Red Hat SummitChapter 5. Feature Store integration with workbenches
The integration of Feature Store with Red Hat workbenches resolves the competing demands of agility and security. This capability removes the friction of manual configuration and script copying, accelerating workflows and enabling seamless feature management directly within Jupyter notebooks. A governance framework ensures efficiency, scalable, role-based access control (RBAC), and secure authentication. This safeguards sensitive data and mitigates vulnerabilities enterprise-wide.
5.1. Connecting a workbench to a Feature Store
You can connect your workbench to a Feature Store instance to avoid manual configuration and immediately access features for your models.
Prerequisites
- You have logged in to the Red Hat dashboard.
- You have the necessary system permissions to view the specific Feature Store instances you intend to connect.
- A Feature Store instance is deployed and available in your OpenShift cluster.
You can avoid manual scripting by selecting a preconfigured Feature Store during the workbench provisioning process.
Procedure
- Log in to the Red Hat Red Hat dashboard, and click Data Science Projects.
- Click the name of the project that contains the workbench you want to configure.
Perform one of the following actions:
- Create a new workbench: In the workbenches section, click Create workbench.
- Edit an existing workbench: In the workbenches section, click the More options icon (⋮) beside the workbench name and click Edit workbench.
- Scroll to the Feature Store Configuration section.
- Select one or more available Feature Store instances from the Select Feature Store list.
The Select Feature Store list displays only the Feature Store instances that your user account is authorized to access.
- Click Create workbench or Update workbench. The workbench starts with the Feature Store configuration files automatically mounted, enabling you to efficiently integrate features into your notebooks.
Verification
Verify the success of the procedure by creating a Python object that uses the Feature Store client configuration. Copy and paste the following code:
fs_banking = FeatureStore(fs_yaml_file=’ /opt/app-root/config/feast_configs/fs_banking.yaml’) fs_banking.list_feature_views() fs_banking.get_historical_features(. . . . .) fs_banking.get_online_features(. . . . .)
fs_banking = FeatureStore(fs_yaml_file=’ /opt/app-root/config/feast_configs/fs_banking.yaml’)
fs_banking.list_feature_views()
fs_banking.get_historical_features(. . . . .)
fs_banking.get_online_features(. . . . .)Additional resources
5.2. Verifying access control to your Feature Store instances
You must ensure that access to Feature Stores is restricted based on defined roles and permissions.
To maintain regulatory compliance and safeguard sensitive data, the system uses role-based access control (RBAC) to determine which Feature Stores are visible to specific users. This mechanism mitigates potential vulnerabilities by preventing unauthorized users from discovering or selecting restricted Feature Stores.
Prerequisites
- You must be logged into the Red Hat dashboard.
-
You must have the
feast-configs-registryConfigMap present in your infrastructure namespace (e.g., opendatahub or redhat-ods-applications).
Procedure
- Define the specific user groups, namespaces or data science projects, requiring access to a Feature Store instance in your Data science projects permissions tab.
- Assign the appropriate RBAC permissions to user groups or data science projects in the Feature Store configuration maps.
Verification
Verify the configuration by logging in as a user with restricted permissions to a specific feature store:
- Attempt to create a workbench.
- Confirm that the Select Feature Store list displays only the instances the user is authorized to access.
- You can also log in as a user with no permissions and confirm that no Feature Stores are selectable.
Your data access is now protected, ensuring that different personas access only the features appropriate for their role.
Additional resources
For more information about RBAC, see the following: Setting Up Kubernetes RBAC for Feast
The RBAC document displays all policies available in the Feast upstream. However, Red Hat supports Group and Namespace/Data_Science_Project based authorization policies only. Role-based policies are NOT supported.
5.3. Feature Store configuration reference
Understand how the system mounts configuration files to enable you to create and use features in your code.
| Configuration element | Description |
|---|---|
| Configuration path |
The system mounts the necessary Feature Store client configuration files to the following Feast configuration file: |
| Python instantiation |
Initialize Feature Store with the path to the mounted configuration file: |
| Troubleshooting access |
If you cannot view a specific Feature Store in the workbench dropdown menu, an administrator must verify a couple items for you. They need to verify that you have the correct role-based access control (RBAC) based on your |
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}