Hey all, We are running on 71. and have a couple issues I'm curious about from an admin perspective: a) I'm trying to understand if there is a way decouple Hive metadata authorization (SHOW DATABASES, SHOW TABLES, etc) from the SELECT permission grant. I'd like for users to be able do schema discovery without having access to the underlying data but currently I'm finding no way to accomplish this.
b) is there any good documentation that describes the practical difference between an exclude and deny with respect to a resource based policy? We haven't enabled deny via the config yet (it's one of our next tests) but I have yet to see excludes work in the way expect and I'd assume someone has documented this stuff well somewhere. c) is there an exposed Swagger resource for a local Ranger server? I was able to explore the apidocs via the official swagger documentation on the wiki but have had no luck discovering a working spec via our current running PoC server. Thank you in advance for any help! -- Matt
