Consolidating policies created by Authzmigrator

Before migrating/importing Sentry permission into Ranger policies, add the authorization.migration.skip.owner.policy = true configuration in authorization-migration-site.xml.

Migrating Sentry - Ranger with Ownership Feature Enabled

Scenario:

Ownership feature enabled in Sentry. After enabling ownership feature, Sentry would have owner permission for all the databases/tables created after enabling this feature.

Case:

Bob created 1000 tables tab1, tab2, tab2 ... tab1000 under database demoDB.

Since ownership feature enabled, Sentry will have OWNER-MAPPING.

After migration from Sentry to Ranger using Authzmigrator tool Ranger will have 1000 OWNER policies for each mapping in sentry. However, Ranger already has default OWNER policies. There is no need to have individual table level OWNER policies. These 1000 policies will be hard to administer from the Ranger UI.

Skipping OWNER policy creation for each every OWNER-MAPPING in Sentry.

Add authorization.migration.skip.owner.policy = true to authorization-migration-site.xml to avoid creating so many policies in Ranger during migration.

<property>
        <name>authorization.migration.skip.owner.policy</name>
        <value>true</value>
        </property>