Cloudera Docs

Set Ranger policies

As an administrator, you need to set resource-based Ranger policies to give users or groups access to write and read Kafka topics.

  1. Navigate to Management Console > Environments, and select the environment where you have created your cluster.
  2. Click on the Data Lake tab.
  3. Select Ranger from the services.
    You are redirected to the Ranger user interface.
  4. Select your Streams Messaging cluster under the Kafka folder on the Service Manager page.
  5. Click Add new policy.
  6. Provide the details for the topic policy.
    1. Give a chosen policy name.
    2. Select topic as Kafka resource type.
    3. Provide a prefix that is included in the name of the flink topics you need to access when writing messages.
  7. Select the user or groups under Allow Conditions.
  8. Click Add Permissions.
  9. Select individual or all permissions for the policy.
  10. Click Add.
    You are redirected to the List of Policies page.
  11. Click Add new policy.
  12. Provide the details for the consumer group policy.
    1. Give a chosen policy name.
    2. Select consumergroup as Kafka resource type.
    3. Provide a prefix that is included in the name of the flink topics you need to access when reading messages.
  13. Select the user or groups under Allow Conditions.
  14. Click Add Permissions.
  15. Select individual or all permissions for the policy.
  16. Click Add.

    The following short video shows how you can set Ranger policies: