Ok. Thanks @Bosco
On 3/26/17, 10:42 PM, "Don Bosco Durai" <[email protected]> wrote: >Gangadhar > >Thanks for volunteering. We can wait for some more time to see anyone else is >interested. > >We can come with the high level design and go from there.. > >Bosco > > >On 3/24/17, 7:34 PM, "Kadam, Gangadhar (GE Aviation, Non-GE)" ><[email protected]> wrote: > > Hi Bosco, > > Thanks for your valuable inputs. At least I am ready to volunteer myself > and I believer others in the community might also looking something like this. > > Please let me know how we can proceed with this. > > > > On 3/24/17, 7:46 PM, "Don Bosco Durai" <[email protected]> wrote: > > >Gangadhar > > > >By design, Ranger is an in-process plugin model. This helps us to scale > along with your component and it is not the point of failure. E.g. If you > have 100 node HBase cluster, then Ranger plugins within each HBase Region > Server and do enforcement and collect the audit logs. > > > >With proprietary closed software like Oracle or SQLServer, it comes > difficult to implement the plugin, unless the component already supports an > interface to override. > > > >Greenplum source is available, so might be able to write your plugin, > provided it is properly abstracted. Currently, we are working with the HAWQ > community to integrate with Ranger, but since HAWQ is in c/c++, the Ranger > plugin would be hosted in a separate Java process and expose REST APIs. > Similar design can be leveraged for non-java components. > > > >Another option is to use Ranger just to manage the privileges. We got > similar requests to support S3 and one of the suggestions floated around was > to support a design which manage the privileges for S3 buckets, but the > enforcements will be still done by S3. > > > >If there are enough community interest and volunteers available, we could > try out something. > > > >Bosco > > > > > >On 3/24/17, 12:47 PM, "Kadam, Gangadhar (GE Aviation, Non-GE)" > <[email protected]> wrote: > > > > Hi, > > > > We are looking for centralized security framework which can provide > security to both Enterprise Hadoop ecosystem (HDP2.5) as well as the existing > RDBMS (PostgreSQL and Oracle) as well. We are currently using Hortonworks > HDP2.5 distribution and already using Apache Ranger for Hive, Hbase etc and > we would like to extend it to Greenplum(PostgreSQL), Oracle databases as well. > > > > > > Apache Ranger’s has extensible plugin model and it needs a policy > store, for which it supports many RDBMS config. > > > > Can Apache Ranger be used to create a custom plugin for Oracle & > PostgreSQL to provide security to Oracle & PostgreSQL tables as well. > > > > I can some pointers on the below link > > > > > https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=53741207 > > > > Is this feasible to do it, what are the pros and cons of it and how > should we go about it. > > > > Thanks! > > Gangadhar > > > > > > > > >
