AI Function RBAC¶
Overview¶
AKKO restricts access to AI SQL functions (ai_*()) based on Keycloak roles via OPA policies.
Roles and Permissions¶
| Role | AI Functions | Description |
|---|---|---|
| akko-admin | ALL (including akko_ai_cache_clear, akko_ai_cb_reset) | Full access |
| akko-engineer | 14 functions (sentiment, classify, summarize, translate, entities, anomaly, sql, risk, pii, sensitivity, language, keywords, ask, embed) | Production use |
| akko-analyst | 5 functions (sentiment, classify, summarize, language, keywords) | Analytics only |
| akko-user | 2 functions (pii, sensitivity) | Governance only |
| akko-viewer | NONE | No AI access |
How It Works¶
- User executes
SELECT akko_ai_sentiment('text')in Trino - Trino sends an OPA policy check for operation
ExecuteFunction - OPA evaluates the user's groups (from Keycloak JWT to Trino group mapping)
- OPA allows or denies based on the role-function mapping above
MCP Server Authentication¶
MCP servers support optional JWT authentication via MCP_AUTH_ENABLED=true.
When enabled, requests must include Authorization: Bearer <keycloak-token>.
Configuration¶
AI RBAC is enforced by the OPA policy in helm/akko/charts/akko-opa/.
No additional configuration needed — roles are inherited from Keycloak.