Madhan, this is very useful.
Thanks again
Regards
Bosco
On 12/4/20, 11:35 PM, "Madhan Neethiraj" <mad...@apache.org> wrote:
Bosco,
Yes. Python APIs support CRUD operations on
service-defs/services/policies/security-zones/roles - like:
- create_policy()
- update_policy()
- update_policy_by_id()
- apply_policy()
- delete_policy()
- delete_policy_by_id()
- get_policy()
- get_policy_by_id()
- get_policies_in_service()
- find_policies()
Until documentation is in place, complete list of APIs can be found from
RangerClient class here:
https://github.com/apache/ranger/blob/master/intg/src/main/python/apache_ranger/client/ranger_client.py#L245.
Hope this helps.
Madhan
On 12/4/20, 10:48 PM, "Don Bosco Durai" <bo...@apache.org> wrote:
Madhan, this is very good.
Does the script also supports deleting or modifying of Ranger Policies?
Regards
Bosco
On 12/4/20, 9:09 AM, "Madhan Neethiraj" <mad...@apache.org> wrote:
All,
Official Python client for Apache Ranger is now available at
https://pypi.org/project/apache-ranger/. Python client APIs mirror Apache
Ranger REST APIs, and enable administration of Apache Ranger using Python.
Here is a sample usage to create a service and a policy using
Python client:
from apache_ranger.model.ranger_service import RangerService
from apache_ranger.client.ranger_client import RangerClient
from apache_ranger.model.ranger_policy import RangerPolicy,
RangerPolicyResource, RangerPolicyItem, RangerPolicyItemAccess
service_name = 'dev_hive'
service = RangerService(name=service_name, type='hive')
service.configs = {'username':'hive', 'password':'hive',
'jdbc.driverClassName': 'org.apache.hive.jdbc.HiveDriver', 'jdbc.url':
'jdfb:hive2://ranger-hadoop:10000', 'hadoop.security.authorization': 'true'}
policy = RangerPolicy(service=service_name, name='test policy')
policy.resources = {'database':
RangerPolicyResource(['test_db']), 'table': RangerPolicyResource(['test_tbl']),
'column': RangerPolicyResource(['*'])}
policy.policyItems.append(RangerPolicyItem(users=['admin'],
accesses=[RangerPolicyItemAccess('create'), RangerPolicyItemAccess('alter'),
RangerPolicyItemAccess('drop')], delegateAdmin=True))
policy.denyPolicyItems.append(RangerPolicyItem(users=['admin'],
accesses=[RangerPolicyItemAccess('select')]))
ranger_client = RangerClient('http://localhost:6080',
'admin', 'rangerR0cks!')
created_service = ranger_client.create_service(service)
created_policy = ranger_client.create_policy(policy)
Apache Ranger team is updating the documentation to include details
of Python APIs.
Your feedback and suggestions are welcome.
Thanks,
Madhan
