Add the user or group to a pre-defined access policy
When an authenticated user attempts to view, create, edit, or delete a Schema Registry entity, the system checks whether the user has privileges to perform that action. These privileges are determined by the Ranger access policies that a user is associated with.
For Ranger policies to work, you must have a user group named
schemaregistry. If you use UNIX PAM, the
schemaregistry user group must be on the node that hosts Schema
Determine the permissions required by a user or user group and accordingly add the user or group to the appropriate pre-defined access policy.
Each pre-defined access policy controls access to one or more Schema Registry entities.
From the Cloudera Manager home page, click the Ranger
The Ranger management page appears.
Click the Ranger Admin Web UI link.
The Ranger Log In page appears.
Enter your user name and password to log in.
The Ranger Service Manager page appears.
The page is organized by service. Each cluster is listed under its respective service. For example, the Schema Registry clusters in the environment are listed under Schema Registry.
Select a cluster from the Schema Registry section.
The List of Policies page appears.
Click the ID for a policy.
The Edit Policy page appears.
In the Allow Conditions section, add the user or group
to the respective Select User or Select
- From the Policy Conditions field, enter the appropriate IP address.
- From the Permissions field, select the appropriate permission.
- Click Save.