In a shared environment, is there a way to prevent users from killing/rebalancing/etc each other's topologies? If a topology is configured to run as the user who starts it, are other users able to see it? stop it?
Asked more broadly: What are some best practices for setting up Storm permissions/ACLs in a shared environment?
These HCC links may help if you have not seen them
And this thread has some info that may help through the links
Use Apache Ranger to setup policies for Storm topologies. Here is a great GitHub link by @Ali Bajwa on how to configure the Storm plugin for Ranger:
I think @Eric Brosch's question is around multi-tenancy... I found the following link, but none of the answers really get to the details of running topologies in an enterprise multi-tenant environment:
The primary recommendations seem to be that one must 1. have a secure cluster and 2. set supervisor.worker.run.as.user to true.
In the docs I've seen, it's not clear whether there's a good way to have groups of users where they can manage topologies within the group, but not mess with topologies belonging to another group.