[jira] [Updated] (RANGER-3676) tag-based policies don't recognize {OWNER} in users as resource owners

Madhan Neethiraj (Jira) Mon, 21 Mar 2022 14:16:05 -0700


     [ 
https://issues.apache.org/jira/browse/RANGER-3676?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Madhan Neethiraj updated RANGER-3676:
-------------------------------------
    Attachment: RANGER-3676.patch

> tag-based policies don't recognize {OWNER} in users as resource owners  
> ------------------------------------------------------------------------
>
>                 Key: RANGER-3676
>                 URL: https://issues.apache.org/jira/browse/RANGER-3676
>             Project: Ranger
>          Issue Type: Bug
>          Components: plugins
>            Reporter: Madhan Neethiraj
>            Assignee: Madhan Neethiraj
>            Priority: Major
>         Attachments: RANGER-3676.patch
>
>
> Ranger policies allow setting up permissions for resource-owners by using 
> \{OWNER} as the username in policies. Currently this works only for 
> resource-based policies, and not for tag-based policies. Recognizing \{OWNER} 
> in tag-based policies can help address wider authorization needs, like:
> {noformat}
> tag:           SENSITIVE
> users:         {OWNER}, groups: [ data-admins ]
> permissions:   [ select ]
> isDenyAllElse: true{noformat}
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3676) tag-based policies don't recognize {OWNER} in users as resource owners

Reply via email to