Support Questions
Find answers, ask questions, and share your expertise

rest api to add user into ranger's policy

rest api to add user into ranger's policy

I want to add user into existing ranger policy , Is there some rest api available so that i can append username in the rest api and in turn it directly attach that user to existing ranger policy like hdfs policy ..etc.

4 REPLIES 4
Highlighted

Re: rest api to add user into ranger's policy

Super Mentor

@Anurag Mishra

Are you talking about Ranger "Update Policy" API calls using (-X PUT operations). Something like described in the following link:

https://cwiki.apache.org/confluence/display/RANGER/Apache+Ranger+0.6+-+REST+APIs+for+Service+Definit...

Example:

# curl -iv -u admin:admin -H "Content-Type: application/json" -d '{"policyName":"restCreate","resourceName":"*","description":"testing REST","repositoryName":"test_hadoop","repositoryType":"hdfs","isEnabled":true,"isRecursive":true,"isAuditEnabled":true,"permMapList":[{"userList":["ambari-qa","hdfs"],"permList":["Read","Write"]}]}' -X PUT http://$RANGER:6080/service/public/v2/api/policy/12

.

Highlighted

Re: rest api to add user into ranger's policy

Super Mentor

Please notice the following section in the JSON payload:

"userList":["ambari-qa","hdfs"]

.

Highlighted

Re: rest api to add user into ranger's policy

@Jay Kumar SenSharma

Hi Jay,

but with update option i would need to take all users into list , for e.g. I want to append user abc in hdfs policy and there are already five users, is there rest api which can append only this abc user without mentioning other five uses in userList .

and after execution of rest api user abc should be attached with other five users under the same policy ?

Highlighted

Re: rest api to add user into ranger's policy

Super Mentor

@Anurag Mishra

I am not aware of any such API which can update only a particular Attribute's("userList") particular value.

The only option i see is to get the JSON output from the following call and then edit the JSON and then out back the edited json.

Get Policy JSON

# curl -u admin:admin -H "Content-Type: application/json"  -X GET http://$RANGER:6080/service/public/v2/api/policy/12  -o /tmp/policy_12.json

.

Now edit the JSON "/tmp/policy_12.json" and add new user in the "userList" section and then run the following curl command to update.

Update the JSON using Put

# curl -u admin:admin -H "Content-Type: application/json"  -X PUT -d @/tmp/policy_12.json http://$RANGER:6080/service/public/v2/api/policy/12 

.