Capabilities
The connector reads users, groups, roles, system access roles, admin module
permissions, security zones, tags, and policies from the Ranger Admin REST API.
Each policy is synced with one entitlement per access type it grants (for
example
select or read), covering allow, deny, allow/deny exception, data
mask, and row filter items, plus a delegate-admin entitlement. Grants resolve
the users, groups, and roles referenced in those policy items.
This connector targets Apache Ranger 2.x. It is read-only and does not
provision or modify access in Apache Ranger.
Gather Apache Ranger credentials
1
Sign in to the Apache Ranger Admin UI. By default it runs on port
6080,
for example https://ranger.example.com:6080. Note this base URL — you
enter it when configuring the connector.2
Use an account with administrator access. On a default installation this is
the
admin user whose password was set during installation. Confirm the
account can view Settings > Users/Groups/Roles and policy objects in
the Admin UI.3
Have the username and password for that account ready. The connector
authenticates to the Ranger Admin REST API with these credentials.
Configure the Apache Ranger connector
- Cloud-hosted
- Self-hosted
Follow these instructions to use a built-in, no-code connector hosted by C1.Done. Your Apache Ranger connector is now pulling access data into C1.
1
In C1, navigate to Integrations > Connectors and click Add connector.
2
Search for Apache Ranger and click Add.
3
Choose how to set up the new Apache Ranger connector.
4
Set the owner for this connector.
5
Click Next.
6
Find the Settings area of the page and click Edit.
7
Enter the Apache Ranger credentials:
- Base URL: Your Apache Ranger Admin server URL, for example
https://ranger.example.com:6080. - Username: The administrator username for Ranger Admin.
- Password: The password for that account.
8
Click Save.
9
The connector’s label changes to Syncing, followed by Connected. You can view the logs to ensure that information is syncing.