Support Questions
Find answers, ask questions, and share your expertise
Announcements
Check out our newest addition to the community, the Cloudera Innovation Accelerator group hub.

Is there a Ranger KMS REST API?

Hi, the reference Hadoop KMS implementation has a REST API https://hadoop.apache.org/docs/current/hadoop-kms/index.html Is there anything like that for Ranger KMS? Given that Ranger itself has a complete REST API, I would expect the same for KMS, but I don't see any mention in here http://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.3.0/bk_Ranger_KMS_Admin_Guide/content/ch_ranger_...

1 ACCEPTED SOLUTION

Contributor

All the APIs from Hadoop KMS should work with RangerKMS also. We could a make a note of it in the documentation.

View solution in original post

5 REPLIES 5

Contributor

All the APIs from Hadoop KMS should work with RangerKMS also. We could a make a note of it in the documentation.

Thanks, Bosco. Definitely, worth mentioning it in the docs. Even simple stuff, e.g. if port and path are the same or different, etc. Ping me offline so we can track this update, please.

So @Andrew Grande so did it work ? all the rest apis given for hadoop KMS worked for rangerr KMS ?

If yes please give a sample url for creating an encryption key.

@Don Bosco Durai Can you give an example for creating a encryption key in ranger KMS using rest api ?

Explorer

e.g

Create a file with the JSON data to create the key with

tee -a ./body.json << EOF
{ "name" : "test_key_curl", "length" : 128, "material" : "lksvIq3yy9Xxk4EZTfLv6g", "description" : "test_key_curl" }

EOF

Then run the curl command, in my case, my KMS host is hannibal-1.openstacklocal and post is 9292

curl -i --negotiate -u : -H "Content-Type: application/json" -X POST -d @body.json http://hannibal-1.openstacklocal:9292/kms/v1/keys

NOTE: You would need ticket for keyadmin before you can run the curl command

Thanks,

Pulkit