[IMPALA-7916] Support for Apache Ranger authorization provider - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Epic
Status: Resolved
Priority: Critical
Resolution: Fixed
Affects Version/s: None
Fix Version/s: Impala 3.3.0
Component/s: Catalog, Frontend
Labels:
None

Epic Name:
ranger
Epic Color:
ghx-label-6

Description

Currently Impala has no easy way to support other authorization providers since the code is very tightly coupled to Sentry. The purpose of this ticket is to provide support for pluggable authorization provider in Impala.

Attachments

Sub-Tasks

1.	Decouple Sentry from Impala	Resolved	Fredy Wijaya
2.	Remove support for authorization policy file	Resolved	Austin Nobis
3.	Impala Doc: Document Apache Ranger authorization provider	Closed	Alexandra Rodoni
4.	Update Impala build infrastructure to support Apache Ranger	Resolved	Fredy Wijaya
5.	Add support for Apache Ranger as an alternative authorization provider	Resolved	Fredy Wijaya
6.	Implement GRANT/REVOKE privilege to USER	Resolved	Austin Nobis
7.	Implement GRANT/REVOKE privilege to GROUP	Resolved	Austin Nobis
8.	Support WITH GRANT OPTION with Ranger authorization provider	Resolved	Austin Nobis
9.	Do not re-download Ranger if it is already downloaded	Resolved	Fredy Wijaya
10.	Improve Ranger test coverage	Resolved	Austin Nobis
11.	Implement SHOW GRANT USER <user>	Resolved	Austin Nobis
12.	Implement SHOW GRANT GROUP <group>	Resolved	Austin Nobis
13.	Misc clean-up after Sentry decoupling	Resolved	Austin Nobis
14.	Support for Ranger cache invalidation with INVALIDATE METADATA or REFRESH AUTHORIZATION	Resolved	Fredy Wijaya
15.	Use a more human-readable flag to switch to a different authorization provider	Resolved	radford nguyen
16.	Update the Ranger minicluster with various fixes	Resolved	Fredy Wijaya
17.	Disable column masking and row filtering	Resolved	Fredy Wijaya
18.	Impala Doc: Remove support for authorization policy file	Closed	Alexandra Rodoni
19.	Add test coverage for Ranger with catalog v2 (local catalog) mode	Resolved	Fredy Wijaya
20.	Create database/table with Ranger throws UnsupportedOperationException	Resolved	Austin Nobis
21.	Refactor Sentry admin user check	Resolved	Fredy Wijaya
22.	Add support column-level permissions on views	Resolved	Fredy Wijaya
23.	Implement Ranger audit event handler	Resolved	Fredy Wijaya
24.	Impala Doc: Doc the column level permission on views	Closed	Alexandra Rodoni
25.	Update Ranger minicluster with the one that supports "refresh" access type	Resolved	Fredy Wijaya
26.	Impala Doc: Doc SHOW GRANT GROUP	Closed	Alexandra Rodoni
27.	Include all ranger-audit-plugins runtime dependencies	Resolved	Fredy Wijaya
28.	Impala Doc: Document GRANT/REVOKE privilege to USER	Closed	Alexandra Rodoni
29.	Impala Doc: Document GRANT/REVOKE privilege to GROUP	Closed	Alexandra Rodoni
30.	Add Solr into the Impala minicluster	Resolved	Fredy Wijaya
31.	Refactor authorization code from AnalysisContext to AuthorizationChecker	Resolved	Fredy Wijaya
32.	Make some unsupported SQL error messages to be more user friendly	Resolved	Fredy Wijaya
33.	GRANT gives confusing error message	Resolved	Fredy Wijaya
34.	Show inherited privileges in show grant w/ Ranger	Resolved	Fang-Yu Rao
35.	FIx revoke grant option behavior	Resolved	Austin Nobis
36.	Confusing error messages in SHOW GRANT statements	Resolved	Fredy Wijaya
37.	Log the SQL statement in Ranger audit log	Resolved	Fredy Wijaya
38.	Populate required Ranger audit fields to be consistent with Hive	Resolved	Fredy Wijaya
39.	Do not re-create a new instance of AuthorizationChecker with Ranger authorization	Resolved	Fredy Wijaya
40.	Log a a group of privileges into a single audit event	Resolved	Fredy Wijaya

Activity

People

Assignee:: Fredy Wijaya

Reporter:: Fredy Wijaya

Votes:: 0 Vote for this issue

Watchers:: 13 Start watching this issue

Dates

Created:: 01/Dec/18 03:57

Updated:: 24/Apr/20 22:30

Resolved:: 24/Apr/20 22:30