How to grant Ranger permissions for a new user on a Secure Cluster

Published on 19 May 2020 in Administration / Version 4.8 - 2 minutes read - Last modified on 18 May 2020 - Read in jp

Hello, Hue administrators,

The Apache Ranger™is a framework to enable, monitor and manage comprehensive data security across the Hadoop platform.

Hue integrates with Ranger since Hue4.6, on any secure cluster with Ranger installed, the user has to have proper permissions to operate on the data to avoid following permission warning.

missing-ranger-permission.png

Here let's show the detailed steps to grant permission for any new user through CM UI.

Steps

  1. On any CM managed cluster, you can navigate to Ranger service, note down the ‘Ranger Usersync’ host on “Instances” tab, then open ‘Ranger Admin Web UI’

ranger-usersync-host-and-admin-webui.png

  1. open a terminal and ssh to your ranger usersync host which you noted down at Step 1;

    ssh [email protected] useradd weixia passwd weixia

  2. On Ranger admin webui page: https://weixia-1.domain.site:6182/index.html#!/policymanager/resource, click on “Edit” button besides the “Hadoop SQL”:

edit-ranger-policymanager-hadoop-sql.png

a. if you want to give new user permission on all databases, add your user on the existing policy: “all-database, table, column” grant-user-permission-to-all.png

b. if you want to give new user only to specific database say ‘testdb’, you can create new policy as following, choose permission as you desired: create-new-policy-for-testdb-access-only.png

  1. Save the change.

Navigate to Hue WebUI, now your new user should be able to run any query on any entities as granted in the policy. new-user-can-run-query-on-tables.png

You can do the same for group permission as well.

Any feedback or questions? Feel free to comment here or on the Forum or @gethue and quick start SQL querying!

Weixia Xu from the Hue Team


comments powered by Disqus

More recent stories

23 June 2020
Monitoring Hue activity with Grafana Dashboards
Read More
22 June 2020
Automated checks for JavaScript modules compatible licenses and non absolute paths with Continuous Integration
Read More
19 May 2020
How to grant Ranger permissions for a new user on a Secure Cluster
Read More