Hi, When you define a Knox policy in Ranger, you can specify Read/Wirte/Create/Administration permissions for a particular service exposed thourgh a REST API. See for example: https://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.6.5/bk_security/content/knox_policy.html What is the precise meaneaning of these RWX permissions? They make me think to some kind of ACL, but no detailed description is provided in the documentation. For example: if the policy specifies that a particular group do not have Write permission for a given exposed service, and the execution of the service attempts to write some HDFS file of the cluster, shall Knox make the invocation of the REST API to fail? Many thanks in advance. Regards, Eduardo Giménez.
... View more