Thanks Ramesh - in Ranger UI, I see table is always required when creating a policy - is that the case? so you are saying I can put "*" in table input field?
On Thu, May 4, 2017 at 1:40 PM Ramesh Mani <[email protected]> wrote: > Goden, > > GRANT ALL/READ ON DATABASE XYZ you can maintain a policy for database “*” > , but with respect to ROLE XXX can this ROLE be a “group” in LDAP/AP or > unix? Then you can maintain this policy for GROUP XXX. > > Thanks, > Ramesh > > From: Goden Yao <[email protected]> > Reply-To: "[email protected]" <[email protected]> > Date: Thursday, May 4, 2017 at 1:34 PM > To: "[email protected]" <[email protected]> > Subject: Re: GRANT ALL ON DATABASE ... > > Hi Anyone may want to comment ? I found out this is actually supported in > Hive Default Authorization (legacy) mode but probably not in SQL Standard > Authorization, why is that? > > On Tue, May 2, 2017 at 10:20 AM Goden Yao <[email protected]> wrote: > >> Hi >> >> I wonder if Ranger policy can support something like "GRANT ALL/READ ON >> DATABASE XYZ to ROLE XXX"? >> >> Or I have to specify each table iteratively in a database? >> >> Thanks >> -Goden >> -- >> Goden >> > -- > Goden > -- Goden
