What's New in Apache Ranger
The following new features and enhancements are generally available for Ranger customers in Cloudera Runtime 7.2.18:
Ranger Usersync option to update group memberships when same users and groups are synced from multiple sync sources
Ranger Usersync now provides an option for customers to treat users/groups from multiple sync sources as the same for updating group memberships. For more information, see the updated topic: Configuring Usersync to sync directly with LDAP/AD.
HA support for Ranger Tag Sync/User Sync
Ranger now supports high availability for Ranger Tag Sync/User Sync. Configuring high availability adds another instance of each role to an additional host, which host continues to run the features if the default host fails. .
New Ranger API to collect metrics in Ranger Admin
Ranger now provides two APIs to fetch ranger admin metrics. One returns a response in JSON format and the other returns a response in prometheus-compatible format. For more information, see Ranger Admin Metrics API.
New Ranger APIs to import/export roles in Ranger Admin
Ranger now includes APIs to import and export roles. For more information, see Ranger REST API documentation.
Add support for enabling audit file accumulation
You can enable and configure alerts for Ranger plugin-supported services through Cloudera Manager. Such alerts notify when audit spool files accumulate in the spool directories for Solr and HDFS. For more information, see Configuring audit spool alert notifications.
Add support for additional methods in RangerKafkaAuthorizer
RangerKafkaAuthorizer includes ACL APIs that refer to Ranger Policies when these commands are executed. Ranger relies on the grant, revoke and policy engine APIs to cater the needed functionality. For more information, see Kafka ACL APIs support.
Add APIs to support force deletes of external users and groups from Ranger db
A Ranger database may (over)-populate with user and group records. To aid in removal of unnecessary users/groups, customers may use this feature to delete specific external user/groups or even all external users/groups if required. For more information, see Force deletion of external users and groups from the Ranger database.