SQL-based ingestion security

• SELECT from a Druid datasource requires the READ DATASOURCE permission on that datasource.
• EXTERN requires READ permission on a resource named “EXTERNAL” with type “EXTERNAL”. Users without the correct permission encounter a 403 error when trying to run queries that include EXTERN.

• SELECT queries: Users must have read permissions on the datasource, which is a stub datasource that gets created.