As a CDP administrator, after you create an environment, you must enable flow-management users to access the environment, utilize resources, and perform tasks in CDP. Assign the appropriate CDP resource role and one or more Ranger access policies based on the type of access the user requires. Before you begin, you must review the authorization workflow to understand the options and the process involved in authorizing users to access flow management resources.
A CDP resource role grants a user or user-group permission to access and perform tasks on a resource. A Ranger access policy for flow management contains one or more access rights to NiFi or NiFi Registry resources.
- Understanding roles and resource roles
- Ranger policies overview
- If the user requires administrator-level permissions to NiFi and NiFi Registry, assign the EnvironmentAdmin role.
- If the user requires selective permissions to NiFi and NiFi Registry, assign the EnvironmentAdmin role and add the user to the appropriate Ranger policies. Optionally, create a custom policy and add the user to it.