, that sounds right. Note that protected timestamps are optional in backup (ie we could skip them) but letting tenants take backups of their logical data is definitely out of scope, so we should lock it down too. |
This has been addressed, and moreover we're going to allow tenants to run these bulk i/o operations. |
SQL tenants must not use RESTORE/IMPORT. This is because it won't work (without extra engineering work not slated for phase 2) but also because we can't have SQL tenants make arbitrary connections to the outside world.
Additionally, IMPORT INTO uses protected timestamps which won't be available.
All import/restore related functionality ought to be disabled for SQL tenant servers.
Should wait for #47903 to close.
Jira issue: CRDB-4377
The text was updated successfully, but these errors were encountered: