Google Git
Sign in
apache / ranger / 797725221637736ae5a9836ff994477a8c5b8fd8 / . / knox-agent / src / test / resources / knox-policies.json
blob: 0863d74b69fe64396e9b1a61fd68e48828450028 [file] [log] [blame]
{
"serviceName": "cl1_knox",
"serviceId": 1,
"policyVersion": 5,
"policyUpdateTime": "20170620-17:47:01.000-+0100",
"policies": [
{
"service": "cl1_knox",
"name": "all - topology, service",
"policyType": 0,
"description": "Policy for all - topology, service",
"isAuditEnabled": true,
"resources": {
"topology": {
"values": [
"*"
],
"isExcludes": false,
"isRecursive": false
},
"service": {
"values": [
"*"
],
"isExcludes": false,
"isRecursive": false
}
},
"policyItems": [
{
"accesses": [
{
"type": "allow",
"isAllowed": true
}
],
"users": [
"admin"
],
"groups": [],
"conditions": [],
"delegateAdmin": true
}
],
"denyPolicyItems": [],
"allowExceptions": [],
"denyExceptions": [],
"dataMaskPolicyItems": [],
"rowFilterPolicyItems": [],
"id": 1,
"isEnabled": true,
"version": 1
},
{
"service": "cl1_knox",
"name": "ClusterPolicy",
"policyType": 0,
"description": "",
"isAuditEnabled": true,
"resources": {
"topology": {
"values": [
"cluster"
],
"isExcludes": false,
"isRecursive": false
},
"service": {
"values": [
"KAFKA",
"WEBHDFS",
"WEBHBASE",
"SOLR"
],
"isExcludes": false,
"isRecursive": false
}
},
"policyItems": [
{
"accesses": [
{
"type": "allow",
"isAllowed": true
}
],
"users": [
"alice"
],
"groups": [],
"conditions": [],
"delegateAdmin": false
}
],
"denyPolicyItems": [],
"allowExceptions": [],
"denyExceptions": [],
"dataMaskPolicyItems": [],
"rowFilterPolicyItems": [],
"id": 2,
"isEnabled": true,
"version": 2
},
{
"service": "cl1_knox",
"name": "StormPolicy",
"policyType": 0,
"description": "",
"isAuditEnabled": true,
"resources": {
"topology": {
"values": [
"cluster"
],
"isExcludes": false,
"isRecursive": false
},
"service": {
"values": [
"STORM"
],
"isExcludes": false,
"isRecursive": false
}
},
"policyItems": [
{
"accesses": [
{
"type": "allow",
"isAllowed": true
}
],
"users": [
"bob"
],
"groups": [],
"conditions": [],
"delegateAdmin": false
}
],
"denyPolicyItems": [],
"allowExceptions": [],
"denyExceptions": [],
"dataMaskPolicyItems": [],
"rowFilterPolicyItems": [],
"id": 3,
"isEnabled": true,
"version": 1
}
],
"serviceDef": {
"name": "knox",
"implClass": "org.apache.ranger.services.knox.RangerServiceKnox",
"label": "Knox Gateway",
"description": "Knox Gateway",
"options": {
"enableDenyAndExceptionsInPolicies": "true"
},
"configs": [
{
"itemId": 1,
"name": "username",
"type": "string",
"mandatory": true,
"validationRegEx": "",
"validationMessage": "",
"uiHint": "",
"label": "Username"
},
{
"itemId": 2,
"name": "password",
"type": "password",
"mandatory": true,
"validationRegEx": "",
"validationMessage": "",
"uiHint": "",
"label": "Password"
},
{
"itemId": 3,
"name": "knox.url",
"type": "string",
"mandatory": true,
"defaultValue": "",
"validationRegEx": "",
"validationMessage": "",
"uiHint": ""
},
{
"itemId": 4,
"name": "commonNameForCertificate",
"type": "string",
"mandatory": false,
"validationRegEx": "",
"validationMessage": "",
"uiHint": "",
"label": "Common Name for Certificate"
}
],
"resources": [
{
"itemId": 1,
"name": "topology",
"type": "string",
"level": 10,
"mandatory": true,
"lookupSupported": true,
"recursiveSupported": false,
"excludesSupported": true,
"matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher",
"matcherOptions": {
"wildCard": "true",
"ignoreCase": "false"
},
"validationRegEx": "",
"validationMessage": "",
"uiHint": "",
"label": "Knox Topology",
"description": "Knox Topology"
},
{
"itemId": 2,
"name": "service",
"type": "string",
"level": 20,
"parent": "topology",
"mandatory": true,
"lookupSupported": true,
"recursiveSupported": false,
"excludesSupported": true,
"matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher",
"matcherOptions": {
"wildCard": "true",
"ignoreCase": "false"
},
"validationRegEx": "",
"validationMessage": "",
"uiHint": "",
"label": "Knox Service",
"description": "Knox Service"
}
],
"accessTypes": [
{
"itemId": 1,
"name": "allow",
"label": "Allow",
"impliedGrants": []
}
],
"policyConditions": [
{
"itemId": 1,
"name": "ip-range",
"evaluator": "org.apache.ranger.plugin.conditionevaluator.RangerIpMatcher",
"evaluatorOptions": {},
"validationRegEx": "",
"validationMessage": "",
"uiHint": "",
"label": "IP Address Range",
"description": "IP Address Range"
}
],
"contextEnrichers": [],
"enums": [],
"dataMaskDef": {
"maskTypes": [],
"accessTypes": [],
"resources": []
},
"rowFilterDef": {
"accessTypes": [],
"resources": []
},
"id": 5,
"guid": "84b481b5-f23b-4f71-b8b6-ab33977149ca",
"isEnabled": true,
"createTime": "20170620-17:41:25.000-+0100",
"updateTime": "20170620-17:41:25.000-+0100",
"version": 1
},
"auditMode": "audit-default"
}