[ https://issues.apache.org/jira/browse/RANGER-2857?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Abhishek Shukla resolved RANGER-2857. ------------------------------------- Resolution: Not A Bug > Create volume fails for a policy with specific volume/bucket/key names > ---------------------------------------------------------------------- > > Key: RANGER-2857 > URL: https://issues.apache.org/jira/browse/RANGER-2857 > Project: Ranger > Issue Type: Bug > Components: plugins > Affects Versions: 2.1.0 > Reporter: Abhishek Shukla > Priority: Major > > *Test Policy Contents:* > {noformat} > { > "resources": { > "volume": { > "values": [ > "volume-ojzj-1", > "volume-ojzj-2" > ], > "isExcludes": false, > "isRecursive": false > }, > "bucket": { > "values": [ > "bucket-jezv-1", > "bucket-jezv-2" > ], > "isExcludes": false, > "isRecursive": false > }, > "key": { > "values": [ > "key-wssb_1", > "key-wssb_2" > ], > "isExcludes": false, > "isRecursive": false > } > }, > "policyItems": [ > { > "accesses": [ > { > "type": "read", > "isAllowed": true > }, > { > "type": "write", > "isAllowed": true > }, > { > "type": "create", > "isAllowed": true > }, > { > "type": "delete", > "isAllowed": true > } > ], > "users": [ > "hrt_qa" > ], > "groups": [], > "roles": [], > "conditions": [], > "delegateAdmin": false > } > ], > "denyPolicyItems": [], > "allowExceptions": [], > "denyExceptions": [], > "dataMaskPolicyItems": [], > "rowFilterPolicyItems": [], > "serviceType": "ozone", > "options": {}, > "validitySchedules": [], > "policyLabels": [], > "zoneName": "", > "isDenyAllElse": false > }{noformat} > > *Ozone Client Commands:* > {noformat} > $ ozone sh volume create o3://ozone1/volume-ojzj-1 > INFO rpc.RpcClient: Creating Volume: volume-ojzj-1, with hrt_qa as owner. > PERMISSION_DENIED User hrt_qa doesn't have CREATE permission to access volume > $ ozone sh volume delete o3://ozone1/volume-ojzj-1 > PERMISSION_DENIED User hrt_qa doesn't have DELETE permission to access volume > {noformat} > > Now in the same test policy, if I select bucket as *none* or give wildcard > [*] for the bucket and key resources, the access is provided to create/delete > the volume. -- This message was sent by Atlassian Jira (v8.3.4#803005)