ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Atlas policies to filter access
Date Mon, 12 Mar 2018 18:16:30 GMT
Hi all,

I'm using the Ranger plugin to secure access to Atlas. How can I create a
policy in Ranger to allow a user access to a subset of the entities? So for
example, I want to allow "alice" to "read" all entities that have a given
type. I created an authorization policy of "type" "Table", but I get the
following error:

curl -u alice:password "http://localhost:21000/api/atlas/entities?type=Table
"
<title>Error 403 {&quot;AuthorizationError&quot;:&quot;You are not
authorized for READ on [ENTITY] : *&quot;}</title>

How can I allow authorization for a subset of the entities? I guess I need
an authorization policy for "Entity" but it's not clear what values apart
from "*" are supported here?

Colm.


-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message