[jira] [Comment Edited] (RANGER-2465) Create a PolicyCondition to apply if all given tags are present for the accessed resource

Thu, 13 Jun 2019 11:39:34 -0700 


    [ 
https://issues.apache.org/jira/browse/RANGER-2465?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16863365#comment-16863365
 ] 

Ramesh Mani edited comment on RANGER-2465 at 6/13/19 6:38 PM:
--------------------------------------------------------------

Also attaching the sample service definition for including the Multi-Tag Policy 
Condition.
1) There will be a policy condition defined like the following.
{code:java}
{
        "itemId":3,
        "name":"tags",
        "evaluator": 
"org.apache.ranger.plugin.conditionevaluator.RangerMultipleTagsConditionEvaluator",
        "label":"Enter Tags",
        "description": "Enter Tags"
      }
{code}
2) In the Tag Policies will have Multiple-Tag values to enter:
{code:java}
{"name":"multitag-policy-for-financeDB",
      "resource":{"elements":{"database":"finance"}},
      "accessType": "read",
      "conditions": [
        {
          "type": "tags",
          "values": [
            "PCI",
            "HIPPA"
          ]
        }
      ],
}
{code}


was (Author: rmani):
Also attaching the sample service definition for including the Multi-Tag Policy 
Condition.
1) There will be a policy condition defined like the following.
{code:java}
{
        "itemId":3,
        "name":"tags",
        "evaluator": 
"org.apache.ranger.plugin.conditionevaluator.RangerMultipleTagsConditionEvaluator",
        "label":"Enter Tags",
        "description": "Enter Tags"
      }
{code}
2) In the Tag Policies will have Multiple-Tag values to enter:
{"name":"multitag-policy-for-financeDB",
      "resource":{"elements":{"database":"finance"}},
      "accessType": "read",
      "conditions": [
        {
          "type": "tags",
          "values": [
            "PCI",
            "HIPPA"
          ]
        }
      ],
}


> Create a PolicyCondition to apply if all given tags are present for the 
> accessed resource
> -----------------------------------------------------------------------------------------
>
>                 Key: RANGER-2465
>                 URL: https://issues.apache.org/jira/browse/RANGER-2465
>             Project: Ranger
>          Issue Type: Bug
>          Components: Ranger
>    Affects Versions: master
>            Reporter: Ramesh Mani
>            Assignee: Ramesh Mani
>            Priority: Major
>             Fix For: 2.0.0
>
>
> Create a PolicyCondition to apply if all given tags are present for the 
> accessed resource.
> i.e All the Tags in the policy condition has to be present for the resource 
> when user access it, then only allow that resource to be accessed by that 
> user.
> A built in Policy Condition has to be created for this, which can be defined 
> in the service definition of a service that needs this addition functionality.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to