[jira] [Assigned] (RANGER-4037) Audits are not getting generated for policy enforcement works based on policy condition

Thu, 22 Jun 2023 02:53:04 -0700 


     [ 
https://issues.apache.org/jira/browse/RANGER-4037?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Siddhant Sontakke reassigned RANGER-4037:
-----------------------------------------

    Assignee: Siddhant Sontakke

> Audits are not getting generated for policy enforcement works based on policy 
> condition 
> ----------------------------------------------------------------------------------------
>
>                 Key: RANGER-4037
>                 URL: https://issues.apache.org/jira/browse/RANGER-4037
>             Project: Ranger
>          Issue Type: Bug
>          Components: Ranger
>            Reporter: Anupam Rai
>            Assignee: Siddhant Sontakke
>            Priority: Major
>
> Audits are not getting generated for policy enforcement works based on policy 
> condition :
> RangerNoneOfExpectedTagsPresentConditionEvaluator
> Steps to reproduce :
>  - Apply policy conditions in service defs 
> {code:java}
> "policyConditions": [
>         {
>             "itemId": 1,
>             "name": "all-tag-present",
>             "evaluator": 
> "org.apache.ranger.plugin.conditionevaluator.RangerTagsAllPresentConditionEvaluator",
>             "evaluatorOptions": {},
>             "label": "Tags All Present?",
>             "description": "Tags All Present?"
>         },
>         {
>             "itemId": 2,
>             "name": "none-of-tag-present",
>             "evaluator": 
> "org.apache.ranger.plugin.conditionevaluator.RangerNoneOfExpectedTagsPresentConditionEvaluator",
>             "evaluatorOptions": {},
>             "label": "None of Tags Present?",
>             "description": "None of Tags Present?"
>         },
>         {
>             "itemId": 3,
>             "name": "any-of-tag-present",
>             "evaluator": 
> "org.apache.ranger.plugin.conditionevaluator.RangerAnyOfExpectedTagsPresentConditionEvaluator",
>             "evaluatorOptions": {},
>             "label": "Any of Tags Present?",
>             "description": "Any of Tags Present?"
>         }    ], {code}
> Add tag based policy for with 
> RangerNoneOfExpectedTagsPresentConditionEvaluator tag including tag which is 
> used to created policy  and give hive access to user 
> Try access tag related attribute in beeline 
> User will be denied and policy is enforced but in audit logs denied policy 
> wont be available .
> Thanks



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to