ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jasper Knulst (Jira)" <j...@apache.org>
Subject [jira] [Updated] (RANGER-3069) Enable KMS policy editor for all with Keyadmin Role
Date Tue, 03 Nov 2020 15:40:00 GMT

     [ https://issues.apache.org/jira/browse/RANGER-3069?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Jasper Knulst updated RANGER-3069:
    Attachment: Screenshot 2020-11-03 at 16.38.11.png

> Enable KMS policy editor for all with Keyadmin Role 
> ----------------------------------------------------
>                 Key: RANGER-3069
>                 URL: https://issues.apache.org/jira/browse/RANGER-3069
>             Project: Ranger
>          Issue Type: Improvement
>          Components: admin, kms
>    Affects Versions: 1.2.0
>            Reporter: Jasper Knulst
>            Priority: Major
>         Attachments: Screenshot 2020-11-03 at 16.38.11.png
> Hi,
> I have been assigned the 'keyadmin' role and I do see the extra UI menu option 'Encryption'.
However I don't get to see the extra tile/ranger-service for <cluster>_KMS at Resource
Based policies to be able to edit key related policies. I still have to logon as user/identity
'keyadmin' to see the <cluster>_KMS tile in the Service Manager
> This defeats the purpose of having the 'Key Admin' role as it doesn't enable the ones
who have it anything. Currently it is also not auditable who specifically (in the ring of
people that have access to the credentials for the keyadmin idenity credentials) has done
what to key and zones

This message was sent by Atlassian Jira

View raw message