Google Git
Sign in
apache / ranger / refs/heads/master / . / agents-common / src / test / resources / test_servicedef-normalize.json
blob: 52825f4f54e3707b1069de1ce41032bf85b47dc9 [file] [log] [blame]
{
"serviceId": 4,
"serviceName": "dev_hive",
"serviceDef": {
"id": 3,
"isEnabled": true,
"name": "hive",
"displayName": "Hadoop SQL",
"implClass": "org.apache.ranger.services.hive.RangerServiceHive",
"label": "Hive Server2",
"description": "Hive Server2",
"options": { "enableDenyAndExceptionsInPolicies": "true" },
"configs": [
{ "itemId": 1, "name": "username", "type": "string", "mandatory": true },
{ "itemId": 2, "name": "password", "type": "password", "mandatory": true },
{ "itemId": 3, "name": "jdbc.driverClassName", "type": "string", "mandatory": true, "defaultValue": "org.apache.hive.jdbc.HiveDriver" },
{ "itemId": 4, "name": "jdbc.url", "type": "string", "mandatory": true },
{ "itemId": 5, "name": "commonNameForCertificate", "type": "string", "mandatory": false },
{ "itemId": 6, "name": "ranger.plugin.audit.filters", "type": "string", "mandatory": false, "defaultValue": "[ {'accessResult': 'DENIED', 'isAudited': true}, {'actions':['METADATA OPERATION'], 'isAudited': false}, {'users':['hive','hue'],'actions':['SHOW_ROLES'],'isAudited':false} ]" }
],
"resources": [
{ "itemId": 1, "name": "database", "type": "string", "level": 10, "mandatory": true, "lookupSupported": true, "recursiveSupported": false, "excludesSupported": true, "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher", "matcherOptions": { "wildCard": "true", "ignoreCase": "true" }, "label": "Hive Database", "description": "Hive Database", "accessTypeRestrictions": [], "isValidLeaf": true },
{ "itemId": 2, "name": "table", "type": "string", "level": 20, "parent": "database", "mandatory": true, "lookupSupported": true, "recursiveSupported": false, "excludesSupported": true, "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher", "matcherOptions": { "wildCard": "true", "ignoreCase": "true" }, "label": "Hive Table", "description": "Hive Table", "accessTypeRestrictions": [], "isValidLeaf": true },
{ "itemId": 3, "name": "udf", "type": "string", "level": 20, "parent": "database", "mandatory": true, "lookupSupported": true, "recursiveSupported": false, "excludesSupported": true, "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher", "matcherOptions": { "wildCard": "true", "ignoreCase": "true" }, "label": "Hive UDF", "description": "Hive UDF", "accessTypeRestrictions": [], "isValidLeaf": true },
{ "itemId": 4, "name": "column", "type": "string", "level": 30, "parent": "table", "mandatory": true, "lookupSupported": true, "recursiveSupported": false, "excludesSupported": true, "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher", "matcherOptions": { "wildCard": "true", "ignoreCase": "true" }, "label": "Hive Column", "description": "Hive Column", "accessTypeRestrictions": [], "isValidLeaf": true },
{ "itemId": 5, "name": "url", "type": "string", "level": 10, "mandatory": true, "lookupSupported": false, "recursiveSupported": true, "excludesSupported": false, "matcher": "org.apache.ranger.plugin.resourcematcher.RangerURLResourceMatcher", "matcherOptions": { "wildCard": "true", "ignoreCase": "false" }, "label": "URL", "description": "URL", "accessTypeRestrictions": [], "isValidLeaf": true },
{ "itemId": 6, "name": "hiveservice", "type": "string", "level": 10, "mandatory": true, "lookupSupported": false, "recursiveSupported": false, "excludesSupported": false, "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher", "matcherOptions": { "wildCard": "true", "ignoreCase": "false" }, "label": "Hive Service", "description": "Hive Service", "accessTypeRestrictions": [], "isValidLeaf": true },
{ "itemId": 7, "name": "global", "type": "string", "level": 10, "mandatory": false, "lookupSupported": false, "recursiveSupported": false, "excludesSupported": false, "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher", "matcherOptions": { "wildCard": "true", "ignoreCase": "false" }, "label": "Global", "description": "Global", "accessTypeRestrictions": [], "isValidLeaf": true }
],
"accessTypes": [
{ "itemId": 1, "name": "select", "label": "select" },
{ "itemId": 2, "name": "update", "label": "update" },
{ "itemId": 3, "name": "create", "label": "Create" },
{ "itemId": 4, "name": "drop", "label": "Drop" },
{ "itemId": 5, "name": "alter", "label": "Alter" },
{ "itemId": 6, "name": "index", "label": "Index" },
{ "itemId": 7, "name": "lock", "label": "Lock" },
{ "itemId": 8, "name": "all", "label": "All", "impliedGrants": [ "select", "update", "create", "drop", "alter", "index", "lock", "read", "write", "repladmin", "serviceadmin", "refresh" ] },
{ "itemId": 9, "name": "read", "label": "Read" },
{ "itemId": 10, "name": "write", "label": "Write" },
{ "itemId": 11, "name": "repladmin", "label": "ReplAdmin" },
{ "itemId": 12, "name": "serviceadmin", "label": "Service Admin" },
{ "itemId": 13, "name": "tempudfadmin", "label": "Temporary UDF Admin" },
{ "itemId": 14, "name": "refresh", "label": "Refresh" }
],
"policyConditions": [],
"contextEnrichers": [],
"enums": [],
"dataMaskDef": {
"maskTypes": [
{ "itemId": 1, "name": "MASK", "label": "Redact", "description": "Replace lowercase with 'x', uppercase with 'X', digits with '0'", "transformer": "mask({col})", "dataMaskOptions": {} },
{ "itemId": 2, "name": "MASK_SHOW_LAST_4", "label": "Partial mask: show last 4", "description": "Show last 4 characters; replace rest with 'x'", "transformer": "mask_show_last_n({col}, 4, 'x', 'x', 'x', -1, '1')", "dataMaskOptions": {} },
{ "itemId": 3, "name": "MASK_SHOW_FIRST_4", "label": "Partial mask: show first 4", "description": "Show first 4 characters; replace rest with 'x'", "transformer": "mask_show_first_n({col}, 4, 'x', 'x', 'x', -1, '1')", "dataMaskOptions": {} },
{ "itemId": 4, "name": "MASK_HASH", "label": "Hash", "description": "Hash the value", "transformer": "mask_hash({col})", "dataMaskOptions": {} },
{ "itemId": 5, "name": "MASK_NULL", "label": "Nullify", "description": "Replace with NULL", "dataMaskOptions": {} },
{ "itemId": 6, "name": "MASK_NONE", "label": "Unmasked (retain original value)", "description": "No masking", "dataMaskOptions": {} },
{ "itemId": 12, "name": "MASK_DATE_SHOW_YEAR", "label": "Date: show only year", "description": "Date: show only year", "transformer": "mask({col}, 'x', 'x', 'x', -1, '1', 1, 0, -1)", "dataMaskOptions": {} },
{ "itemId": 13, "name": "CUSTOM", "label": "Custom", "description": "Custom", "dataMaskOptions": {} }
],
"accessTypes": [
{ "itemId": 1, "name": "select", "label": "select" }
],
"resources": [
{ "itemId": 1, "name": "database", "type": "string", "level": 10, "mandatory": true, "lookupSupported": true, "recursiveSupported": false, "excludesSupported": false, "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher", "matcherOptions": { "wildCard": "false", "ignoreCase": "true" }, "uiHint": "{ \"singleValue\":true }", "label": "Hive Database", "description": "Hive Database", "accessTypeRestrictions": [], "isValidLeaf": false },
{ "itemId": 2, "name": "table", "type": "string", "level": 20, "parent": "database", "mandatory": true, "lookupSupported": true, "recursiveSupported": false, "excludesSupported": false, "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher", "matcherOptions": { "wildCard": "false", "ignoreCase": "true" }, "uiHint": "{ \"singleValue\":true }", "label": "Hive Table", "description": "Hive Table", "accessTypeRestrictions": [], "isValidLeaf": false },
{ "itemId": 4, "name": "column", "type": "string", "level": 30, "parent": "table", "mandatory": true, "lookupSupported": true, "recursiveSupported": false, "excludesSupported": false, "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher", "matcherOptions": { "wildCard": "false", "ignoreCase": "true" }, "uiHint": "{ \"singleValue\":true }", "label": "Hive Column", "description": "Hive Column", "accessTypeRestrictions": [], "isValidLeaf": true
}
]
},
"rowFilterDef": {
"accessTypes": [ { "itemId": 1, "name": "select", "label": "select" } ],
"resources": [
{ "itemId": 1, "name": "database", "type": "string", "level": 10, "mandatory": true, "lookupSupported": true, "recursiveSupported": false, "excludesSupported": false, "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher", "matcherOptions": { "wildCard": "false", "ignoreCase": "true" }, "uiHint": "{ \"singleValue\":true }", "label": "Hive Database", "description": "Hive Database", "accessTypeRestrictions": [], "isValidLeaf": false },
{ "itemId": 2, "name": "table", "type": "string", "level": 20, "parent": "database", "mandatory": true, "lookupSupported": true, "recursiveSupported": false, "excludesSupported": false, "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher", "matcherOptions": { "wildCard": "false", "ignoreCase": "true" }, "uiHint": "{ \"singleValue\":true }", "label": "Hive Table", "description": "Hive Table", "accessTypeRestrictions": [], "isValidLeaf": true }
]
},
"markerAccessTypes": [
{ "itemId": 20, "name": "_ALL", "label": "_ALL", "impliedGrants": [ "drop", "all", "select", "read", "update", "index", "refresh", "tempudfadmin", "serviceadmin", "create", "lock", "repladmin", "write", "alter" ] }
]
},
"policies": [],
"auditMode": "audit-default",
"tagPolicies": {
"serviceId": 2,
"serviceName": "dev_tag",
"policies": [],
"serviceDef": {
"id": 100,
"name": "tag",
"isEnabled": true,
"implClass": "org.apache.ranger.services.tag.RangerServiceTag",
"options": { "enableDenyAndExceptionsInPolicies": "true", "ui.pages": "tag-based-policies" },
"configs": [
{ "itemId": 1, "name": "ranger.plugin.audit.filters", "type": "string", "level": 1, "mandatory": false, "label": "Ranger Default Audit Filters" }
],
"resources": [
{ "itemId": 1, "name": "tag", "type": "string", "level": 1, "mandatory": true, "lookupSupported": true, "recursiveSupported": false, "excludesSupported": false, "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher", "matcherOptions": { "wildCard": "false", "ignoreCase": "false" }, "uiHint": "{ \"singleValue\":true }", "label": "TAG", "description": "TAG", "isValidLeaf": true }
],
"accessTypes": [
{ "itemId": 14015, "name": "sqoop:READ", "label": "READ" },
{ "itemId": 14016, "name": "sqoop:WRITE", "label": "WRITE" },
{ "itemId": 12013, "name": "kylin:QUERY", "label": "QUERY" },
{ "itemId": 12014, "name": "kylin:OPERATION", "label": "OPERATION" },
{ "itemId": 12015, "name": "kylin:MANAGEMENT", "label": "MANAGEMENT" },
{ "itemId": 12016, "name": "kylin:ADMIN", "label": "ADMIN" },
{ "itemId": 16017, "name": "elasticsearch:all", "label": "all", "impliedGrants": [ "elasticsearch:read", "elasticsearch:read_cross_cluster", "elasticsearch:index", "elasticsearch:create", "elasticsearch:delete", "elasticsearch:write", "elasticsearch:delete_index", "elasticsearch:create_index", "elasticsearch:indices_put", "elasticsearch:indices_search_shards", "elasticsearch:indices_bulk", "elasticsearch:monitor", "elasticsearch:indices_index", "elasticsearch:manage", "elasticsearch:view_index_metadata" ] },
{ "itemId": 16018, "name": "elasticsearch:monitor", "label": "monitor" },
{ "itemId": 16019, "name": "elasticsearch:manage", "label": "manage", "impliedGrants": [ "elasticsearch:monitor" ] },
{ "itemId": 16020, "name": "elasticsearch:view_index_metadata", "label": "view_index_metadata", "impliedGrants": [ "elasticsearch:indices_search_shards" ] },
{ "itemId": 16021, "name": "elasticsearch:read", "label": "read" },
{ "itemId": 16022, "name": "elasticsearch:read_cross_cluster", "label": "read_cross_cluster", "impliedGrants": [ "elasticsearch:indices_search_shards" ] },
{ "itemId": 16023, "name": "elasticsearch:index", "label": "index", "impliedGrants": [ "elasticsearch:indices_put", "elasticsearch:indices_bulk", "elasticsearch:indices_index" ] },
{ "itemId": 16024, "name": "elasticsearch:create", "label": "create", "impliedGrants": [ "elasticsearch:indices_put", "elasticsearch:indices_bulk", "elasticsearch:indices_index" ] },
{ "itemId": 16025, "name": "elasticsearch:delete", "label": "delete", "impliedGrants": [ "elasticsearch:indices_bulk" ] },
{ "itemId": 16026, "name": "elasticsearch:write", "label": "write", "impliedGrants": [ "elasticsearch:indices_put" ] },
{ "itemId": 16027, "name": "elasticsearch:delete_index", "label": "delete_index" },
{ "itemId": 16028, "name": "elasticsearch:create_index", "label": "create_index" },
{ "itemId": 203204, "name": "trino:select", "label": "Select" },
{ "itemId": 203205, "name": "trino:insert", "label": "Insert" },
{ "itemId": 203206, "name": "trino:create", "label": "Create" },
{ "itemId": 203207, "name": "trino:drop", "label": "Drop" },
{ "itemId": 203208, "name": "trino:delete", "label": "Delete" },
{ "itemId": 203209, "name": "trino:use", "label": "Use" },
{ "itemId": 203210, "name": "trino:alter", "label": "Alter" },
{ "itemId": 203211, "name": "trino:grant", "label": "Grant" },
{ "itemId": 203212, "name": "trino:revoke", "label": "Revoke" },
{ "itemId": 203213, "name": "trino:show", "label": "Show" },
{ "itemId": 203214, "name": "trino:impersonate", "label": "Impersonate" },
{ "itemId": 203215, "name": "trino:all", "label": "All", "impliedGrants": [ "trino:execute", "trino:delete", "trino:drop", "trino:create", "trino:insert", "trino:select", "trino:revoke", "trino:impersonate", "trino:show", "trino:use", "trino:alter", "trino:grant" ] },
{ "itemId": 203216, "name": "trino:execute", "label": "execute" },
{ "itemId": 17018, "name": "presto:select", "label": "Select" },
{ "itemId": 17019, "name": "presto:insert", "label": "Insert" },
{ "itemId": 17020, "name": "presto:create", "label": "Create" },
{ "itemId": 17021, "name": "presto:drop", "label": "Drop" },
{ "itemId": 17022, "name": "presto:delete", "label": "Delete" },
{ "itemId": 17023, "name": "presto:use", "label": "Use" },
{ "itemId": 17024, "name": "presto:alter", "label": "Alter" },
{ "itemId": 17025, "name": "presto:grant", "label": "Grant" },
{ "itemId": 17026, "name": "presto:revoke", "label": "Revoke" },
{ "itemId": 17027, "name": "presto:show", "label": "Show" },
{ "itemId": 17028, "name": "presto:impersonate", "label": "Impersonate" },
{ "itemId": 17029, "name": "presto:all", "label": "All", "impliedGrants": [ "presto:use", "presto:alter", "presto:execute", "presto:impersonate", "presto:show", "presto:revoke", "presto:grant", "presto:select", "presto:insert", "presto:create", "presto:delete", "presto:drop" ] },
{ "itemId": 17030, "name": "presto:execute", "label": "execute" },
{ "itemId": 201209, "name": "ozone:all", "label": "All", "impliedGrants": [ "ozone:create", "ozone:read", "ozone:write", "ozone:list", "ozone:delete", "ozone:read_acl", "ozone:write_acl" ] },
{ "itemId": 201202, "name": "ozone:read", "label": "Read" },
{ "itemId": 201203, "name": "ozone:write", "label": "Write" },
{ "itemId": 201204, "name": "ozone:create", "label": "Create" },
{ "itemId": 201205, "name": "ozone:list", "label": "List" },
{ "itemId": 201206, "name": "ozone:delete", "label": "Delete" },
{ "itemId": 201207, "name": "ozone:read_acl", "label": "Read_ACL" },
{ "itemId": 201208, "name": "ozone:write_acl", "label": "Write_ACL" },
{ "itemId": 105106, "name": "kudu:select", "label": "SELECT", "impliedGrants": [ "kudu:metadata" ] },
{ "itemId": 105107, "name": "kudu:insert", "label": "INSERT", "impliedGrants": [ "kudu:metadata" ] },
{ "itemId": 105108, "name": "kudu:update", "label": "UPDATE", "impliedGrants": [ "kudu:metadata" ] },
{ "itemId": 105109, "name": "kudu:delete", "label": "DELETE", "impliedGrants": [ "kudu:metadata" ] },
{ "itemId": 105110, "name": "kudu:alter", "label": "ALTER", "impliedGrants": [ "kudu:metadata" ] },
{ "itemId": 105111, "name": "kudu:create", "label": "CREATE", "impliedGrants": [ "kudu:metadata" ] },
{ "itemId": 105112, "name": "kudu:drop", "label": "DROP", "impliedGrants": [ "kudu:metadata" ] },
{ "itemId": 105113, "name": "kudu:metadata", "label": "METADATA" },
{ "itemId": 105114, "name": "kudu:all", "label": "ALL", "impliedGrants": [ "kudu:insert", "kudu:update", "kudu:delete", "kudu:alter", "kudu:create", "kudu:drop", "kudu:metadata", "kudu:select" ] },
{ "itemId": 205206, "name": "nestedstructure:read", "label": "Read" },
{ "itemId": 205207, "name": "nestedstructure:write", "label": "Write" },
{ "itemId": 1002, "name": "hdfs:read", "label": "Read" },
{ "itemId": 1003, "name": "hdfs:write", "label": "Write" },
{ "itemId": 1004, "name": "hdfs:execute", "label": "Execute" },
{ "itemId": 2003, "name": "hbase:read", "label": "Read" },
{ "itemId": 2004, "name": "hbase:write", "label": "Write" },
{ "itemId": 2005, "name": "hbase:create", "label": "Create" },
{ "itemId": 2006, "name": "hbase:admin", "label": "Admin", "impliedGrants": [ "hbase:write", "hbase:create", "hbase:read" ] },
{ "itemId": 2007, "name": "hbase:execute", "label": "Execute" },
{ "itemId": 3004, "name": "hive:select", "label": "select" },
{ "itemId": 3005, "name": "hive:update", "label": "update" },
{ "itemId": 3006, "name": "hive:create", "label": "Create" },
{ "itemId": 3007, "name": "hive:drop", "label": "Drop" },
{ "itemId": 3008, "name": "hive:alter", "label": "Alter" },
{ "itemId": 3009, "name": "hive:index", "label": "Index" },
{ "itemId": 3010, "name": "hive:lock", "label": "Lock" },
{ "itemId": 3011, "name": "hive:all", "label": "All", "impliedGrants": [ "hive:read", "hive:select", "hive:update", "hive:create", "hive:drop", "hive:alter", "hive:index", "hive:lock", "hive:write", "hive:repladmin", "hive:serviceadmin", "hive:refresh" ] },
{ "itemId": 3012, "name": "hive:read", "label": "Read" },
{ "itemId": 3013, "name": "hive:write", "label": "Write" },
{ "itemId": 3014, "name": "hive:repladmin", "label": "ReplAdmin" },
{ "itemId": 3015, "name": "hive:serviceadmin", "label": "Service Admin" },
{ "itemId": 3016, "name": "hive:tempudfadmin", "label": "Temporary UDF Admin" },
{ "itemId": 3017, "name": "hive:refresh", "label": "Refresh" },
{ "itemId": 7008, "name": "kms:create", "label": "Create" },
{ "itemId": 7009, "name": "kms:delete", "label": "Delete" },
{ "itemId": 7010, "name": "kms:rollover", "label": "Rollover" },
{ "itemId": 7011, "name": "kms:setkeymaterial", "label": "Set Key Material" },
{ "itemId": 7012, "name": "kms:get", "label": "Get" },
{ "itemId": 7013, "name": "kms:getkeys", "label": "Get Keys" },
{ "itemId": 7014, "name": "kms:getmetadata", "label": "Get Metadata" },
{ "itemId": 7015, "name": "kms:generateeek", "label": "Generate EEK" },
{ "itemId": 7016, "name": "kms:decrypteek", "label": "Decrypt EEK" },
{ "itemId": 5006, "name": "knox:allow", "label": "Allow" },
{ "itemId": 6007, "name": "storm:submitTopology", "label": "Submit Topology", "impliedGrants": [ "storm:fileUpload", "storm:fileDownload" ] },
{ "itemId": 6008, "name": "storm:fileUpload", "label": "File Upload" },
{ "itemId": 6011, "name": "storm:fileDownload", "label": "File Download" },
{ "itemId": 6012, "name": "storm:killTopology", "label": "Kill Topology" },
{ "itemId": 6013, "name": "storm:rebalance", "label": "Rebalance" },
{ "itemId": 6014, "name": "storm:activate", "label": "Activate" },
{ "itemId": 6015, "name": "storm:deactivate", "label": "Deactivate" },
{ "itemId": 6016, "name": "storm:getTopologyConf", "label": "Get Topology Conf" },
{ "itemId": 6017, "name": "storm:getTopology", "label": "Get Topology" },
{ "itemId": 6018, "name": "storm:getUserTopology", "label": "Get User Topology" },
{ "itemId": 6019, "name": "storm:getTopologyInfo", "label": "Get Topology Info" },
{ "itemId": 6020, "name": "storm:uploadNewCredentials", "label": "Upload New Credential" },
{ "itemId": 4005, "name": "yarn:submit-app", "label": "submit-app" },
{ "itemId": 4006, "name": "yarn:admin-queue", "label": "admin-queue", "impliedGrants": [ "yarn:submit-app" ] },
{ "itemId": 9010, "name": "kafka:publish", "label": "Publish", "impliedGrants": [ "kafka:describe" ] },
{ "itemId": 9011, "name": "kafka:consume", "label": "Consume", "impliedGrants": [ "kafka:describe" ] },
{ "itemId": 9014, "name": "kafka:configure", "label": "Configure", "impliedGrants": [ "kafka:describe" ] },
{ "itemId": 9015, "name": "kafka:describe", "label": "Describe" },
{ "itemId": 9016, "name": "kafka:kafka_admin", "label": "Kafka Admin", "impliedGrants": [ "kafka:consume", "kafka:configure", "kafka:alter_configs", "kafka:describe_configs", "kafka:create", "kafka:describe", "kafka:alter", "kafka:idempotent_write", "kafka:cluster_action", "kafka:delete", "kafka:publish" ] },
{ "itemId": 9017, "name": "kafka:create", "label": "Create" },
{ "itemId": 9018, "name": "kafka:delete", "label": "Delete", "impliedGrants": [ "kafka:describe" ] },
{ "itemId": 9019, "name": "kafka:idempotent_write", "label": "Idempotent Write" },
{ "itemId": 9020, "name": "kafka:describe_configs", "label": "Describe Configs" },
{ "itemId": 9021, "name": "kafka:alter_configs", "label": "Alter Configs", "impliedGrants": [ "kafka:describe_configs" ] },
{ "itemId": 9022, "name": "kafka:cluster_action", "label": "Cluster Action" },
{ "itemId": 9023, "name": "kafka:alter", "label": "Alter" },
{ "itemId": 8108, "name": "solr:query", "label": "Query" },
{ "itemId": 8208, "name": "solr:update", "label": "Update" },
{ "itemId": 202203, "name": "schema-registry:create", "label": "Create" },
{ "itemId": 202204, "name": "schema-registry:read", "label": "Read" },
{ "itemId": 202205, "name": "schema-registry:update", "label": "Update" },
{ "itemId": 202206, "name": "schema-registry:delete", "label": "Delete" },
{ "itemId": 10110, "name": "nifi:READ", "label": "Read" },
{ "itemId": 10210, "name": "nifi:WRITE", "label": "Write" },
{ "itemId": 13113, "name": "nifi-registry:READ", "label": "Read" },
{ "itemId": 13213, "name": "nifi-registry:WRITE", "label": "Write" },
{ "itemId": 13313, "name": "nifi-registry:DELETE", "label": "Delete" },
{ "itemId": 15016, "name": "atlas:type-create", "label": "Create Type", "impliedGrants": [ "atlas:type-read" ] },
{ "itemId": 15017, "name": "atlas:type-update", "label": "Update Type", "impliedGrants": [ "atlas:type-read" ] },
{ "itemId": 15018, "name": "atlas:type-delete", "label": "Delete Type", "impliedGrants": [ "atlas:type-read" ] },
{ "itemId": 15019, "name": "atlas:entity-read", "label": "Read Entity" },
{ "itemId": 15020, "name": "atlas:entity-create", "label": "Create Entity" },
{ "itemId": 15021, "name": "atlas:entity-update", "label": "Update Entity" },
{ "itemId": 15022, "name": "atlas:entity-delete", "label": "Delete Entity" },
{ "itemId": 15023, "name": "atlas:entity-add-classification", "label": "Add Classification" },
{ "itemId": 15024, "name": "atlas:entity-update-classification", "label": "Update Classification" },
{ "itemId": 15025, "name": "atlas:entity-remove-classification", "label": "Remove Classification" },
{ "itemId": 15026, "name": "atlas:admin-export", "label": "Admin Export" },
{ "itemId": 15027, "name": "atlas:admin-import", "label": "Admin Import" },
{ "itemId": 15028, "name": "atlas:add-relationship", "label": "Add Relationship" },
{ "itemId": 15029, "name": "atlas:update-relationship", "label": "Update Relationship" },
{ "itemId": 15030, "name": "atlas:remove-relationship", "label": "Remove Relationship" },
{ "itemId": 15031, "name": "atlas:admin-purge", "label": "Admin Purge" },
{ "itemId": 15032, "name": "atlas:entity-add-label", "label": "Add Label" },
{ "itemId": 15033, "name": "atlas:entity-remove-label", "label": "Remove Label" },
{ "itemId": 15034, "name": "atlas:entity-update-business-metadata", "label": "Update Business Metadata" },
{ "itemId": 15035, "name": "atlas:type-read", "label": "Read Type" },
{ "itemId": 15036, "name": "atlas:admin-audits", "label": "Admin Audits" }
],
"policyConditions": [],
"contextEnrichers": [],
"dataMaskDef": {
"maskTypes": [
{ "itemId": 203204, "name": "trino:MASK", "label": "Redact", "description": "Replace lowercase with 'x', uppercase with 'X', digits with '0'", "transformer": "cast(regexp_replace(regexp_replace(regexp_replace({col},'([A-Z])', 'X'),'([a-z])','x'),'([0-9])','0') as {type})"
},
{ "itemId": 203205, "name": "trino:MASK_SHOW_LAST_4", "label": "Partial mask: show last 4", "description": "Show last 4 characters; replace rest with 'X'", "transformer": "cast(regexp_replace({col}, '(.*)(.{4}$)', x -> regexp_replace(x[1], '.', 'X') || x[2]) as {type})" },
{ "itemId": 203206, "name": "trino:MASK_SHOW_FIRST_4", "label": "Partial mask: show first 4", "description": "Show first 4 characters; replace rest with 'x'", "transformer": "cast(regexp_replace({col}, '(^.{4})(.*)', x -> x[1] || regexp_replace(x[2], '.', 'X')) as {type})" },
{ "itemId": 203207, "name": "trino:MASK_HASH", "label": "Hash", "description": "Hash the value of a varchar with sha256", "transformer": "cast(to_hex(sha256(to_utf8({col}))) as {type})" },
{ "itemId": 203208, "name": "trino:MASK_NULL", "label": "Nullify", "description": "Replace with NULL" },
{ "itemId": 203209, "name": "trino:MASK_NONE", "label": "Unmasked (retain original value)", "description": "No masking" },
{ "itemId": 203215, "name": "trino:MASK_DATE_SHOW_YEAR", "label": "Date: show only year", "description": "Date: show only year", "transformer": "date_trunc('year', {col})" },
{ "itemId": 203216, "name": "trino:CUSTOM", "label": "Custom", "description": "Custom" },
{ "itemId": 17018, "name": "presto:MASK", "label": "Redact", "description": "Replace lowercase with 'x', uppercase with 'X', digits with '0'", "transformer": "cast(regexp_replace(regexp_replace(regexp_replace({col},'([A-Z])', 'X'),'([a-z])','x'),'([0-9])','0') as {type})" },
{ "itemId": 17019, "name": "presto:MASK_SHOW_LAST_4", "label": "Partial mask: show last 4", "description": "Show last 4 characters; replace rest with 'X'", "transformer": "cast(regexp_replace({col}, '(.*)(.{4}$)', x -> regexp_replace(x[1], '.', 'X') || x[2]) as {type})" },
{ "itemId": 17020, "name": "presto:MASK_SHOW_FIRST_4", "label": "Partial mask: show first 4", "description": "Show first 4 characters; replace rest with 'x'", "transformer": "cast(regexp_replace({col}, '(^.{4})(.*)', x -> x[1] || regexp_replace(x[2], '.', 'X')) as {type})" },
{ "itemId": 17021, "name": "presto:MASK_HASH", "label": "Hash", "description": "Hash the value of a varchar with sha256", "transformer": "cast(to_hex(sha256(to_utf8({col}))) as {type})" },
{ "itemId": 17022, "name": "presto:MASK_NULL", "label": "Nullify", "description": "Replace with NULL" },
{ "itemId": 17023, "name": "presto:MASK_NONE", "label": "Unmasked (retain original value)", "description": "No masking" },
{ "itemId": 17029, "name": "presto:MASK_DATE_SHOW_YEAR", "label": "Date: show only year", "description": "Date: show only year", "transformer": "date_trunc('year', {col})" },
{ "itemId": 17030, "name": "presto:CUSTOM", "label": "Custom", "description": "Custom" },
{ "itemId": 205206, "name": "nestedstructure:MASK", "label": "Redact", "description": "Replace lowercase with 'x', uppercase with 'X', digits with '0'", "transformer": "mask({field})" },
{ "itemId": 205207, "name": "nestedstructure:MASK_SHOW_LAST_4", "label": "Partial mask: show last 4", "description": "Show last 4 characters; replace rest with 'x'", "transformer": "mask_show_last_n({field}, 4, 'x', 'x', 'x', -1, '1')" },
{ "itemId": 205208, "name": "nestedstructure:MASK_SHOW_FIRST_4", "label": "Partial mask: show first 4", "description": "Show first 4 characters; replace rest with 'x'", "transformer": "mask_show_first_n({field}, 4, 'x', 'x', 'x', -1, '1')" },
{ "itemId": 205209, "name": "nestedstructure:MASK_HASH", "label": "Hash", "description": "Hash the value", "transformer": "mask_hash({field})" },
{ "itemId": 205210, "name": "nestedstructure:MASK_NULL", "label": "Nullify", "description": "Replace with NULL" },
{ "itemId": 205211, "name": "nestedstructure:MASK_NONE", "label": "Unmasked (retain original value)", "description": "No masking" },
{ "itemId": 205217, "name": "nestedstructure:MASK_DATE_SHOW_YEAR", "label": "Date: show only year", "description": "Date: show only year", "transformer": "mask({field}, 'x', 'x', 'x', -1, '1', 1, 0, -1)" },
{ "itemId": 205218, "name": "nestedstructure:CUSTOM", "label": "Custom", "description": "Custom" },
{ "itemId": 3004, "name": "hive:MASK", "label": "Redact", "description": "Replace lowercase with 'x', uppercase with 'X', digits with '0'", "transformer": "mask({col})" },
{ "itemId": 3005, "name": "hive:MASK_SHOW_LAST_4", "label": "Partial mask: show last 4", "description": "Show last 4 characters; replace rest with 'x'", "transformer": "mask_show_last_n({col}, 4, 'x', 'x', 'x', -1, '1')" },
{ "itemId": 3006, "name": "hive:MASK_SHOW_FIRST_4", "label": "Partial mask: show first 4", "description": "Show first 4 characters; replace rest with 'x'", "transformer": "mask_show_first_n({col}, 4, 'x', 'x', 'x', -1, '1')" },
{ "itemId": 3007, "name": "hive:MASK_HASH", "label": "Hash", "description": "Hash the value", "transformer": "mask_hash({col})" },
{ "itemId": 3008, "name": "hive:MASK_NULL", "label": "Nullify", "description": "Replace with NULL" },
{ "itemId": 3009, "name": "hive:MASK_NONE", "label": "Unmasked (retain original value)", "description": "No masking" },
{ "itemId": 3015, "name": "hive:MASK_DATE_SHOW_YEAR", "label": "Date: show only year", "description": "Date: show only year", "transformer": "mask({col}, 'x', 'x', 'x', -1, '1', 1, 0, -1)" },
{ "itemId": 3016, "name": "hive:CUSTOM", "label": "Custom", "description": "Custom" }
],
"accessTypes": [
{ "itemId": 203204, "name": "trino:select", "label": "Select" },
{ "itemId": 17018, "name": "presto:select", "label": "Select" },
{ "itemId": 205206, "name": "nestedstructure:read", "label": "Read" },
{ "itemId": 3004, "name": "hive:select", "label": "select" }
],
"resources": [
{ "itemId": 1, "name": "tag", "type": "string", "level": 1, "mandatory": true, "lookupSupported": true, "recursiveSupported": false, "excludesSupported": false, "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher", "matcherOptions": { "__isValidLeaf": "true", "wildCard": "false", "__accessTypeRestrictions": "[]", "ignoreCase": "false" }, "uiHint": "{ \"singleValue\":true }", "label": "TAG", "description": "TAG", "isValidLeaf": true }
]
},
"rowFilterDef": {},
"markerAccessTypes": [
{
"itemId": 205213,
"name": "_ALL",
"label": "_ALL",
"impliedGrants": [
"ozone:write_acl",
"kms:get",
"atlas:type-delete",
"atlas:entity-create",
"hbase:execute",
"storm:fileDownload",
"kms:getkeys",
"storm:getTopologyConf",
"ozone:create",
"hive:tempudfadmin",
"kafka:idempotent_write",
"hive:write",
"trino:use",
"trino:grant",
"hdfs:execute",
"elasticsearch:indices_index",
"atlas:admin-export",
"kafka:configure",
"atlas:entity-read",
"presto:alter",
"atlas:entity-update-classification",
"trino:select",
"presto:execute",
"kafka:describe",
"atlas:admin-purge",
"kafka:consume",
"trino:delete",
"atlas:add-relationship",
"elasticsearch:indices_bulk",
"trino:drop",
"kudu:select",
"presto:use",
"hive:serviceadmin",
"elasticsearch:create_index",
"hive:index",
"nestedstructure:read",
"kms:setkeymaterial",
"kylin:OPERATION",
"schema-registry:create",
"presto:impersonate",
"storm:deactivate",
"elasticsearch:index",
"kafka:alter",
"atlas:entity-add-classification",
"atlas:entity-remove-classification",
"atlas:entity-add-label",
"schema-registry:update",
"kafka:kafka_admin",
"presto:drop",
"hive:refresh",
"atlas:entity-delete",
"presto:all",
"atlas:entity-update",
"elasticsearch:monitor",
"trino:insert",
"kudu:update",
"schema-registry:read",
"atlas:admin-audits",
"elasticsearch:delete_index",
"presto:show",
"ozone:write",
"hive:read",
"ozone:all",
"atlas:entity-remove-label",
"trino:all",
"presto:grant",
"kms:rollover",
"elasticsearch:view_index_metadata",
"presto:create",
"kafka:publish",
"kafka:create",
"trino:execute",
"hive:all",
"kms:delete",
"kylin:ADMIN",
"atlas:remove-relationship",
"kylin:MANAGEMENT",
"storm:killTopology",
"elasticsearch:indices_put",
"kudu:create",
"hive:update",
"sqoop:READ",
"presto:delete",
"atlas:entity-update-business-metadata",
"yarn:submit-app",
"solr:update",
"trino:create",
"hdfs:read",
"elasticsearch:write",
"hive:alter",
"kafka:alter_configs",
"storm:getUserTopology",
"storm:uploadNewCredentials",
"presto:insert",
"atlas:type-update",
"storm:submitTopology",
"storm:activate",
"kms:generateeek",
"kafka:cluster_action",
"trino:impersonate",
"hdfs:write",
"hbase:admin",
"elasticsearch:create",
"atlas:admin-import",
"kms:decrypteek",
"solr:query",
"atlas:type-create",
"kudu:all",
"nifi:WRITE",
"sqoop:WRITE",
"storm:getTopologyInfo",
"storm:getTopology",
"hbase:read",
"kms:getmetadata",
"storm:fileUpload",
"trino:alter",
"hive:drop",
"hive:create",
"yarn:admin-queue",
"kafka:describe_configs",
"ozone:delete",
"nifi-registry:READ",
"hive:repladmin",
"kudu:metadata",
"schema-registry:delete",
"nifi-registry:DELETE",
"kms:create",
"ozone:read",
"trino:show",
"ozone:read_acl",
"nifi:READ",
"hive:select",
"kudu:delete",
"atlas:type-read",
"kafka:delete",
"kylin:QUERY",
"elasticsearch:indices_search_shards",
"elasticsearch:read_cross_cluster",
"elasticsearch:manage",
"presto:select",
"ozone:list",
"nestedstructure:write",
"atlas:update-relationship",
"trino:revoke",
"nifi-registry:WRITE",
"storm:rebalance",
"hive:lock",
"presto:revoke",
"knox:allow",
"hbase:create",
"elasticsearch:delete",
"kudu:drop",
"hbase:write",
"elasticsearch:read",
"kudu:alter",
"kudu:insert",
"elasticsearch:all"
]
}
]
},
"auditMode": "audit-default",
"serviceConfig": {
"ranger.plugin.audit.filters": "[ {'accessResult': 'DENIED', 'isAudited': true} ]"
}
},
"serviceConfig": {
"ranger.plugin.audit.filters": "[ {'accessResult': 'DENIED', 'isAudited': true}, {'actions':['METADATA OPERATION'], 'isAudited': false}, {'users':['hive','hue'],'actions':['SHOW_ROLES'],'isAudited':false} ]"
}
}