[
https://issues.apache.org/jira/browse/RANGER-3069?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Bhavik Patel resolved RANGER-3069.
----------------------------------
Resolution: Not A Problem
> Ranger users should be able to have both Keyadmin and Admin Roles
> ------------------------------------------------------------------
>
> Key: RANGER-3069
> URL: https://issues.apache.org/jira/browse/RANGER-3069
> Project: Ranger
> Issue Type: Improvement
> Components: admin, kms
> Affects Versions: 1.2.0
> Reporter: Jasper Knulst
> Priority: Major
> Attachments: Screenshot 2020-11-03 at 16.38.11.png
>
>
> Hi,
> I have been assigned the 'Key Manager' role (Settings -> Permissions) and I
> do see the extra UI menu option 'Encryption'. However I don't get to see the
> extra tile/ranger-service for <cluster>_KMS at Resource Based policies to be
> able to edit key related policies. I still have to logon as user/identity
> 'keyadmin' to see the <cluster>_KMS tile in the Service Manager
> I learned that for all the capabilities of keyadmin user one has to have the
> 'keyadmin' role assigned (User Profile / Select Role). Looks like the
> permission 'Key Manager' and the user role 'keyadmin' are 2 disconnected
> things. 'Key manager' enables nothing in the classical non-KMS. It is
> confusing as it promises some extra KMS functions whereas this is really
> coupled to the 'keyadmin' user role.
> I suggest a user should be able to have both 'admin' and 'keyadmin' user
> roles as 2 alternatives available now are not very good:
> 1. All KMS admin interactions done by a group of people that have access to
> the credentials of user 'keyadmin'
> 2. Setup separate personal account for superadmins. One for doing normal
> Ranger things and one for doing keyadmin things
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
