Step 2. Add the user to pre-defined Ranger access policies

When an authenticated user attempts to view or modify a NiFi or NiFi Registry resource, the system checks whether the user has privileges to perform that action. These privileges are determined by the Ranger access policies that a user is associated with.

Determine what the user can command, control, and observe in a NiFi dataflow or in NiFi Registry and accordingly add the user or a group of users to the appropriate pre-defined Ranger access policies.

Each pre-defined Ranger access policy confers specific rights to NiFi or NiFi Registry resources.

For more information, see:

  • Pre-defined Ranger access policies for NiFi resources
  • Pre-defined Ranger access policies for NiFi Registry resources
  1. From the base cluster with Ranger, click the Ranger icon.
    The Ranger Service Manager page appears.

    Each cluster in the environment is listed under its respective service. For example, the NiFi clusters in the environment are listed under NiFi.

  2. Select a cluster from either the NiFi or NiFi Registry section.
    The following image shows the list of pre-defined policies for NiFi:

    The List of Policies page appears.
  3. Click the ID for a policy.
    The following image shows the list of pre-defined policies for NiFi:

    The Edit Policy page appears.
  4. In the Allow Conditions section, add the user or the user group to the Select User field.
  5. Click Save.
The user now has the NiFi and NiFi Registry rights according to the policies you added the user or user group to. These rights are inherited down the hierarchy unless there is a more specific policy on a component.
Complete the steps listed in Step 3. Create a Custom Access Policy.