Re: GRANT ALL ON DATABASE ...

2017-05-08 Thread Abhay Kulkarni
rrectly by Ranger, as delegateAdmin is set to true. Hope that helps, -Abhay From: Abhay Kulkarni mailto:akulka...@hortonworks.com>> Date: Monday, May 8, 2017 at 12:05 PM To: "user@ranger.apache.org<mailto:user@ranger.apache.org>" mailto:user@ranger.apache.org>&

Re: GRANT ALL ON DATABASE ...

2017-05-08 Thread Abhay Kulkarni
>> Date: Monday, May 8, 2017 at 11:51 AM To: "user@ranger.apache.org<mailto:user@ranger.apache.org>" mailto:user@ranger.apache.org>> Subject: Re: GRANT ALL ON DATABASE ... I see. so to configure this I can either go on UI or through Ranger REST API but not a DDL (e.g.

Re: GRANT ALL ON DATABASE ...

2017-05-08 Thread Goden Yao
I see. so to configure this I can either go on UI or through Ranger REST API but not a DDL (e.g. GRANT ALL ON DATABASE ... ), is that correct? On Mon, May 8, 2017 at 11:34 AM Abhay Kulkarni wrote: > Hi Goden, > > If there is a Ranger policy with (database=, table=*, column=*) > as

Re: GRANT ALL ON DATABASE ...

2017-05-08 Thread Abhay Kulkarni
t 10:01 AM To: "user@ranger.apache.org<mailto:user@ranger.apache.org>" mailto:user@ranger.apache.org>> Subject: Re: GRANT ALL ON DATABASE ... What's behind the stage for ranger to configure this - does it internally go through every table ? just want to understand the im

Re: GRANT ALL ON DATABASE ...

2017-05-08 Thread Goden Yao
; From: Goden Yao > Reply-To: "user@ranger.apache.org" > Date: Thursday, May 4, 2017 at 2:21 PM > > To: "user@ranger.apache.org" > Subject: Re: GRANT ALL ON DATABASE ... > > Thanks Ramesh - in Ranger UI, I see table is always required when creating > a policy

Re: GRANT ALL ON DATABASE ...

2017-05-04 Thread Ramesh Mani
o: "user@ranger.apache.org<mailto:user@ranger.apache.org>" mailto:user@ranger.apache.org>> Subject: Re: GRANT ALL ON DATABASE ... Thanks Ramesh - in Ranger UI, I see table is always required when creating a policy - is that the case? so you are saying I can put "*" in tab

Re: GRANT ALL ON DATABASE ...

2017-05-04 Thread Goden Yao
at 1:34 PM > To: "user@ranger.apache.org" > Subject: Re: GRANT ALL ON DATABASE ... > > Hi Anyone may want to comment ? I found out this is actually supported in > Hive Default Authorization (legacy) mode but probably not in SQL Standard > Authorization, why is that? &g

Re: GRANT ALL ON DATABASE ...

2017-05-04 Thread Ramesh Mani
rg>> Reply-To: "user@ranger.apache.org<mailto:user@ranger.apache.org>" mailto:user@ranger.apache.org>> Date: Thursday, May 4, 2017 at 1:34 PM To: "user@ranger.apache.org<mailto:user@ranger.apache.org>" mailto:user@ranger.apache.org>> Subject: Re: GRANT AL

Re: GRANT ALL ON DATABASE ...

2017-05-04 Thread Goden Yao
Hi Anyone may want to comment ? I found out this is actually supported in Hive Default Authorization (legacy) mode but probably not in SQL Standard Authorization, why is that? On Tue, May 2, 2017 at 10:20 AM Goden Yao wrote: > Hi > > I wonder if Ranger policy can support something like "GRANT AL

GRANT ALL ON DATABASE ...

2017-05-02 Thread Goden Yao
Hi I wonder if Ranger policy can support something like "GRANT ALL/READ ON DATABASE XYZ to ROLE XXX"? Or I have to specify each table iteratively in a database? Thanks -Goden -- Goden