THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
Table of Contents
Summary
This document details how to use properly Apache Ranger in order to secure a cluster.
These instructions are for using Ranger on CentOS/RHEL (release 6).
...
- Enter Policy Name : a unique name for this policy. The name cannot be duplicated anywhere in the system
- Resource Path : the resource path for the policy folder/file. To avoid the need to supply the full path OR to enable the policy for all subfolders or files, you can either complete this path using wild cards (for example, /home*) or specify that the policy should be Recursive (see below)
- Description : (Optional) the purpose of the policy
- Recursive : select if all files or subfolders within the existing folder will be included in this policy. (Use this option if you have specified a specific Resource Path to the top level folder, but want all subfolders or files to be included)
- Audit Logging : whether this policy is audited by Ranger (de-select to disable auditing)
- Group Permissions : use the pick list to assign group permissions appropriate to this policy. If desired, assign the group Administration privileges for the chosen resource. To add users or groups to the list, click the + button (for further information, see Users)
- User Permissions : use the pick list to assign individual user permissions appropriate to this policy. If desired, designate on or more users as Administrators for the chosen resource
- Enable/Disable : policies are enabled by default. To restrict user/groupe access for a policy, disable the policy
Then, if you enabled both Knox and Kerberos to secure your cluster, it should work this way :
