from:"Aakash Nand"

Re: TRINO - SECURITY

2023-03-31 Thread Aakash Nand

Hi Selva

We are using Open source Trino with Apache Ranger for access control at our
company.

We are using Apache Ranger version 2.1.0
And Trino version 406

The setup initially was difficult to get started as  there is almost no
documentation available but I have written the tutorial about how to get
started with Trino and Ranger and recently from Ranger version 2.3.0 it has
become easier compared to previous versions because trino plugin was
officially merged in ranger upstream.

I am also actively helping Trino users to solve their access control issues
in Trino’s community slack. Please join for more easy access to information

Integrating Apache Ranger and Trino:

https://towardsdatascience.com/integrating-trino-and-apache-ranger-b808f6b96ad8

Trino Community Slack:

https://trino.io/slack.html

Thanks
Aakash

On Sat, Apr 1, 2023 at 9:44 AM Selvamohan Neethiraj 
wrote:

> Hi,
>
> Anyone using OpenSource Trino in your company? If so, I would like to
> understand as How Security (access control) is implemented in your
> organization.
>
>- Are you using Apache Ranger Trino Plugin ?
>   - If so, what version of Apache Ranger is being used?
>   - If not, what other security tool is used to enforce the Trino
>   Access Control ?
>
>
> If you are using Trino (but, not from OpenSource), what bundle are you
> using? How easy or difficult to do access control from Trino ?
>
> Thanks,
> Selva-
>

Re: How to define policy for trino-table-function?

2022-09-08 Thread Aakash Nand

Hi Mahebub,

Trino table functions were added to trino very recently so there is still
ongoing development regarding that feature and the trino plugin which is
available on the official ranger repository will not support table function
until the next release.

I recommend you to join the trino community slack for more trino-relevant
questions like this: https://trino.io/community.html

The error you are getting is already discussed in the trino community slack
here  and
there is ongoing PR that will resolve that issue here
 by which you might be able
to execute such queries.

Regards,
Aakash

Re: Planning for Apache Ranger 2.3.0 release

2022-04-27 Thread Aakash Nand

Hello Ramesh,

Thank you for the summary of pre-release notes for Ranger-2.3.0.

However, In the previous email, I found out that

RANGER-3182: Prestosql is renamed to Trino


is not included in improvements. Although we are in the process of
reviewing that issue, will we include it in this release?

Thanks
Aakash

On Wed, Apr 27, 2022 at 3:49 PM Ramesh Mani  wrote:

> Dear Ranger Community members,
>
> There are various features and critical bug fixes done in the Apache
> Ranger project since the release of Apache Ranger 2.2.0.
> Around 55 improvements, 45 bug fixes and a total of 527 commits were made
> from the last release.
> Now with that Ranger community is expecting a release to adapt those
> changes and hence planning this release.
>
> Please review and provide your opinion.
>
> Thanks,
> Ramesh
>
> *Improvements:*
>
> RANGER-3687 Password Policy Best Practices for Strong Security
> RANGER-3667 Improve feedback in policy creation UI when resource does
> not exist
> RANGER-3659 Ranger Admin goes to OOM when usersync is trying to delete
> existing group mappings from ranger DB
> RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8
> RANGER-3551 Analyze & optimize module permissions related API
> RANGER-3539 Add jacoco-maven-plugin for code coverage
> RANGER-3562 Redesign post commit tasks for updating ref-tables when
> policy/role is updated
> RANGER-3540 Add support to read audit logs from Amazon CloudWatch
> RANGER-3030 Replace Findbugs with Spotbugs maven plugin
> RANGER-3538 Reduce the granularity of locking when building/retrieving
> a policy-engine within Ranger admin service
> RANGER-3518 Limit the query size stored in Audit logs
> RANGER-3276 Remove duplicate code from buildks.java
> RANGER-3515 Enhance Ranger Java client SSL config to be configured
> using serviceType and AppId
> RANGER-3504 Create framework to execute DB patch dependent on Java
> patch.
> RANGER-3023 Permission tab takes longer time to load with large number
> of users and group_users data
> RANGER-3487 Update underscore js with latest version.
> RANGER-3548 Update performance engine test scripts
> RANGER-3556 Ranger tagsync logs unnecessary messages
> RANGER-3573 Add vim in docker base image
> RANGER-3578 Simplify code for policy label creation
> RANGER-3675 Upgrade tomcat due to intermittent READ TIMEOUT
> RANGER-3686 Docker setup to run Ranger with MySQL database
> RANGER-3628 Support fine grain authorization for different solr objects
> RANGER-3629 RANGER -  Handle solr permissions during upgrade
> RANGER-3665 "No Data Found !!" messages in Ranger admin UI alarm users
> RANGER-3662 There should be pause button for error popup
> RANGER-3660 [Ranger Admin UI] Improvements in tooltip hints for better
> user experience
> RANGER-3649 Represent the Solr admin object types on the Ranger UI
> RANGER-3658 Docker: Ranger containers to run as user=ranger
> RANGER-3603 HDFS audit files rollover improvement to trigger rollover
> in monitoring thread
> RANGER-3651 Remove jersey 1.x version dependency for knox plugin
> RANGER-3621 Optimise Tag/Policy iterator
> RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED BY
> RFC 6797
> RANGER-3455 [Logout-Ranger] Should either be disabled/ should redirect
> to knox logout page
> RANGER-3630 Support wildcards, group short names, and list of memberof
> attribute DNs for computing user search filter
> RANGER-3597 User role should not be able to modify the Policy
> RANGER-3512 Create Java patch to update policy guid to unique value.
> RANGER-3511 Create Java patch to update policy resource-signature to
> unique value.
> RANGER-3493 Add unique index on service and resource_signature column
> of x_policy table
> RANGER-3435 Add unique index on guid, service and zone_id column of
> x_policy table
> RANGER-3439 Add rest api to get or delete ranger policy based on guid
> RANGER-3498 RANGER : Remove log4j1 dependencies.
> RANGER-3475 Promote TagRest endpoints to /public/v2
> RANGER-3698 Ranger - Upgrade kylin to 3.1.3
> RANGER-3699 Ranger - Upgrade poi to 5.2.1+
> RANGER-3533 Provide sorting on columns throughout the audits result
> set and policy listing page.
> RANGER-3693 Ranger - Upgrade tomcat to 8.5.78
> RANGER-3689 Ranger : ranger-2.3 Port missing commits.
> RANGER-3620 Ranger - Upgrade tomcat to 8.5.75
> RANGER-3577 RANGER : Upgrade POI version to 5.1.0
> RANGER-3566 Update version in ranger-2.3 to 2.3.0-SNAPSHOT
> RANGER-3553 Unit test coverage for XUserMgr and UserMgr class
> RANGER-3653 Replace aws java sdk bom dependencies with bundled
> dependencies
> RANGER-3561 Upgrade Storm version to 1.2.4
> RANGER-3704 remove semicolon from c3P0 preferredTestQuery
>
> *Bug Fixes:*
>
> RANGER-3544 Security zones

Re: Planning for Apache Ranger 2.2.0 release

2021-09-26 Thread Aakash Nand

Hello Ramesh,
Thanks for the initiative for the 2.2.0 Release.
I am an active member of the trino community and I wanted to ask whether it
will be possible to include prestosql to trino rebranding issue in this
release?
I had contributed some patches for this issue here
https://issues.apache.org/jira/browse/RANGER-3182 .
Thanks
Aakash

On Fri, Sep 24, 2021 at 6:54 PM Emilio Fernandes <
emilio.fernande...@gmail.com> wrote:

> Hi Ramesh,
>
> Thank you for including it in the release!
>
> Regards,
> Emilio
>
> On 2021/09/23 17:00:21, Ramesh Mani  wrote:
> > Hi Emilio,
> >
> > Thanks for reaching out regarding the jira RANGER-3243
> > . We are in the
> process
> > of certifying this to include it in Apache release 2.2.0
> >
> > Thanks
> > Ramesh
> >
> > On Tue, Sep 21, 2021 at 3:12 AM Emilio Fernandes <
> > emilio.fernande...@gmail.com> wrote:
> >
> > > Hi,
> > >
> > > Could you please take a look at
> > > https://issues.apache.org/jira/browse/RANGER-3243 ?
> > > Without this improvement it is impossible to use
> RangerSafenetKeySecure on
> > > Java 11+ because it cannot load sun.security.pkcs11.SunPKCS11.
> > >
> > > Gracias!
> > > Emilio
> > >
> > > On 2021/09/20 15:48:17, Ramesh Mani  wrote:
> > > > Dear Ranger Community members,
> > > >
> > > > This is the reminder to give your opinion on Apache Ranger Release
> 2.2.0.
> > > >
> > > > Thanks,
> > > > Ramesh
> > > >
> > > > On Tue, Sep 14, 2021 at 2:48 PM Ramesh Mani 
> wrote:
> > > >
> > > > > Dear Ranger Community members,
> > > > >
> > > > >
> > > > >
> > > > > There are many features and fixes done in Apache Ranger Project
> since
> > > the
> > > > > release of Apache Ranger 2.1.0. These features enhance the quality
> and
> > > > > improve the user experience of Apache Ranger overall.
> > > > >
> > > > >
> > > > >
> > > > > Some of the key enhancements/features in this release are
> > > > >
> > > > >
> > > > >
> > > > >-
> > > > >
> > > > >Schema changes to improve performance of chained plugin
> features.
> > > > >RANGER-3067
> > > > >
> > > > >
> > > > >-
> > > > >
> > > > >Support delegation-admin for specific permissions.RANGER-3122
> > > > >-
> > > > >
> > > > >Kafka Client improvement to use Kafka AdminClient API instead of
> > > > >Zookeeper. RANGER-3001
> > > > >-
> > > > >
> > > > >GET API service/xusers/users response time improvement.
> RANGER-3027/
> > > > >RANGER-3024
> > > > >-
> > > > >
> > > > >Improvement in Ranger Latest UI's Edit Policy Page. RANGER-3130
> > > > >-
> > > > >
> > > > >Ranger UI Search by object name in page /reports/audit/admin.
> > > > >RANGER-3052
> > > > >-
> > > > >
> > > > >Enhancement to trace additional information on resources.
> > > RANGER-3065
> > > > >-
> > > > >
> > > > >Improve audit log for Role operations in Ranger Hive authorizer.
> > > > >RANGER-3170
> > > > >-
> > > > >
> > > > >Audit-filter feature implementation to help reduce volume of
> audit
> > > > >logs generated. RANGER-3000
> > > > >-
> > > > >
> > > > >Need feature to make the access log file name configurable for
> user.
> > > > >RANGER-3242/RANGER-3241
> > > > >-
> > > > >
> > > > >Upgrade the solr version in Ranger to Solr 8.6.3 for better
> > > > >performance. RANGER-3091
> > > > >-
> > > > >
> > > > >Enhance Ranger admin REST Client to use cookies for policy, tag
> and
> > > > >role download. RANGER-3283
> > > > >-
> > > > >
> > > > >Audit Filter default policies for reducing verbosity in
> auditing.
> > > > >RANGER-3260/RANGER-3283
> > > > >-
> > > > >
> > > > >Auditing for HDFS chmod and chown operations. RANGER-3148
> > > > >-
> > > > >
> > > > >Ranger HiveAuthorizer improvements to handle uncharted hive
> > > commands.
> > > > >RANGER-3368
> > > > >-
> > > > >
> > > > >Ranger Access audit page improvement. RANGER-3109
> > > > >-
> > > > >
> > > > >Dockerfile to support building from local repository.
> RANGER-3012
> > > > >-
> > > > >
> > > > >Performance improvement for Ranger usersync. RANGER-2986
> > > > >
> > > > >
> > > > >
> > > > > Bug Fixes:
> > > > >
> > > > >-
> > > > >
> > > > >In this Apache Ranger release there are around 119 bug fixes
> done.
> > > > >
> > > > >
> > > > >
> > > > > There are 324 commits with 219 resolved JIRAs in the release branch
> > > > > ranger-2.2.0 and with these improvements it is time to do the next
> > > Apache
> > > > > Ranger release.
> > > > >
> > > > >
> > > > > Planned timeline to release Apache Ranger 2.2.0 is end of September
> > > 2021.
> > > > >
> > > > >
> > > > >
> > > > > Please review and give your comments.
> > > > >
> > > > >
> > > > >
> > > > > Thanks,
> > > > >
> > > > > Ramesh
> > > > >
> > > > >
> > > >
> > >
> >
>

Re: TRINO - SECURITY

Re: How to define policy for trino-table-function?

Re: Planning for Apache Ranger 2.3.0 release

Re: Planning for Apache Ranger 2.2.0 release

4 matches

Site Navigation

Mail list logo

Footer information