Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Ranger Add Policies via REST API

Highlighted

Ranger Add Policies via REST API

Explorer

I am trying to create some HDFS policies using Ranger REST API using the below command, i keep getting an error that READ is not a valid access type. any clue what might be the problem?

{"statusCode":1,"msgDesc":"Read: is not a valid access-type. policy='Test' service='hadoop_cluster'"}

curl -iv -u admin:admin -H "Content-Type: application/json" -X POST http://RANGER_HOST:6080/service/public/api/policy/ -d '{ "policyName": "Test", "resourceName": "/tmp", "description": "Testing", "repositoryName": "hadoop_cluster", "repositoryType": "hdfs", "isEnabled": "true", "isRecursive": "true", "isAuditEnabled": "true", "permMapList": [{ "groupList": ["admins"], "permList": ["Read","Execute", "Write", "Admin"] }] } '

3 REPLIES 3
Highlighted

Re: Ranger Add Policies via REST API

Can you create policies for this repository through the Ranger UI?

What HDP and Ranger version is this?

I just tried you command in my sandbox and it worked (only changed the repository name and ranger host)

curl -iv -u admin:admin -H "Content-Type: application/json" -X POST http://sandbox.hortonworks.com:6080/service/public/api/policy/ -d '{ "policyName": "Test", "resourceName": "/tmp", "description": "Testing", "repositoryName": "Sandbox_hadoop", "repositoryType": "hdfs", "isEnabled": "true", "isRecursive": "true", "isAuditEnabled": "true", "permMapList": [{ "groupList": ["public"], "permList": ["Read","Execute", "Write", "Admin"] }] }'

Response:

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: application/json
Transfer-Encoding: chunked
Date: Thu, 17 Mar 2016 07:07:35 GMT
Highlighted

Re: Ranger Add Policies via REST API

Mentor

@Wael Emam please accept the best answer or provide your solution

Re: Ranger Add Policies via REST API

Explorer

I am running Ranger 0.5. Apparently, in this verision Permlist values are supposed to be all lower case "read, write, execute"

Don't have an account?
Coming from Hortonworks? Activate your account here