Hi Bosco, Thanks for your valuable inputs. At least I am ready to volunteer myself and I believer others in the community might also looking something like this.
Please let me know how we can proceed with this. On 3/24/17, 7:46 PM, "Don Bosco Durai" <[email protected]> wrote: >Gangadhar > >By design, Ranger is an in-process plugin model. This helps us to scale along >with your component and it is not the point of failure. E.g. If you have 100 >node HBase cluster, then Ranger plugins within each HBase Region Server and do >enforcement and collect the audit logs. > >With proprietary closed software like Oracle or SQLServer, it comes difficult >to implement the plugin, unless the component already supports an interface to >override. > >Greenplum source is available, so might be able to write your plugin, provided >it is properly abstracted. Currently, we are working with the HAWQ community >to integrate with Ranger, but since HAWQ is in c/c++, the Ranger plugin would >be hosted in a separate Java process and expose REST APIs. Similar design can >be leveraged for non-java components. > >Another option is to use Ranger just to manage the privileges. We got similar >requests to support S3 and one of the suggestions floated around was to >support a design which manage the privileges for S3 buckets, but the >enforcements will be still done by S3. > >If there are enough community interest and volunteers available, we could try >out something. > >Bosco > > >On 3/24/17, 12:47 PM, "Kadam, Gangadhar (GE Aviation, Non-GE)" ><[email protected]> wrote: > > Hi, > > We are looking for centralized security framework which can provide > security to both Enterprise Hadoop ecosystem (HDP2.5) as well as the existing > RDBMS (PostgreSQL and Oracle) as well. We are currently using Hortonworks > HDP2.5 distribution and already using Apache Ranger for Hive, Hbase etc and > we would like to extend it to Greenplum(PostgreSQL), Oracle databases as well. > > > Apache Ranger’s has extensible plugin model and it needs a policy store, > for which it supports many RDBMS config. > > Can Apache Ranger be used to create a custom plugin for Oracle & > PostgreSQL to provide security to Oracle & PostgreSQL tables as well. > > I can some pointers on the below link > > https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=53741207 > > Is this feasible to do it, what are the pros and cons of it and how should > we go about it. > > Thanks! > Gangadhar > > >
