But something is still unclear for me. With the combination of Ranger, would it be possible to define the 2 following roles?
One role for data-analysts, agile, less governed, less secured. And another one for business-analysts, highly governed, highly secured.
These 2 roles should have different authorizations, data analysts could probably see all the data sets from Hadoop whereas business analysts could not.
But before that, I have another naive question, could we explore the Hadoop data sets from its REST API? I mean, Knox adds security (authentication) in front of Hadoop REST APIs but could we do data exploration (browsing the data-sets) from the REST API (otherwise, ask data analysts to use Knox is pointless)?