Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Does org.apache.ranger.authorization.hbase.RangerAuthorizationCoprocessor support {OWNER} policy ?

Does org.apache.ranger.authorization.hbase.RangerAuthorizationCoprocessor support {OWNER} policy ?

New Contributor

I am trying to create a generic policy for access to hbase tables. I want to give all users the ability to create tables TABLE_* but only owners access to read and write from it. For the create i would give {USER} permission and for read write i want to give {OWNER} permission and when the table is created i set the OWNER in the table meta info (METADATA => {'OWNER' => 'rana'}) as specifed in http://hbase.apache.org/0.94/book/hbase.accesscontrol.configuration.html. So far I still get DENIED permission as seen in ranger audit for the scannerOpen action for the same user set as the table owner. Is this not supported?

Don't have an account?
Coming from Hortonworks? Activate your account here