Page tree
Skip to end of metadata
Go to start of metadata

 Apache Ranger PUBLIC REST APIs


Repository APIs

Get Repository:

API NameGet Repository
Request TypeGET
Request URLservice/public/api/repository/{id}
Request Params 
Response

•Example Response:

Example Response
{
 "id": 1,
 "createDate": "2014-10-07T07:23:39Z",
 "updateDate": "2014-10-07T07:23:39Z",
 "owner": "Admin",
 "updatedBy": "Admin",
 "name": "hadoopdev",
 "description": "hadoop repo",
 "config": {
 "username": "hadoop",
 "password": "*****",
 "fs.default.name": "hdfs://ip-172-31-38-49.ec2.internal:8020",
 "hadoop.security.authorization": "true",
 "hadoop.security.authentication": "kerberos",
 "hadoop.security.auth_to_local": "RULE:[2:$1@$0](jhs@.*EXAMPLE.COM)s/.*/mapred/ RULE:[2:$1@$0]([nr]m@.*EXAMPLE.COM)s/.*/yarn/ RULE:[2:$1@$0] ([nd]n@.*EXAMPLE.COM)s/.*/hdfs/ DEFAULT",
 "dfs.datanode.kerberos.principal": "dn/_HOST@EXAMPLE.COM",
 "dfs.namenode.kerberos.principal": "nn/_HOST@EXAMPLE.COM",
 "dfs.secondary.namenode.kerberos.principal": "nn/_HOST@EXAMPLE.COM",
 "commonNameForCertificate": "",
 "isencrypted": "true"
 },
 "repositoryType": "HDFS",
 "isActive": true,
 "version": "0.4.0"
}

Create repository:

API NameCreate Repository
Request TypePost
Request URLservice/public/api/repository
Request Params

application/json

•HDFS Example:

HDFS Example
{
 "name": "hadoopdev_2",
 "description": "hdfs repository using curl",
 "repositoryType": "hdfs",
"config": "{
 "username": "policymgr",
 "password": "policymgr",
 "fs.default.name": "hdfs://sandbox.hortonworks.com:8020",
 "hadoop.security.authorization": "true",
 "hadoop.security.authentication": "simple",
 "hadoop.security.auth_to_local": "RULE:[2:$1@$0](jhs@.*EXAMPLE.COM)s/.*/mapred/ RULE:[2:$1@$0]([nr]m@.*EXAMPLE.COM)s/.*/yarn/ RULE:[2:$1@$0]([nd]n@.*EXAMPLE.COM)s/.*/hdfs/ DEFAULT",
 "dfs.datanode.kerberos.principal": "dn/_HOST@EXAMPLE.COM",
 "dfs.namenode.kerberos.principal": "nn/_HOST@EXAMPLE.COM",
 "dfs.secondary.namenode.kerberos.principal": "nn/_HOST@EXAMPLE.COM",
 "commonNameForCertificate": ""
 }",
"isActive": true
}


•HIVE Example:

HIVE Example
  {
"name": "hivedev_1",
 "description": "Hive Dev",
 "repositoryType": "Hive",
"config": "{
 "username": "policymgr_hive",
 "password": "policymgr_hive",
 "jdbc.driverClassName": "org.apache.hive.jdbc.HiveDriver",
 "jdbc.url": "jdbc:hive2://127.0.0.1:10000/default",
 "commonNameForCertificate": ""
 }",
"isActive": true
}

• HBASE Example:

 

HBASE Example
{
name: "hbasedev"
description: "HBase Dev"
isActive: true
repositoryType: "hbase"
config: “{
 "username": "hbase",
 "password": "*****",
 "hadoop.security.authentication": "kerberos",
 "hbase.master.kerberos.principal": "hbase/_HOST@EXAMPLE.COM",
 "hbase.security.authentication": "kerberos",
 "hbase.zookeeper.property.clientPort": "2181",
 "hbase.zookeeper.quorum": "ip-172-31-38-49.ec2.internal",
 "zookeeper.znode.parent": "/hbase"
 }”
 }

• KNOX Example:

KNOX Exaple
{
 "name": "knoxdev",
 "description": "Knox Repository",
 "repositoryType": "Knox",
"config": “{
 "username": "admin",
 "password": "*****",
 "knox.url": "https://ip-172-31-38-49.ec2.internal:8443/gateway/admin/api/v1/topologies",
 "commonNameForCertificate": ""
 }
"isActive": true
}

 • STORM Example:

STORM Example
  {
"name": "stormdev",
 "description": "Storm Repo..",
 "repositoryType": "Storm",
"config": “{
 "username": "storm",
 "password": "*****",
 "nimbus.url": "http://ip-172-31-38-49.ec2.internal:8080/index.html",
 "commonNameForCertificate": ""
 }”
"isActive": true
}
Response200-Application/Json

 

Update Repository:

API NameUpdate Repository
Request TypePUT
Request URLservice/public/api/repository/{id}
Request Params

Application/json

• HDFS Example:

HDFS Example
 {
 "name": "hadoopdev",
 "description": "Hadoop Dev",
 "isActive": true,
 "repositoryType": "hdfs"
config: "{
 "username": "policymgr",
 "password": "policymgr",
 "fs.default.name": "hdfs://sandbox.hortonworks.com:8020",
 "hadoop.security.authorization": "true",
 "hadoop.security.authentication": "simple",
 "hadoop.security.auth_to_local": "RULE:[2:$1@$0](jhs@.*EXAMPLE.COM)s/.*/mapred/ RULE:[2:$1@$0]([nr]m@.*EXAMPLE.COM)s/.*/yarn/ RULE:[2:$1@$0]([nd]n@.*EXAMPLE.COM)s/.*/hdfs/ DEFAULT",
 "dfs.datanode.kerberos.principal": "dn/_HOST@EXAMPLE.COM",
 "dfs.namenode.kerberos.principal": "nn/_HOST@EXAMPLE.COM",
 "dfs.secondary.namenode.kerberos.principal": "nn/_HOST@EXAMPLE.COM",
 "commonNameForCertificate": ""
 }"
}


 • HIVE Example:

HIVE Example
{
 "name": "hivedev",
 "description": "Hive Dev",
 "isActive": "true",
 "repositoryType": "hive"
config: "{
 "username": "policymgr_hive",
 "password": "policymgr_hive",
 "jdbc.driverClassName": "org.apache.hive.jdbc.HiveDriver",
 "jdbc.url": "jdbc:hive2://127.0.0.1:10000/default",
 "commonNameForCertificate": ""
 }"
}


• HBASE Example:

HBASE Exapmple
{
 "name": "hbasedev",
 "description": "HBase Dev",
 "isActive": "true",
 "repositoryType": "hbase"
config: “{
 "username": "hbase",
 "password": "*****",
 "hadoop.security.authentication": "kerberos",
 "hbase.master.kerberos.principal": "hbase/_HOST@EXAMPLE.COM",
 "hbase.security.authentication": "kerberos",
 "hbase.zookeeper.property.clientPort": "2181",
 "hbase.zookeeper.quorum": "ip-172-31-38-49.ec2.internal",
 "zookeeper.znode.parent": "/hbase"
 }”
}


• KNOX Example:

KNOX Example
{
 "name": "knoxdev_updated",
 "description": "Knox Repo..",
 "repositoryType": "Knox",
"config": “{
 "username": "admin",
 "password": "*****",
 "knox.url": "https://ip-172-31-38-49.ec2.internal:8443/gateway/admin/api/v1/topologies",
 "commonNameForCertificate": ""
 }”
"isActive": false
}

• STORM Example:

STORM Example
{
 "name": "stormdev_updated",
 "description": "Storm Repo.. Updated",
 "repositoryType": "Storm",
"config": “{
 "username": "storm",
 "password": "*****",
 "nimbus.url": "http://ip-172-31-38-49.ec2.internal:8080/index.html",
 "commonNameForCertificate": ""
 }”
"isActive": true
}


Response200-Application/json

Delete Repository:

API NameDelete Repository
Request TypeDelete
Request URLservice/public/api/repository/{id}
Request Param 
Response204-No Content

 

Search Repository:

API NameSearch Repositories
Request TypeGET
Request URLservice/public/api/repository
Request Params

Query Params

pageSize int The page size required

startIndex int The start record index

name string The repository name

type string The repository types("hdfs","hive","hbase","knox","storm")

status boolean The status Enable,disable (status= true/false)

Example :

  Pagesize=25&startindex=0

Response

200-Application/json

•Example:

Example
{
"startIndex":0,
"pageSize":25,
"totalCount":3,
"resultSize":3,
"queryTimeMS":1405666510264,
"vXRepositories":[
 {
 "id": 1,
 "createDate": "2014-07-16T13:13:47Z",
 "updateDate": "2014-07-18T06:37:19Z",
 "owner": "Admin",
 "updatedBy": "Admin",
 "name": "hbasedev",
 "description": "",
 "repositoryType": "hbase",
 "config": "{
 "username": "hbase",
 "password": "*****",
 "hadoop.security.authentication": "kerberos",
 "hbase.master.kerberos.principal": "hbase/_HOST@EXAMPLE.COM",
 "hbase.security.authentication": "kerberos",
 "hbase.zookeeper.property.clientPort": "2181",
 "hbase.zookeeper.quorum": "ip-172-31-38-49.ec2.internal",
 "zookeeper.znode.parent": "/hbase"
 }",
 "isActive": true,
 "version": "0.1.0"
 },
 {
 "id": 2,
 "createDate": "2014-07-16T13:25:54Z",
 "updateDate": "2014-07-16T13:53:19Z",
 "owner": "Admin",
 "updatedBy": "Admin",
 "name": "hadoopdev",
 "description": "",
 "repositoryType": "hdfs",
 "config": "{
 "username": "first",
 "password": "*****",
 "fs.default.name": "hdfs://10.0.2.15:8020",
 "hadoop.security.authorization": "true",
 "hadoop.security.authentication": "simple",
 "hadoop.security.auth_to_local": "",
 "dfs.datanode.kerberos.principal": "",
 "dfs.namenode.kerberos.principal": "",
 "dfs.secondary.namenode.kerberos.principal": "",
 "commonNameForCertificate": ""
 }",
 "isActive": true,
 "version": "0.1.0"
 },
 {
 "id": 4,
 "createDate": "2014-07-18T06:32:27Z",
 "updateDate": "2014-07-18T06:32:27Z",
 "owner": "Admin",
 "updatedBy": "Admin",
 "name": "hivedev",
 "description": "Hive Repository",
 "repositoryType": "hive",
 "config": "{
 "username": "policymgr",
 "password": "*****",
 "jdbc.driverClassName": "org.apache.hive.jdbc.HiveDriver",
 "jdbc.url": "jdbc:hive2://127.0.0.1:10000default",
 "commonNameForCertificate": ""
 }",
 "isActive": true,
 "version": "0.1.0"
 }
]
}

 Policy API's 

 

Get Policy:

API NameGet Policy
Request TypeGet
Request URLservice/public/api/policy/{id}
Request Params 
Response

200 - Application/json


HDFS Example:

HDFS Example
 {
 "id": 9,
 "policyName": "HomePolicy",
 "resourceName": "/home,/apps",
 "description": "Home",
 "repositoryName": "hadoopdev",
 "repositoryType": "hdfs",
 "isEnabled": true,
 "isRecursive": true,
 "isAuditEnabled": true,
 "permMapList": [
 {
 "userList": [
 "john",
 "andrew"
 ],
 "permList": [
 "Write",
 "Admin"
 ]
 },
 {
 "userList": [
 "hr"
 ],
 "groupList": [
 "admin"
 ],
 "permList": [
 "Read",
 "Write",
 "Admin"
 ]
 }
 ],
 "createDate": "2014-07-18T07:21:33Z",
 "updateDate": "2014-07-18T08:58:05Z",
 "owner": "Admin",
 "updatedBy": "Admin",
 "version": "0.1.0"
}


 

Possible perm list Types :-

For HDFS :-

READ,WRITE,EXECUTE,ADMIN

For HIVE :-

SELECT,UPDATE,CREATE,DROP,ALTER,INDEX,LOCK,ALL,ADMIN

For HBASE :-

READ,WRITE CREAT ADMIN

 

Create Policy:

API nameCreate Policy
Request TypePOST
Request URLservice/public/api/policy
 

Application/json

•HDFS Example:

HDFS Example
 {
 "policyName": "HomePolicy",
 "resourceName": "/home,/apps",
 "description": "Home",
 "repositoryName": "hadoopdev",
 "repositoryType": "hdfs",
 "isEnabled": "true",
 "isRecursive": false,
 "isAuditEnabled": true,
 "permMapList": [
 {
 "userList": [
 "john",
 "andrew"
 ],
 "permList": [
 "SELECT",
 "UPDATE"
 ]
 },
 {
 "userList": [
 "hr"
 ],
 "groupList": [
 "admin"
 ],
 "permList": [
 "DROP",
 "ALTER",
 "ADMIN"
 ]
 }
 ]
}

•HBASE Example:

HBASE Example
{
 "policyName": "FinancePolicy",
 "tables": "finance,hr",
 "columnFamilies": "invoices,emps",
 "columns": "amt, emp_id",
 "description": "HBase Policy",
 "repositoryName": "hbasedev",
 "repositoryType": "hbase",
 "isEnabled": "true",
 "isAuditEnabled": true,
 "tableType": "Inclusion",
 "columnType": "Inclusion",
 "permMapList": [
 {
 "userList": [
 "john",
 "andrew"
 ],
 "permList": [
 "Write",
 "Admin"
 ]
 },
 {
 "userList": [
 "hr"
 ],
 "groupList": [
 "admin"
 ],
 "permList": [
 "Read",
 "Write",
 "Admin"
 ]
 }
 ]
}

•HIVE Example:

HIVE Example
{
 "policyName": "FinancePolicy",
 "databases": "finance,hr",
 "tables": "invoices,emps",
 "columns": "amt, emp_id",
 "udfs": "",
 "description": "Hive Policy",
 "repositoryName": "hivedev",
 "repositoryType": "hive",
 "tableType": "Exclusion",
 "columnType": "Inclusion",
 "isEnabled": true,
 "isAuditEnabled": true,
 "permMapList": [
 {
 "userList": [
 "john",
 "andrew"
 ],
 "permList": [
 "Write",
 "Admin"
 ]
 },
 {
 "userList": [
 "hr"
 ],
 "groupList": [
 "admin"
 ],
 "permList": [
 "Read",
 "Write",
 "Admin"
 ]
 }
 ]
}

 •KNOX Example:

KNOX Example
{
 "policyName": "Fin Department Policy",
 "description": "Fin policy for Knox",
 "repositoryName": "knoxdev",
 "repositoryType": "Knox",
 "permMapList": [
 {
 "userList": [
 "policymgr_hbase",
 "policymgr_hive"
 ],
 "permList": [
 "Allow"
 ],
 "ipAddress": "192.168.0.1, 192.168.200.90"
 },
 {
 "userList": [
 "policymgr"
 ],
 "groupList": [
 "Grp1",
 "Grp2"
 ],
 "permList": [
 "Allow",
 "Admin"
 ]
 }
 ],
 "topologies": "topo1, topo2, topo3",
 "services": "service1, service2, service3",
 "isEnabled": true,
 "isRecursive": false,
 "isAuditEnabled": true
}

•STORM Example:

STORM Example
{
 "policyName": "Marketing Department Policy",
 "description": "Marketing Department policy",
 "repositoryName": "stormdev_updated",
 "repositoryType": "Storm",
 "permMapList": [
 {
 "userList": [
 "policymgr"
 ],
 "permList": [
 "getNimbusConf",
 "getClusterInfo",
 "rebalance"
 ]
 },
 {
 "userList": [
 "policymgr_hbase",
 "policymgr_hive"
 ],
 "permList": [
 "fileDownload",
 "fileUpload"
 ]
 }
 ],
 "topologies": "topo1, topo3",
 "isEnabled": true,
 "isRecursive": false,
 "isAuditEnabled": true
}


 Response 200 - Application/json


Update Policy:

API Nameupdate policy
Request TypePUT
Request URLservice/public/api/policy/{id}
Request Params

Application /json

KNOX Example
{
 "policyName": "Fin Department Policy Updated",
 "description": "Fin policy for Knox",
 "repositoryName": "knoxdev",
 "repositoryType": "Knox",
 "permMapList": [
 {
 "userList": [
 "policymgr"
 ],
 "groupList": [
 "Grp1",
 "Grp2"
 ],
 "permList": [
 "Allow",
 "Admin"
 ],
 "ipAddress": "192.168.0.220,ipAddress2"
 },
 {
 "userList": [
 "policymgr_hive",
 "policymgr_hbase"
 ],
 "permList": [
 "Allow"
 ]
 }
 ],
 "topologies": "topo1, topo2, topo3",
 "services": "service1, service2, service3",
 "isEnabled": true,
 "isAuditEnabled": true
} 

•HDFS Example: 

HDFS Example
{
 "policyName": "HomePolicy",
 "resourceName": "/home,/apps",
 "description": "Home",
 "isEnabled": true,
 "isRecursive": false,
 "isAuditEnabled": true,
 "repositoryName": "hadoopdev",
 "repositoryType": "hdfs",
 "permMapList": [
 {
 "userList": [
 "john",
 "andrew"
 ],
 "permList": [
 "Write",
 "Admin"
 ]
 },
 {
 "userList": [
 "hr"
 ],
 "groupList": [
 "admin"
 ],
 "permList": [
 "Read",
 "Write",
 "Admin"
 ]
 }
 ]
}

•HBASE Example:

HBASE Example
 {
 "policyName": "HomePolicy",
 "tables": "finance,hr",
 "columnFamilies": "invoices,emps",
 "columns": "amt, emp_id",
 "description": "HBase Policy",
 "isEnabled": true,
 "isAuditEnabled": true,
 "repositoryName": "hbasedev",
 "repositoryType": "hbase",
 "permMapList": [
 {
 "userList": [
 "john",
 "andrew"
 ],
 "permList": [
 "Write",
 "Admin"
 ]
 },
 {
 "userList": [
 "hr"
 ],
 "groupList": [
 "admin"
 ],
 "permList": [
 "Read",
 "Write",
 "Admin"
 ]
 }
 ]
}

•HIVE Example:

HIVE Example
{
 "policyName": "HomePolicy",
 "databases": "finance,hr",
 "tables": "invoices,emps",
 "columns": "amt, emp_id",
 "udfs": "",
 "description": "Hive Policy",
 "tableType": "Exclusion",
 "columnType": "Inclusion",
 "isEnabled": true,
 "isAuditEnabled": true,
 "repositoryName": "hivedev",
 "repositoryType": "hive",
 "permMapList": [
 {
 "userList": [
 "john",
 "andrew"
 ],
 "permList": [
 "Write",
 "Admin"
 ]
 },
 {
 "userList": [
 "hr"
 ],
 "groupList": [
 "admin"
 ],
 "permList": [
 "Read",
 "Write",
 "Admin"
 ]
 }
 ]
}


 

•KNOX Example:

•STORM Example:

STORM Example
 {
 "policyName": "Marketing Department Policy Updated",
 "description": "Marketing Department policy for Storm",
 "repositoryName": "stormdev_updated",
 "repositoryType": "Storm",
 "permMapList": [
 {
 "userList": [
 "policymgr"
 ],
 "permList": [
 "getNimbusConf",
 "rebalance"
 ]
 },
 {
 "userList": [
 "policymgr_hbase",
 "policymgr_hive"
 ],
 "permList": [
 "fileUpload"
 ]
 }
 ],
 "topologies": "topo1, topo3",
 "isEnabled": true,
 "isRecursive": false,
 "isAuditEnabled": true
}


 Response 200 - Application/json

 

Delete policy:

API NameDelete Policy
Request TypeDELETE
Request URLservice/public/api/policy/{id}
Request Params 
Response204 - No Content


Search Policy:

API NameSearch Policy
Request TypeGET
Request URLservice/public/api/policy
Request Params

Querry Params:

pageSize int The page size required

startIndex int The start record index

 policyName string The Name of the policy

 columns strings The columns

 columnFamilies string The column Families

tables string The tables

udfs string The udfs

databases string The databases

groupName string The group

repositoryType string The repository type ("hbase","hdfs" etc)

isRecursive boolean The isRecursives property ("true" or "false")

repositoryName string The repository name

userName string The user name

isEnabled boolean The enable/disabled property ("true" or "false")


Example =

pagesize25=25&startIndex=0

Response

200 - Application/jason

Example:

Example
{
 "startIndex": 0,
 "pageSize": 1,
 "totalCount": 1,
 "resultSize": 1,
 "queryTimeMS": 1409646322022,
 "vXPolicies": [
 {
 "id": 3,
 "createDate": "2014-09-02T06:02:19Z",
 "updateDate": "2014-09-02T06:02:19Z",
 "owner": "Admin",
 "updatedBy": "Admin",
 "policyName": "hivedev_1409637739446_281_2-2-20140902060219",
 "resourceName": "/*/*",
 "repositoryName": "Hive Repo Updated_1409637741234_476_10",
 "repositoryType": "Hive",
 "tables": "",
 "columns": "",
 "databases": "*",
 "udfs": "**",
 "tableType": "Inclusion",
 "columnType": "Inclusion",
 "isEnabled": true,
 "isRecursive": false,
 "isAuditEnabled": true,
 "version": "0.1.0"
 }
 ]
}



 

 

 

 

 

 

 

 

 

 

  • No labels

2 Comments

  1. What's the port of the API?  the same of the Ranger web?

    1. Yes, it is the same. Also, in the future, please send your queries to user@ranger.incubator.apache.org. There are more people who are monitoring and can help you.