> On June 18, 2020, 6:57 p.m., Madhan Neethiraj wrote: > > agents-common/src/main/resources/service-defs/ranger-servicedef-kudu.json > > Lines 158 (patched) > > <https://reviews.apache.org/r/72603/diff/1/?file=2234799#file2234799line158> > > > > Is "with grant" here equivalent of "with grant option" in SQL? i.e the > > user with this permission can grant access to other users/groups. If that > > is the intent, simply adding "impliedGrants" will not be enough. It will > > requlre "delegateAdmin" flag to be true in RangerPolicy.
It is, but Kudu doesn't support granting permissions in Ranger right now, so this is used for creating tables with a different owner and changing owners. I also tried to go down the delegateAdmin route, do you mean that it can be set in the service definition? Or that I should use delegateAdmin instead of this role? Is there a way to make it imply other grants? - Attila ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/72603/#review221027 ----------------------------------------------------------- On June 18, 2020, 4:27 p.m., Attila Bukor wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/72603/ > ----------------------------------------------------------- > > (Updated June 18, 2020, 4:27 p.m.) > > > Review request for ranger. > > > Repository: ranger > > > Description > ------- > > RANGER-2865: Add ALL WITH GRANT to Kudu service > > > Diffs > ----- > > agents-common/src/main/resources/service-defs/ranger-servicedef-kudu.json > e2a8b72a96b89893d2bec11a201ffbe1b2b28e09 > > > Diff: https://reviews.apache.org/r/72603/diff/1/ > > > Testing > ------- > > * I did test that it works as expected in Kudu > > > Thanks, > > Attila Bukor > >
