We are actually looking forward to integrating Ranger with a SQL Query Engine to gain control of the authorization before the actual SQL Query is sent for execution. We want to ensure that the user is authorized to access certain tables or columns before we actually execute the query provided.
ASSUMPTION: data is residing in S3 storage and user submits a SQL query involving certain table/columns to the query engine for its processing. Below are the things I could not find firmly.
1. Can Ranger be used to authorize the data located on cloud storages such as S3, GCS ? If yes, can the user role policies be configured to control the table / column level data on such cloud storages ?
<please provide supporting reference on how it needs to be integrated with cloud storages>
2.Assuming that the user role policies are existing on Rangerfor table/columns data, what are theRest APIsthat we need to invoke in orderto find whether the user is authorizedto access the data or not.
3. Are there any Rest APIs whichaccepts User ID and list of Tables/columns(in context of SQL Query) and provides uswhether or not the user is authorizedto access those ?