Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Please see the Cloudera blog for information on the Cloudera Response to CVE-2021-4428

Does org.apache.ranger.authorization.hbase.RangerAuthorizationCoprocessor support {OWNER} policy ?

New Contributor

I am trying to create a generic policy for access to hbase tables. I want to give all users the ability to create tables TABLE_* but only owners access to read and write from it. For the create i would give {USER} permission and for read write i want to give {OWNER} permission and when the table is created i set the OWNER in the table meta info (METADATA => {'OWNER' => 'rana'}) as specifed in http://hbase.apache.org/0.94/book/hbase.accesscontrol.configuration.html. So far I still get DENIED permission as seen in ranger audit for the scannerOpen action for the same user set as the table owner. Is this not supported?

0 REPLIES 0