Created 10-27-2023 05:28 AM
Hello,
I created several Ranger Hive policies via APi or GUI, but some of them throw error "Another policy already exists" during UPDATE policy via API or GUI too.
I am able to drop and create policy, but update should work too.
Have you any idea, what is the problem?
Best regards
Kamiled
Created 10-27-2023 08:54 AM
@kamiled Welcome to the Cloudera Community!
To help you get the best possible solution, I have tagged our Ranger experts @niparmar @vamsi_redd who may be able to assist you further.
Please keep us updated on your post, and we hope you find a satisfactory solution to your query.
Regards,
Diana Torres,Created 10-29-2023 08:37 PM
Hello Kamiled,
May I know how are you updating the policy? are you using post or put call? Please follow the below link.
Created on 10-30-2023 12:23 AM - edited 10-30-2023 07:31 AM
Hi Vamsi,
typically I use
curl -i -n -X PUT -H "Accept:application/json" -H "Content-Type:application/json" "https://host:9999/service/plugins/policies/205" -d '{ "id": 205
But the same error message I got via edit policy in Ranger UI.
Weird for me is, that some policies are updated sucessfully and some not.
Regards
Kamiled
Created 10-30-2023 02:54 AM
TTP/1.1 100 Continue
HTTP/1.1 400 Bad Request
Set-Cookie: RANGERADMINSESSIONID=F84B46047FE2B85785E19D5923939AFA; Path=/; Secure; HttpOnly
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline';font-src 'self'
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
Content-Type: application/json
Transfer-Encoding: chunked
Date: Mon, 30 Oct 2023 09:41:36 GMT
Connection: close
Server: Apache Ranger
{"statusCode":1,"msgDesc":"another policy already exists with name 'anonym_user'. ID=18"}
Created 10-31-2023 09:43 AM
Hi @kamiled , Can you check if any similar policy exist like similar path, Database and same access in the policy id 18 as well, Please provide the screenshot of policy 18 and policy 205 and how what permissions you are trying to update on policy 205
Created 11-01-2023 08:22 AM
Hi Vamsi,
I copied error message for another policy. Policy has list of tables for SELECT and I need to add another table to list.
HTTP/1.1 100 Continue
HTTP/1.1 400 Bad Request
Set-Cookie: RANGERADMINSESSIONID=EC2B4EDEE72869DFDE04A78EC5550A7E; Path=/; Secure; HttpOnly
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline';font-src 'self'
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
Content-Type: application/json
Transfer-Encoding: chunked
Date: Wed, 01 Nov 2023 15:19:14 GMT
Connection: close
Server: Apache Ranger
{"statusCode":1,"msgDesc":"another policy already exists with name 'anonym_user_ALL'. ID=205"}
Created 11-01-2023 08:24 AM
the same error message via Ranger UI. I added the same new table to list