Support Questions
Find answers, ask questions, and share your expertise
Alert: Please see the Cloudera blog for information on the Cloudera Response to CVE-2021-4428

Does org.apache.ranger.authorization.hbase.RangerAuthorizationCoprocessor support {OWNER} policy ?

New Contributor

I am trying to create a generic policy for access to hbase tables. I want to give all users the ability to create tables TABLE_* but only owners access to read and write from it. For the create i would give {USER} permission and for read write i want to give {OWNER} permission and when the table is created i set the OWNER in the table meta info (METADATA => {'OWNER' => 'rana'}) as specifed in So far I still get DENIED permission as seen in ranger audit for the scannerOpen action for the same user set as the table owner. Is this not supported?