Ozone Ranger policy
Using the Ozone Ranger policy integration, you can set new Ozone Ranger policies.
Ranger permissions for OBJECT_STORE buckets
- You must configure policy on a resource key path
- Wild-Card: Keys starting with key path keyRoot/key*
Ranger permissions for FILE_SYSTEM_OPTIMIZED buckets
- Configure policy on resource path, which can be at the level of a specific file or directory path component.
- Wild Cards: You can configure a policy for all sub-directories or sub-files using wildcards. For example, /root/app*. For more information, refer performance optimized authorization approach for rename and recursive delete operations in the Ranger Ozone plugin.