We have setup Ranger on HDP 8 node cluster and it is running successfully, we have defined policies, can see all the LDAP users and groups in Ranger Admin. We have setup the policies for HDFS and Hive tables. Now the question is, if we stop the Ranger services from Ambari what happens? Does ranger policies will still be applied? This is a hypothetical question, if it is only for user-sync module we can take the Ranger service down.
Thank you in advance.
Yes you are right, Ranger is only useful to sync users, define policies and get audits. Once done, policies are "applied' locally in ranger plugins. If the service is down, the cluster will still be running.
Even if Ranger Admin service is down, plugins will still be enforcing the access control using the local copy of the policies.