Add users or groups to Ranger policies

Provides steps to add users or groups to Ranger Policies.

Determine what the user can command, control, and observe in a NiFi dataflow or in NiFi Registry and accordingly add the user or a group of users to the appropriate pre-defined Ranger access policies.

Each pre-defined Ranger access policy confers specific rights to NiFi or NiFi Registry resources.

For more information, see:

  • Pre-defined Ranger access policies for NiFi resources
  • Pre-defined Ranger access policies for NiFi Registry resources
  • You have installed Ranger on your Base CDP Private Cloud Base cluster.
  • You have added and connected the NiFi and NiFi Registry services.
  1. From the Base cluster, select Ranger from the list of services. Click Ranger Admin Web UI and log into Ranger.

    The Ranger Service Manager page displays.



    Each cluster in the environment is listed under its respective service. For example, the NiFi clusters in the environment are listed under NiFi.

  2. Select a cluster from either the NiFi or NiFi Registry section.
    The List of Policies page appears.


  3. Click the ID for a policy.
    The Edit Policy page appears.
  4. In the Allow Conditions section, add the user or the user group to the Select User field.
  5. Click Save.

The user now has the NiFi and NiFi Registry rights according to the policies you added the user or user group to. These rights are inherited down the hierarchy unless there is a more specific policy on a component.

When you have completed the steps for adding users and groups to Ranger policies, review the steps to deselect unwanted NiFi Registry dependencies and determine whether this task applies to you.