[ https://issues.apache.org/jira/browse/RANGER-3837?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Fateh Singh updated RANGER-3837: -------------------------------- Attachment: 0001-RANGER-3837-Changed-ensureAdminAccess-and-getRoleIfA.patch > Allow Ranger non-admins to get, create, edit and delete roles > ------------------------------------------------------------- > > Key: RANGER-3837 > URL: https://issues.apache.org/jira/browse/RANGER-3837 > Project: Ranger > Issue Type: Improvement > Components: Ranger > Reporter: Fateh Singh > Assignee: Fateh Singh > Priority: Major > Attachments: > 0001-RANGER-3837-Changed-ensureAdminAccess-and-getRoleIfA.patch > > > For Ozone S3 Multi-Tenancy assign user CLI, we would edit a Ranger role to > add a new user. During tenant creation, we create two new Ranger roles > (tenant1-AdminRole and tenant1-UserRole). > As OM prefers using {{om}} user (in {{{}ozone.keytab{}}}) to talk to Ranger, > we wouldn't be able to create/edit/delete roles with that credential. And > there doesn't seem to be a config to allow it at this point -- This message was sent by Atlassian Jira (v8.20.10#820010)