| { |
| "serviceName": "cl1_knox", |
| "serviceId": 1, |
| "policyVersion": 5, |
| "policyUpdateTime": "20170620-17:47:01.000-+0100", |
| "policies": [ |
| { |
| "service": "cl1_knox", |
| "name": "all - topology, service", |
| "policyType": 0, |
| "description": "Policy for all - topology, service", |
| "isAuditEnabled": true, |
| "resources": { |
| "topology": { |
| "values": [ |
| "*" |
| ], |
| "isExcludes": false, |
| "isRecursive": false |
| }, |
| "service": { |
| "values": [ |
| "*" |
| ], |
| "isExcludes": false, |
| "isRecursive": false |
| } |
| }, |
| "policyItems": [ |
| { |
| "accesses": [ |
| { |
| "type": "allow", |
| "isAllowed": true |
| } |
| ], |
| "users": [ |
| "admin" |
| ], |
| "groups": [], |
| "conditions": [], |
| "delegateAdmin": true |
| } |
| ], |
| "denyPolicyItems": [], |
| "allowExceptions": [], |
| "denyExceptions": [], |
| "dataMaskPolicyItems": [], |
| "rowFilterPolicyItems": [], |
| "id": 1, |
| "isEnabled": true, |
| "version": 1 |
| }, |
| { |
| "service": "cl1_knox", |
| "name": "ClusterPolicy", |
| "policyType": 0, |
| "description": "", |
| "isAuditEnabled": true, |
| "resources": { |
| "topology": { |
| "values": [ |
| "cluster" |
| ], |
| "isExcludes": false, |
| "isRecursive": false |
| }, |
| "service": { |
| "values": [ |
| "KAFKA", |
| "WEBHDFS", |
| "WEBHBASE", |
| "SOLR" |
| ], |
| "isExcludes": false, |
| "isRecursive": false |
| } |
| }, |
| "policyItems": [ |
| { |
| "accesses": [ |
| { |
| "type": "allow", |
| "isAllowed": true |
| } |
| ], |
| "users": [ |
| "alice" |
| ], |
| "groups": [], |
| "conditions": [], |
| "delegateAdmin": false |
| } |
| ], |
| "denyPolicyItems": [], |
| "allowExceptions": [], |
| "denyExceptions": [], |
| "dataMaskPolicyItems": [], |
| "rowFilterPolicyItems": [], |
| "id": 2, |
| "isEnabled": true, |
| "version": 2 |
| }, |
| { |
| "service": "cl1_knox", |
| "name": "StormPolicy", |
| "policyType": 0, |
| "description": "", |
| "isAuditEnabled": true, |
| "resources": { |
| "topology": { |
| "values": [ |
| "cluster" |
| ], |
| "isExcludes": false, |
| "isRecursive": false |
| }, |
| "service": { |
| "values": [ |
| "STORM" |
| ], |
| "isExcludes": false, |
| "isRecursive": false |
| } |
| }, |
| "policyItems": [ |
| { |
| "accesses": [ |
| { |
| "type": "allow", |
| "isAllowed": true |
| } |
| ], |
| "users": [ |
| "bob" |
| ], |
| "groups": [], |
| "conditions": [], |
| "delegateAdmin": false |
| } |
| ], |
| "denyPolicyItems": [], |
| "allowExceptions": [], |
| "denyExceptions": [], |
| "dataMaskPolicyItems": [], |
| "rowFilterPolicyItems": [], |
| "id": 3, |
| "isEnabled": true, |
| "version": 1 |
| } |
| ], |
| "serviceDef": { |
| "name": "knox", |
| "implClass": "org.apache.ranger.services.knox.RangerServiceKnox", |
| "label": "Knox Gateway", |
| "description": "Knox Gateway", |
| "options": { |
| "enableDenyAndExceptionsInPolicies": "true" |
| }, |
| "configs": [ |
| { |
| "itemId": 1, |
| "name": "username", |
| "type": "string", |
| "mandatory": true, |
| "validationRegEx": "", |
| "validationMessage": "", |
| "uiHint": "", |
| "label": "Username" |
| }, |
| { |
| "itemId": 2, |
| "name": "password", |
| "type": "password", |
| "mandatory": true, |
| "validationRegEx": "", |
| "validationMessage": "", |
| "uiHint": "", |
| "label": "Password" |
| }, |
| { |
| "itemId": 3, |
| "name": "knox.url", |
| "type": "string", |
| "mandatory": true, |
| "defaultValue": "", |
| "validationRegEx": "", |
| "validationMessage": "", |
| "uiHint": "" |
| }, |
| { |
| "itemId": 4, |
| "name": "commonNameForCertificate", |
| "type": "string", |
| "mandatory": false, |
| "validationRegEx": "", |
| "validationMessage": "", |
| "uiHint": "", |
| "label": "Common Name for Certificate" |
| } |
| ], |
| "resources": [ |
| { |
| "itemId": 1, |
| "name": "topology", |
| "type": "string", |
| "level": 10, |
| "mandatory": true, |
| "lookupSupported": true, |
| "recursiveSupported": false, |
| "excludesSupported": true, |
| "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher", |
| "matcherOptions": { |
| "wildCard": "true", |
| "ignoreCase": "false" |
| }, |
| "validationRegEx": "", |
| "validationMessage": "", |
| "uiHint": "", |
| "label": "Knox Topology", |
| "description": "Knox Topology" |
| }, |
| { |
| "itemId": 2, |
| "name": "service", |
| "type": "string", |
| "level": 20, |
| "parent": "topology", |
| "mandatory": true, |
| "lookupSupported": true, |
| "recursiveSupported": false, |
| "excludesSupported": true, |
| "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher", |
| "matcherOptions": { |
| "wildCard": "true", |
| "ignoreCase": "false" |
| }, |
| "validationRegEx": "", |
| "validationMessage": "", |
| "uiHint": "", |
| "label": "Knox Service", |
| "description": "Knox Service" |
| } |
| ], |
| "accessTypes": [ |
| { |
| "itemId": 1, |
| "name": "allow", |
| "label": "Allow", |
| "impliedGrants": [] |
| } |
| ], |
| "policyConditions": [ |
| { |
| "itemId": 1, |
| "name": "ip-range", |
| "evaluator": "org.apache.ranger.plugin.conditionevaluator.RangerIpMatcher", |
| "evaluatorOptions": {}, |
| "validationRegEx": "", |
| "validationMessage": "", |
| "uiHint": "", |
| "label": "IP Address Range", |
| "description": "IP Address Range" |
| } |
| ], |
| "contextEnrichers": [], |
| "enums": [], |
| "dataMaskDef": { |
| "maskTypes": [], |
| "accessTypes": [], |
| "resources": [] |
| }, |
| "rowFilterDef": { |
| "accessTypes": [], |
| "resources": [] |
| }, |
| "id": 5, |
| "guid": "84b481b5-f23b-4f71-b8b6-ab33977149ca", |
| "isEnabled": true, |
| "createTime": "20170620-17:41:25.000-+0100", |
| "updateTime": "20170620-17:41:25.000-+0100", |
| "version": 1 |
| }, |
| "auditMode": "audit-default" |
| } |