Apache Ranger
Apache Ranger is a framework to enable, monitor, and manage comprehensive data security across the Hadoop platform. It provides centralized security administration for fine-grained authorization policies across Hadoop ecosystem components.
APIs
Apache Ranger REST API
The Ranger REST API provides endpoints for policy management, service management, user/group management, audit log retrieval, and security zone administration, with plugin APIs ...
Capabilities
Features
Manage security policies for all Hadoop services from a single interface
Column-level, row-level, and data masking policies for Hive and HBase
Context-aware policies based on user attributes and tag classifications
Comprehensive audit trail of all resource access events
Supports HDFS, Hive, HBase, Kafka, Storm, Solr, Kudu, and more
Sync users and groups from Active Directory or LDAP
Delegate policy administration with security zones
Use Cases
Enforce column and row-level security on Hadoop data lake
Meet GDPR, HIPAA, and SOX requirements with audit logs and masking
Isolate access between teams and business units
Control which applications can produce and consume Kafka topics
Integrations
Native HDFS and YARN authorization integration
Column-level and row-level security for Hive queries
Table and column family security for HBase
Topic-level authorization for Kafka producers and consumers
Tag-based policies using Atlas data classifications