You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by "rickboker (Jira)" <ji...@apache.org> on 2023/04/23 11:43:00 UTC
[jira] [Created] (RANGER-4202) return error using hadoop key roll command, when you set certian key ACL in rangeradmin.
rickboker created RANGER-4202:
---------------------------------
Summary: return error using hadoop key roll command, when you set certian key ACL in rangeradmin.
Key: RANGER-4202
URL: https://issues.apache.org/jira/browse/RANGER-4202
Project: Ranger
Issue Type: Bug
Components: kms
Affects Versions: 2.3.0
Reporter: rickboker
I set access policy as
{quote}{keyname: key1
user: user1
permissions: create get delete rollover
}
{quote}
and when I use this user to rollover or delete key by hadoop command it will return error.
ERROR INFORMATION:
{quote}Rolling key version from KeyProvider: org.apache.hadoop.crypto.key.kms.LoadBalancingKMSClientP
for key name: key1
Cannot roll key: key1 within KeyProvider: org.apache.hadoop.crypto.key.kms.LoadBalancingKMSC
roll <keyname> [-provider <provider>] [-strict] [-help]:
The roll subcommand creates a new version for the specified key
within the provider indicated using the -provider argument.
If -strict is supplied, fail immediately if the provider requires
a password and none is given.
Executing command failed with the following exception: AuthorizationException: User:user1
{quote}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)