Ozone Ranger policy

Using the Ozone Ranger policy integration, you can set new Ozone Ranger policies.

  1. Ranger permissions for OBJECT_STORE buckets
    1. You must configure policy on a resource key path
    2. Wild-Card: Keys starting with key path keyRoot/key*
  2. Ranger permissions for FILE_SYSTEM_OPTIMIZED buckets
    1. Configure policy on resource path, which can be at the level of a specific file or directory path component.
    2. Wild Cards: You can configure a policy for all sub-directories or sub-files using wildcards. For example, /root/app*. For more information, refer performance optimized authorization approach for rename and recursive delete operations in the Ranger Ozone plugin.