Abhay Kulkarni created RANGER-4291:
--------------------------------------
Summary: If a ROW_FILTER type policy resources match, then an
audit log record with Result=Denied i created
Key: RANGER-4291
URL: https://issues.apache.org/jira/browse/RANGER-4291
Project: Ranger
Issue Type: Bug
Components: Ranger
Reporter: Abhay Kulkarni
Assignee: Abhay Kulkarni
ROW_FILTER (and DATA_MASKING) policies are supported for Hive service type. For
a Hive resource being authorized, if a ROW_FILTER (or DATA_MASKING) policy's
resource-specification are matched but none of the policy-items match, then
effectively the policy did not match. However, if the policy has audit enabled,
then an audit log record is created with Access Type=ROW_FILTER and
Result=Denied.
This is a spurious and misleading audit record, and it should not be generated.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
