hive-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sam An (JIRA)" <>
Subject [jira] [Updated] (HIVE-21833) Ranger Authorization in Hive based on object ownership
Date Thu, 13 Jun 2019 05:27:00 GMT


Sam An updated HIVE-21833:
    Attachment: HIVE-21833.9.patch
        Status: Patch Available  (was: Open)

> Ranger Authorization in Hive based on object ownership
> ------------------------------------------------------
>                 Key: HIVE-21833
>                 URL:
>             Project: Hive
>          Issue Type: New Feature
>          Components: HiveServer2
>            Reporter: Sam An
>            Assignee: Sam An
>            Priority: Major
>         Attachments: HIVE-21833.1.patch, HIVE-21833.2.patch, HIVE-21833.6.patch, HIVE-21833.7.patch,
HIVE-21833.8.patch, HIVE-21833.9.patch
> Background: Currently Hive Authorizer for Ranger does not provide owner information for
Hive objects as part of AuthZ calls. This has resulted in gaps with respect to Sentry AuthZ
and customers/partners cannot leverage privileges for owners in their authorization model.
> User Story: As an enterprise security admin, I need to be able to set privileges based
on Hive object ownership for setting up access controls in Ranger so that I can provide appropriate
protections and permissions for my enterprise users.
> Acceptance criteria:
> 1) Owner information is available in Hive -Ranger AuthZ calls 
> 2) Ranger admin users can use owner information to set policies based on object ownership
in Ranger UI and APIs
> 3) OWNER Macro based policies continue to work for Hive objects

This message was sent by Atlassian JIRA

View raw message