I am looking for way to define policy for Role pragmatically. Is there any API available for Sentry ? Either REST/JAVA ?
Any documentation or link will be great help?
I am looking for way to define policy for Role pragmatically. Is there any API available for Sentry ? Either REST/JAVA ?
Any documentation or link will be great help?
Sentry exposes apache thrift client interface, here you can find thrift api definition sentry_policy_service.thrift. You can use it for client source code generating.
Additionally, Cloudera releases compiled client libraries compatible to Sentry Service, distributed as a part of CDH i.e.:
<dependency>
<groupId>org.apache.sentry</groupId>
<artifactId>sentry-provider-db</artifactId>
<version>1.5.1-cdh5.5.1</version>
</dependency>
available in Cloudera's maven repository:
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<repositories>
<repository>
<id>cloudera</id>
<url>https://repository.cloudera.com/artifactory/cloudera-repos/</url>
</repository>
</repositories>
</project>
Here is a sample program using "sentry-provider-db" to get the permission details of a given hive database, (this program may not be defining policy for Role, but this program might give you an idea, to use other methods to achieve that)
Refer the below program to get idea about the available methods
https://github.com/apache/incubator-sentry/blob/master/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java
Below methods and class might be useful for you:
public class SentryPolicyServiceClientDefaultImpl implements SentryPolicyServiceClient
public synchronized void importPolicy(Map>> policyFileMappingData, String requestorUserName, boolean isOverwriteRole)
Post a comment, if you need sample krb5.conf, login.conf and pom.xml