Mudit Sharma created RANGER-2962:
------------------------------------
Summary: Ranger Row Level Filter (See only data corresponding to
user logged in wihtout the need to create multiple user entries in policy)
Key: RANGER-2962
URL: https://issues.apache.org/jira/browse/RANGER-2962
Project: Ranger
Issue Type: Improvement
Components: Ranger
Reporter: Mudit Sharma
We are using Apache Ranger as our Security pipeline. We found out that Ranger
has a Row Level Filter option where we can limit the data visible to particular
users. The issue we are facing is that, let's say there are some 100 or 1000 of
users which we need to restrict to see only their own data in a particular hive
table, we need to create 100 or 1000 entries in Ranger Row Level Policy, for
ex: for each user A, we need to create a separate filter in policy saying
user_name = "A". This sometimes hit the DB limit for a policy meta and we need
to bifurcate the policy into 2-3 or many parts. Is there a way making use of
\{USER} and user_name = \{USER}, we can restrict each user to see only its own
data?
Also, in Row Level Filter currently we allow only Select, I would like to check
if we are looking forward for more such filter specific operations such as
Insert or Alter
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
