Support Questions

Find answers, ask questions, and share your expertise
Check out our newest addition to the community, the Cloudera Data Analytics (CDA) group hub.

Ranger KMS Tutorial

Expert Contributor


Is there a Ranger KMS tutorial that we can try?





@Avijeet Dash I have installed ranger and ranger kms and setup all the configurations and everything is working fine.

I have created encryption zone in hdfs and in the policy i have mentioned two users(user 1 and user 2) to access this encryption zone, they are able to access this encryption zone . I want to set permissions to encryption zone in such a way that user1 should have read and write access and user 2 should have only read access?how can we define this ?

Expert Contributor

@khadeer mhmd

I believe the DECRYPT_EEK permission decides the read/write access, I don't think there are 2 different permissions. you migth try only read kind of permission using HDFS plugin.

Hi @khadeer mhmd, Have you installed Ranger KMS in HDP2.5 sandbox?

I am getting below error while adding Ranger KMS service in Ambari (HDP 2.5 sandbox).

Caught an exception while executing custom service command: <class 'ambari_agent.AgentException.AgentException'>: 'Script /var/lib/ambari-agent/cache/common-services/RANGER_KMS/ does not exist'; 'Script /var/lib/ambari-agent/cache/common-services/RANGER_KMS/ does not exist'

Could anyone please help me on this issue.

New Contributor

@khadeer mhmd

The owner of the file has both the read and write access and the others will have only the read access.

Take a Tour of the Community
Don't have an account?
Your experience may be limited. Sign in to explore more.