Command Line Installation
Also available as:
loading table of contents...

Installing and Configuring Tag-Based Access Control

Ranger 0.6 supports authorization of access based on tags associated with resources, in addition to resource-based access authorization. The tag-based policy model offers many advantages over the resource-based authorization model. One of the important advantages of this model is that it supports separation of resource-classification from access-authorization. This, in turn, allows security administrators to conceptualize and author access policies across multiple components (such as HDFS, Hive) in terms of type/class of data.

Ranger includes a module, called Tag Synchronization Module (Tag-Sync) that enables synchronization of tagging information (such as entity-tag association as well value of tag-attributes if any) between a tag-source (Atlas) and Ranger Admin. To use tag-based access, you must perform the following: