Ozone Ranger policy

Using the Ozone Ranger policy integration, you can set new Ozone Ranger policies.

Ranger permissions for OBJECT_STORE buckets
1. You must configure policy on a resource key path
2. Wild-Card: Keys starting with key path keyRoot/key*
Ranger permissions for FILE_SYSTEM_OPTIMIZED buckets
1. Configure policy on resource path, which can be at the level of a specific file or directory path component.
2. Wild Cards: You can configure a policy for all sub-directories or sub-files using wildcards. For example, /root/app*. For more information, refer performance optimized authorization approach for rename and recursive delete operations in the Ranger Ozone plugin.
note
For more information on setting Ozone Ranger policies, see Ranger Ozone Integration.