...
Step 1 : Click on the Add New Policy button on listing page.
Step 2 : Add policy form
- TABLE :-
...
Label | Description |
Policy name | Enter an appropriate policy name. This name can not be duplicated across the system.This field is mandatory. |
Hive database | Select the appropriate database. Multiple databases can be selected for a particular policy. This field is mandatory. |
UDF | We can also set policies for UDF.User Defined Function.Enter an appropriate udf. |
Audit Logging | Choose whether the particular policy will be audited or not. |
Group permissions | From a user group list, pick a particular group and choose permissions for that group. Choosing admin permission will designate the group as admin for chosen resource |
User Permissions | From a user list, pick a particular group and choose permissions for that group. Choosing admin permission will designate the user as admin for the chosen resource |
Include/exclude | The include flag means it will consider the values entered in the field.The default value is set as include.The exclude Flag will exclude all the table names or column names entered in that particular field. |
Enable/disable | By default the policy is enabled.You can disable a policy to restrict user/group access for that policy.
|
Note |
---|
Wildcards: Wildcards can be included in resource path.’*’ indicates zero or more occurs of characters.’?‘ indicates single character.You can use wildcards in the database name ,table name ,column name.for e.g database name as *,table name as ? and column name as ?. In case of UDF we can use for e.g. database name as *,UDF as ?. |
...
Permission | Description |
Select | Allows users to perform a select operation |
Update | Allows users to perform an update operation |
Create | Allows users to perform a Create operation |
Drop | Allows users to perform a Drop operation |
Alter | Allows users to perform a Alter operation |
Index | Allows users to perform an indexing operation |
Lock | Allows users to perform an indexing operation |
All | Allows users to perform all operations |
Note |
---|
GRANT: Hive GRANT is a command used to provide access or privileges on Hive database tables to the users. |
Code Block |
---|
Syntax: grant <permissions> on table <table> to user <user or group>; i.e : grant select on table default.newtable to user mark; |
...
Label | Description |
Policy Name | Enter an appropriate policy name. This name is cannot be duplicated across the system.This field is mandatory. |
Hbase Table | Select the appropriate database. Multiple tables can be selected for a particular policy. This field is mandatory |
Hbase column-family | For the selected table, select column families for the which the policy will be applicable |
Hbase column | For the selected table and CF, select columns for the which the policy will be applicable |
Audit Logging | Choose whether the particular policy will be audited or not. |
Group permission | From a user group list, pick a particular group and choose permissions for that group. Choosing admin permission will designate the group as admin for chosen resource |
User Permission | From a user list, pick a particular group and choose permissions for that group. Choosing admin permission will designate the user as admin for the chosen resource |
Enable/Disable | By default the policy is enabled.You can disable a policy to restrict user/group access for that policy. |
Note |
---|
Wildcards: Wildcards can be included in resource path.’*’ indicates zero or more occurs of characters.’?‘ indicates single character.You can use wildcards in the table name ,column name ,column families.for e.g table name as *, column family as ? and column name as ?. |
...
Permission | Description |
Read | Allows user to perform a read operation |
Write | Allows user to perform a write operation |
Create | Allows user to perform a create operation |
Admin | This gives the delegated admin access to user |
Note |
---|
GRANT: HBase GRANT is a command used to provide access or privileges on Hbase database tables to the users. |
Code Block |
---|
Syntax: grant '<user-or-group>','<permissions>','<table>' i.e : grant 'mark’' , 'RW' , 'testtable2' |
Note |
---|
This will create a policy and give read and write access to user1 on testtable2 .Similarly we can grant create and admin writes |
...
Label | Description |
Policy name | Enter an appropriate policy name. This name is cannot be duplicated across the system. |
Knox topology | Enter an appropriate Topology Name |
Knox service | Enter an appropriate Service Name |
Audit Logging | Choose whether the particular policy will be audited or not. |
User permissions | From a user list, pick a particular group and choose permissions for that group. Choosing admin permission will designate the user as admin for the chosen resource |
Group permissions | From a user group list, pick a particular group and choose permissions for that group. Choosing admin permission will designate the group as admin for chosen resource |
Enable/disable | By default the policy is enabled.You can disable a policy to restrict user/group access for that policy. |
Include/Exclude | The include flag means it will consider the values entered in the field.The default value is set as include.The exclude Flag will exclude all the table names or column names entered in that particular field. |
Note |
---|
Wildcards: Wildcards can be included in resource path.’*’ indicates zero or more occurs of characters.’?‘ indicates single character.You can use wildcards in the topology name,service name.for e.g topology name as *, service name as ?. |
Permission | Description |
IP Address Range | Specify ip address range |
Allow | Allow permission allows users to access topology that is specified in topology name |
...
Step 1 : Click on the Add New Policy button on listing page
Step 2 : Add YARN Policy
Label | Description |
Policy Name | Enter an appropriate policy name. This name is cannot be duplicated across the system. |
Queue | The fundamental unit of scheduling in yarn |
Audit Logging | Choose whether the particular policy will be audited or not. |
Enable/disable | By default the policy is enabled.You can disable a policy to restrict user/group access for that policy. |
Recursive | You can indicate whether all files or folders within the existing folder comes under the policy.Can be used instead of wildcard characters |
User Permission | From a user list, pick a particular group and choose permissions for that group. Choosing admin permission will designate the user as admin for the chosen resource |
Group Permission | From a user group list, pick a particular group and choose permissions for that group. Choosing admin permission will designate the group as admin for chosen resource |
Note |
---|
Wildcards: Wildcards can be included in resource path.’*’ indicates zero or more occurs of characters.’?‘ indicates single character.You can use wildcards in the topology name.for e.g topology name as ?. |
...
Step 1 : Click on the Add New Policy button on listing page
Step 2 : Add SOLR policy
Label | Description |
Policy Name | Enter an appropriate policy name. This name is cannot be duplicated across the system |
Solr connection | http:<host_ip>:6083/solr |
Audit logging | Choose whether the particular policy will be audited or not. |
Group permission | From a user group list, pick a particular group and choose permissions for that group. Choosing admin permission will designate the group as admin for chosen resource |
User Permission | From a user list, pick a particular group and choose permissions for that group. Choosing admin permission will designate the user as admin for the chosen resource |
Enabled/disabled | By default the policy is enabled.You can disable a policy to restrict user/group access for that policy. |
Include/Exclude | The include flag means it will consider the values entered in the field.The default value is set as include.The exclude Flag will exclude all the table names or column names entered in that particular field. |
Permission | Description |
Querry | Permission to fetch records from Solr DB. |
Update | Permission to update records in Solr |
Others | |
Solr Admin | Permission to manage user accounts and |
Edit / Delete SOLR Policies
...
Step 1 : Click on the Add New Policy button on listing page
Step 2 : Add KAFKA Policy
Label | Description |
Policy name | Enter an appropriate policy name. This name is cannot be duplicated across the system |
Topic | A topic is a category or feed name to which messages are published. |
Audit logging | Choose whether the particular policy will be audited or not. |
User permission | From a user list, pick a particular group and choose permissions for that group. Choosing admin permission will designate the user as admin for the chosen resource |
Group permission | From a user group list, pick a particular group and choose permissions for that group. Choosing admin permission will designate the group as admin for chosen resource |
Enable/Disable | By default the policy is enabled.You can disable a policy to restrict user/group access for that policy. |
Include/Exclude | The include flag means it will consider the values entered in the field.The default value is set as include.The exclude Flag will exclude all the table names or column names entered in that particular file |
Note |
---|
Wildcards: Wildcards can be included in resource path.’*’ indicates zero or more occurs of characters.’?‘ indicates single character.You can use wildcards in the topology name.for e.g topology name as ?. |
...
Step 2 : Enter the details and save.
Label | Description |
Group Name | Enter an appropriate user name. This name cannot be duplicated across the system.This is a mandatory field. |
Description | Give any description for reference. |
...
This module logs the information related to the sessions for each login.You can filter the data based on
Search Criteria | Description |
End Date,Start Date | Login time and date is stored for each session.A date range is used to filter the results for that particular date range |
Ip | The IP of the system through which we log in |
Login id | The user name through which you login to the system |
Login Type | The mode through which the user tries to login.(By entering username and password) |
Result | Result based on login pass or fail |
Session id | The session count increments each time you try to login to the system |
User Agent | Login time and date is stored for each session |
...