Installing DPS
Also available as:
PDF

Configure Ranger to restrict access to DPS

You must configure a Ranger policy for the new Knox topology, in order to restrict access to only authorized users of DPS.

  1. Navigate to the Ranger UI.
  2. Click Access Manager, and then click the Knox repository link, for example:
    <cluster-name> Policies.
  3. Click Add New Policy, and then enter the following values:
    ParameterValue
    Policy Type Access
    Knox Topology token
    Knox Service *
  4. Enter groups or user names in Select Group or Select User.
  5. Optional: Under Policy Conditions click Add Condition and enter the IP addresses of the DPS host.
    This adds an IP-based filter to ensure that only known DPS Core hosts can access cluster services through the token topology.
  6. Under Permissions, click Add Permission and select Allow.