Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Is there a Ranger KMS REST API?

Solved Go to solution

Is there a Ranger KMS REST API?

Hi, the reference Hadoop KMS implementation has a REST API https://hadoop.apache.org/docs/current/hadoop-kms/index.html Is there anything like that for Ranger KMS? Given that Ranger itself has a complete REST API, I would expect the same for KMS, but I don't see any mention in here http://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.3.0/bk_Ranger_KMS_Admin_Guide/content/ch_ranger_...

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Is there a Ranger KMS REST API?

Contributor

All the APIs from Hadoop KMS should work with RangerKMS also. We could a make a note of it in the documentation.

5 REPLIES 5

Re: Is there a Ranger KMS REST API?

Contributor

All the APIs from Hadoop KMS should work with RangerKMS also. We could a make a note of it in the documentation.

Re: Is there a Ranger KMS REST API?

Thanks, Bosco. Definitely, worth mentioning it in the docs. Even simple stuff, e.g. if port and path are the same or different, etc. Ping me offline so we can track this update, please.

Re: Is there a Ranger KMS REST API?

New Contributor

So @Andrew Grande so did it work ? all the rest apis given for hadoop KMS worked for rangerr KMS ?

If yes please give a sample url for creating an encryption key.

Re: Is there a Ranger KMS REST API?

New Contributor

@Don Bosco Durai Can you give an example for creating a encryption key in ranger KMS using rest api ?

Re: Is there a Ranger KMS REST API?

New Contributor

e.g

Create a file with the JSON data to create the key with

tee -a ./body.json << EOF
{ "name" : "test_key_curl", "length" : 128, "material" : "lksvIq3yy9Xxk4EZTfLv6g", "description" : "test_key_curl" }

EOF

Then run the curl command, in my case, my KMS host is hannibal-1.openstacklocal and post is 9292

curl -i --negotiate -u : -H "Content-Type: application/json" -X POST -d @body.json http://hannibal-1.openstacklocal:9292/kms/v1/keys

NOTE: You would need ticket for keyadmin before you can run the curl command

Thanks,

Pulkit