Support Questions

Find answers, ask questions, and share your expertise

Ranger KMS Tutorial

avatar
Super Collaborator

Hi,

Is there a Ranger KMS tutorial that we can try?

Thanks,

Avijeet

1 ACCEPTED SOLUTION

avatar
Super Guru
5 REPLIES 5

avatar
Super Guru

avatar
Contributor

@Avijeet Dash I have installed ranger and ranger kms and setup all the configurations and everything is working fine.

I have created encryption zone in hdfs and in the policy i have mentioned two users(user 1 and user 2) to access this encryption zone, they are able to access this encryption zone . I want to set permissions to encryption zone in such a way that user1 should have read and write access and user 2 should have only read access?how can we define this ?

avatar
Super Collaborator

@khadeer mhmd

I believe the DECRYPT_EEK permission decides the read/write access, I don't think there are 2 different permissions. you migth try only read kind of permission using HDFS plugin.

avatar
Contributor

Hi @khadeer mhmd, Have you installed Ranger KMS in HDP2.5 sandbox?

I am getting below error while adding Ranger KMS service in Ambari (HDP 2.5 sandbox).

Caught an exception while executing custom service command: <class 'ambari_agent.AgentException.AgentException'>: 'Script /var/lib/ambari-agent/cache/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms_server.py does not exist'; 'Script /var/lib/ambari-agent/cache/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms_server.py does not exist'

Could anyone please help me on this issue.

avatar
Explorer

@khadeer mhmd

The owner of the file has both the read and write access and the others will have only the read access.