Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Apache Atlas: AD integration authorization

Highlighted

Apache Atlas: AD integration authorization

New Contributor

I am doing Active Directory integration with Apache Atlas(opensource version) and the users are now able to login to the Atlas UI with AD credentials. Now I want to implement authorization for these users. 

- When the users login - they need to be assigned a Role in Atlas based on their AD Global Group Membership. For eg. If the user is part of atlas-admin AD group - I need to assign these user an ADMIN role in Atlas. 

How can this be implemented using Atlas Simple Authorizer mentioned here- https://atlas.apache.org/#/AtlasSimpleAuthorizer

I can hardcode the username in policy to achieve this, but I need this to be done dynamically for all users in a particular AD group

 

{ "roles": { ... }, "userRoles": { "ad_user_1": [ "ROLE_ADMIN" ] }, "groupRoles": { ... }}

 

Or is there another way to do this ?

 

 

Don't have an account?
Coming from Hortonworks? Activate your account here