> RANGER_HDFS_POLICIES    

  This module will allow you to manage HDFS policy in Apache Ranger. Please refer to Apache Ranger documentation for
  authorization policy concept and usage.

Options (= is mandatory):

= admin_password
        The password associated with the admin_username
        [Default: None]
= admin_url
        The Ranger base URL to access Ranger API. Same host:port as the Ranger Admin GUI. Typically
        http://myranger.server.com:6080 or https://myranger.server.com:6182
        [Default: None]
= admin_username
        The user name to log on the Ranger Admin. Must have enough rights to manage policies.
        [Default: None]
- ca_bundle_file
        Useful if Ranger Admin connection is using SSL. Allow to specify a CA_BUNDLE file, a file that contains root and
        intermediate certificates to validate the Ranger Admin certificate.
        In its simplest case, it could be a file containing the server certificate in .pem format.
        This file will be looked up on the remote system, on which this module will be executed.
        [Default: None]
= policies
        The list of policies you want to be defined by this operation.
        [Default: None]
- policies[0..n].audit
        Whether this policy is audited
        [Default: True]
- policies[0..n].enabled
        Whether this policy is enabled.
        [Default: True]
= policies[0..n].name
        The name of the policy. Must be unique across the system.
        [Default: None]
= policies[0..n].paths
        A list of HDFS path this policy will apply on. Accept wildcard characters '*' and '?'
        [Default: None]
= policies[0..n].permissions
        A list of permissions associated to this policy
        [Default: None]
= policies[0..n].permissions[0..n].accesses
        A list of access right granted by this permission.
        [Default: None]
- policies[0..n].permissions[0..n].delegate_admin
        When a policy is assigned to a user or a group of users those users become the delegated admin. The delegated admin can
        update, delete the policies.
        [Default: False]
- policies[0..n].permissions[0..n].groups
        A list of groups this permission will apply on.
        [Default: None]
- policies[0..n].permissions[0..n].users
        A list of users this permission will apply on.
        [Default: None]
- policies[0..n].recursive
        Whether this policy is recursive
        [Default: True]
- service_name
        In most cases, you should not need to set this parameter. It define the Ranger Admin HDFS service, typically
        <yourClusterName>_hadoop.
        It must be set if there are several such services defined in your Ranger Admin configuration, to select the one you
        intend to use.
        [Default: None]
- state
        Whether to install (present) or remove (absent) these policies
        (Choices: present, absent)[Default: present]
- validate_certs
        Useful if Ranger Admin connection is using SSL. If no, SSL certificates will not be validated. This should only be used
        on personally controlled sites using self-signed certificates.
        [Default: True]
EXAMPLES:

# Grant full rights for user 'coxi' on folders '/apps/coxi01' and '/user/coxi01', in a recursive way

- hosts: edge_node1
  roles:
  - ranger_modules
  tasks:
  - ranger_hdfs_policies:
      state: present
      admin_url: http://ranger.mycompany.com:6080
      admin_username: admin
      admin_password: admin
      policies:
      - name: "coxi01"
        paths: 
        - "/apps/coxi01" 
        - "/user/coxi01" 
        permissions:
        - users:
          - coxi
          accesses:
          - Write
          - read
          - execute

          


MAINTAINERS: Serge ALEXANDRE

METADATA:
	Status: ['preview']
	Supported_by: community
