Sam An created HIVE-21833:
-----------------------------
Summary: Ranger Authorization in Hive based on object ownership
Key: HIVE-21833
URL: https://issues.apache.org/jira/browse/HIVE-21833
Project: Hive
Issue Type: New Feature
Components: HiveServer2
Reporter: Sam An
Assignee: Sam An
Background: Currently Hive Authorizer for Ranger does not provide owner
information for Hive objects as part of AuthZ calls. This has resulted in gaps
with respect to Sentry AuthZ and customers/partners cannot leverage privileges
for owners in their authorization model.
User Story: As an enterprise security admin, I need to be able to set
privileges based on Hive object ownership for setting up access controls in
Ranger so that I can provide appropriate protections and permissions for my
enterprise users.
Acceptance criteria:
1) Owner information is available in Hive -Ranger AuthZ calls
2) Ranger admin users can use owner information to set policies based on object
ownership in Ranger UI and APIs
3) OWNER Macro based policies continue to work for Hive objects
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
