| {"version":3,"sources":["/home/madhan/Apache/git/atlas/docs/target/src/documents/Security/AtlasSimpleAuthorizer.md","/home/madhan/Apache/git/atlas/docs/target/theme/styles/styled-colors.js"],"names":["layoutProps","MDXContent","components","props","mdxType","parentName","wrapLines","language","style","theme","isMDXComponent","dark","hljs","color"],"mappings":"ylBAWMA,EAAc,GAIL,SAASC,EAAW,GAG/B,IAFFC,EAAU,EAAVA,WACGC,EAAK,iBAER,OAAO,cALS,UAKC,iBAAKH,EAAiBG,EAAK,CAAED,WAAYA,EAAYE,QAAQ,cAE5E,oBACE,GAAM,2BAAyB,2BAEjC,oBACE,GAAM,6CAA2C,6CAEnD,+CAA4B,mBAAGC,WAAW,IACtC,KAAQ,wBAAsB,uBACF,kXAIhC,oBACE,GAAM,0BAAwB,0BAEhC,sJACA,cAAC,IAAiB,CAACC,WAAW,EAAMC,SAAS,QAAQC,MAAOC,IAAYL,QAAQ,qBAAmB,0HAInG,yJACA,wBACE,oBAAIC,WAAW,MAAI,oFACnB,oBAAIA,WAAW,MAAI,2CACnB,oBAAIA,WAAW,MAAI,cAErB,oBACE,GAAM,sBAAoB,sBAE5B,wNAEA,oBACE,GAAM,SAAO,SAEf,iEACA,wBACE,oBAAIA,WAAW,MAAI,mCACnB,oBAAIA,WAAW,MAAI,wFACnB,oBAAIA,WAAW,MAAI,yFAErB,6JACA,cAAC,IAAiB,CAACC,WAAW,EAAMC,SAAS,QAAQC,MAAOC,IAAYL,QAAQ,qBAAmB,4/BAuDnG,oBACE,GAAM,yCAAuC,yCAE/C,iGACA,cAAC,IAAiB,CAACE,WAAW,EAAMC,SAAS,QAAQC,MAAOC,IAAYL,QAAQ,qBAAmB,wSAiBnG,uNAEA,cAAC,IAAiB,CAACE,WAAW,EAAMC,SAAS,QAAQC,MAAOC,IAAYL,QAAQ,qBAAmB,uQAiBtG,qMAEDH,EAAWS,gBAAiB,G,+DC/J5B,iFAqBAC,IAAKC,KAAKC,MAAQ,UACHF,MAAI","file":"static/js/documents-security-atlas-simple-authorizer.1ae31fd1.js","sourcesContent":["\nimport React from 'react'\nimport { mdx } from '@mdx-js/react'\n\n/* @jsxRuntime classic */\n/* @jsx mdx */\nimport themen from 'theme/styles/styled-colors';\nimport * as theme from 'react-syntax-highlighter/dist/esm/styles/hljs';\nimport SyntaxHighlighter from 'react-syntax-highlighter';\n\n\nconst layoutProps = {\n \n};\nconst MDXLayout = \"wrapper\"\nexport default function MDXContent({\n components,\n ...props\n}) {\n return <MDXLayout {...layoutProps} {...props} components={components} mdxType=\"MDXLayout\">\n\n <h1 {...{\n \"id\": \"atlas-simple-authorizer\"\n }}>{`Atlas Simple Authorizer`}</h1>\n <h2 {...{\n \"id\": \"setting-up-atlas-to-use-simple-authorizer\"\n }}>{`Setting up Atlas to use Simple Authorizer`}</h2>\n <p>{`As detailed in Atlas `}<a parentName=\"p\" {...{\n \"href\": \"#/AuthorizationModel\"\n }}>{`Authorization Model`}</a>{`, Apache Atlas supports a pluggable authorization\nmodel. Simple authorizer is the default authorizer implementation included in Apache Atlas. Simple authorizer uses\npolicies defined in a JSON file. This document provides details of steps to configure Apache Atlas to use the simple\nauthorizer and details of the JSON file format containing authorization policies.`}</p>\n <h2 {...{\n \"id\": \"configure-apache-atlas\"\n }}>{`Configure Apache Atlas`}</h2>\n <p>{`To configure Apache Atlas to use simple authorizer, include the following properties in application.properties config file:`}</p>\n <SyntaxHighlighter wrapLines={true} language=\"shell\" style={theme.dark} mdxType=\"SyntaxHighlighter\">\n {`atlas.authorizer.impl=simple\natlas.authorizer.simple.authz.policy.file=/etc/atlas/conf/atlas-simple-authz-policy.json`}\n </SyntaxHighlighter>\n <p>{`Please note that if the policy file location specified is not an absolute path, the file will be looked up in following paths:`}</p>\n <ul>\n <li parentName=\"ul\">{`Apache Atlas configuration directory (specified by system property =atlas.conf=)`}</li>\n <li parentName=\"ul\">{`Apache Atlas server's current directory`}</li>\n <li parentName=\"ul\">{`CLASSPATH`}</li>\n </ul>\n <h3 {...{\n \"id\": \"policy-file-format\"\n }}>{`Policy file format`}</h3>\n <p>{`Simple authorizer uses =roles= to group permissions, which can then be assigned to users and user-groups. Following examples\nwould help to understand the details of the policy file format:`}</p>\n <h3 {...{\n \"id\": \"roles\"\n }}>{`Roles`}</h3>\n <p>{`Following policy file defines 3 roles:`}</p>\n <ul>\n <li parentName=\"ul\">{`ROLE_ADMIN: has all permissions`}</li>\n <li parentName=\"ul\">{`PROD_READ_ONLY: has access to read entities having qualifiedName ending with \"@prod\"`}</li>\n <li parentName=\"ul\">{`TEST_ALL_ACCESS: has all access to entities having qualifiedName ending with \"@test\"`}</li>\n </ul>\n <p>{`Simple authorizer supports Java reg-ex to specify values for privilege/entity-type/entity-id/classification/typeName/typeCategory.`}</p>\n <SyntaxHighlighter wrapLines={true} language=\"shell\" style={theme.dark} mdxType=\"SyntaxHighlighter\">\n {`{\n \"roles\": {\n \"ROLE_ADMIN\": {\n \"adminPermissions\": [\n {\n \"privileges\": [ \".*\" ]\n }\n ],\n \"entityPermissions\": [\n {\n \"privileges\": [ \".*\" ],\n \"entityTypes\": [ \".*\" ],\n \"entityIds\": [ \".*\" ],\n \"classifications\": [ \".*\" ]\n }\n ],\n\n \"typePermissions\": [\n {\n \"privileges\": [ \".*\" ],\n \"typeCategories\": [ \".*\" ],\n \"typeNames\": [ \".*\" ]\n }\n ]\n},\n\n\"PROD_READ_ONLY\" : {\n \"entityPermissions\": [\n {\n \"privileges\": [ \"entity-read\", \"entity-read-classification\" ],\n \"entityTypes\": [ \".*\" ],\n \"entityIds\": [ \".*@prod\" ],\n \"classifications\": [ \".*\" ]\n }\n}\n\n\"TEST_ALL_ACCESS\" : {\n \"entityPermissions\": [\n {\n \"privileges\": [ \".*\" ],\n \"entityTypes\": [ \".*\" ],\n \"entityIds\": [ \".*@test\" ],\n \"classifications\": [ \".*\" ]\n }\n}\n },\n \"userRoles\": {\n ...\n },\n \"groupRoles\": {\n ...\n }\n}`}\n </SyntaxHighlighter>\n <h3 {...{\n \"id\": \"assign-roles-to-users-and-user-groups\"\n }}>{`Assign Roles to Users and User Groups`}</h3>\n <p>{`Roles defined above can be assigned (granted) to users as shown below:`}</p>\n <SyntaxHighlighter wrapLines={true} language=\"shell\" style={theme.dark} mdxType=\"SyntaxHighlighter\">\n {`{\n \"roles\": {\n ...\n },\n \"userRoles\": {\n \"admin\": [ \"ROLE_ADMIN\" ],\n \"steward\": [ \"DATA_STEWARD\" ],\n \"user1\": [ \"PROD_READ_ONLY\" ],\n \"user2\": [ \"TEST_ALL_ACCESS\" ],\n \"user3\": [ \"PROD_READ_ONLY\", \"TEST_ALL_ACCESS\" ],\n },\n \"groupRoles\": {\n ...\n }\n}`}\n </SyntaxHighlighter>\n <p>{`Roles can be assigned (granted) to user-groups as shown below. A user can belong to multiple groups; roles assigned to\nall groups the user belongs to will be used to authorize the access.`}</p>\n <SyntaxHighlighter wrapLines={true} language=\"shell\" style={theme.dark} mdxType=\"SyntaxHighlighter\">\n {`{\n \"roles\": {\n ...\n },\n \"userRoles\": {\n ...\n },\n \"groupRoles\": {\n \"admins\": [ \"ROLE_ADMIN\" ],\n \"dataStewards\": [ \"DATA_STEWARD\" ],\n \"testUsers\": [ \"TEST_ALL_ACCESS\" ],\n \"prodReadUsers\": [ \"PROD_READ_ONLY\" ]\n }\n}`}\n </SyntaxHighlighter>\n </MDXLayout>;\n}\n;\nMDXContent.isMDXComponent = true;","/**\n * Licensed to the Apache Software Foundation (ASF) under one\n * or more contributor license agreements. See the NOTICE file\n * distributed with this work for additional information\n * regarding copyright ownership. The ASF licenses this file\n * to you under the Apache License, Version 2.0 (the\n * \"License\"); you may not use this file except in compliance\n * with the License. You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { dark } from \"react-syntax-highlighter/dist/esm/styles/hljs\";\n\n//dark[\"powershell\"][\"color\"] = \"#37bb9b\";\ndark.hljs.color = \"#37bb9b\";\nexport default dark;"],"sourceRoot":""} |