lboka/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/mrs/component-operation-guide-lts/mrs_01_24245.html
Yang, Tong 48706b7552 MRS COMP-LTS 320-lts.1 version 
Reviewed-by: Kacur, Michal <michal.kacur@t-systems.com>
Co-authored-by: Yang, Tong <yangtong2@huawei.com>
Co-committed-by: Yang, Tong <yangtong2@huawei.com>
2024-04-12 12:51:10 +00:00

196 lines
32 KiB
HTML
Raw Blame History

<a name="mrs_01_24245"></a><a name="mrs_01_24245"></a>
<h1 class="topictitle1">Adding a Ranger Access Permission Policy for CDL</h1>
<div id="body0000001533640294"><div class="section" id="mrs_01_24245__section1861148182711"><h4 class="sectiontitle">Scenario</h4><p id="mrs_01_24245__p757895715271">Ranger administrators can use Ranger to configure creation, execution, query, and deletion permissions for CDL users.</p>
</div>
<div class="section" id="mrs_01_24245__section11493172153315"><h4 class="sectiontitle">Prerequisites</h4><ul id="mrs_01_24245__ul5357197143515"><li id="mrs_01_24245__li735717193519">The Ranger service has been installed and is running properly.</li><li id="mrs_01_24245__li1516017214353">You have created users, user groups, or roles for which you want to configure permissions.</li></ul>
</div>
<div class="section" id="mrs_01_24245__section783035910271"><h4 class="sectiontitle">Procedure</h4><ol id="mrs_01_24245__ol1065893219380"><li id="mrs_01_24245__li12298114525917"><span>Log in to the Ranger web UI as the Ranger administrator <strong id="mrs_01_24245__b111774612256">rangeradmin</strong>. For details, see <a href="mrs_01_1850.html">Logging In to the Ranger Web UI</a>.</span></li><li id="mrs_01_24245__li18658932173820"><span>On the home page, click the component plug-in name in the <strong id="mrs_01_24245__b179188500125858">CDL</strong> area, for example, <strong id="mrs_01_24245__b4747277525858">CDL</strong>.</span></li><li id="mrs_01_24245__li1955384410387"><span>Click <strong id="mrs_01_24245__b96901238825858">Add New Policy</strong> to add a CDL permission control policy.</span></li><li id="mrs_01_24245__li139634483403"><span>Configure the parameters listed in the table below based on the service demands.</span><p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="mrs_01_24245__table13041634123020" frame="border" border="1" rules="all"><caption><b>Table 1 </b>CDL permission parameters</caption><thead align="left"><tr id="mrs_01_24245__row33045341301"><th align="left" class="cellrowborder" valign="top" width="26.16%" id="mcps1.3.3.2.4.2.1.2.3.1.1"><p id="mrs_01_24245__p250385903017">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="73.83999999999999%" id="mcps1.3.3.2.4.2.1.2.3.1.2"><p id="mrs_01_24245__p1750345915308">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="mrs_01_24245__row855519388569"><td class="cellrowborder" valign="top" width="26.16%" headers="mcps1.3.3.2.4.2.1.2.3.1.1 "><p id="mrs_01_24245__p455513382568">Policy Type</p>
</td>
<td class="cellrowborder" valign="top" width="73.83999999999999%" headers="mcps1.3.3.2.4.2.1.2.3.1.2 "><p id="mrs_01_24245__p555583845614">Access.</p>
</td>
</tr>
<tr id="mrs_01_24245__row1352143814519"><td class="cellrowborder" valign="top" width="26.16%" headers="mcps1.3.3.2.4.2.1.2.3.1.1 "><p id="mrs_01_24245__p119259713409">Policy Conditions</p>
</td>
<td class="cellrowborder" valign="top" width="73.83999999999999%" headers="mcps1.3.3.2.4.2.1.2.3.1.2 "><p id="mrs_01_24245__p9935105714451">IP address filtering policy, which can be customized. You can enter one or more IP addresses or IP address segments. The IP address can contain the wildcard character (*), for example, <strong id="mrs_01_24245__b41896593025858">192.168.1.10</strong>, <strong id="mrs_01_24245__b41036629725858">192.168.1.20</strong>, or <strong id="mrs_01_24245__b119413081125858">192.168.1.*</strong>.</p>
</td>
</tr>
<tr id="mrs_01_24245__row1128111208322"><td class="cellrowborder" valign="top" width="26.16%" headers="mcps1.3.3.2.4.2.1.2.3.1.1 "><p id="mrs_01_24245__p1469114120417">Policy Name</p>
</td>
<td class="cellrowborder" valign="top" width="73.83999999999999%" headers="mcps1.3.3.2.4.2.1.2.3.1.2 "><p id="mrs_01_24245__p1920572416251">Policy name, which can be customized and must be unique in the service.</p>
</td>
</tr>
<tr id="mrs_01_24245__row330483473019"><td class="cellrowborder" valign="top" width="26.16%" headers="mcps1.3.3.2.4.2.1.2.3.1.1 "><p id="mrs_01_24245__p196910112228">Policy Label</p>
</td>
<td class="cellrowborder" valign="top" width="73.83999999999999%" headers="mcps1.3.3.2.4.2.1.2.3.1.2 "><p id="mrs_01_24245__p5695112225">A label specified for the current policy. You can search for reports and filter policies based on labels.</p>
</td>
</tr>
<tr id="mrs_01_24245__row10304163418303"><td class="cellrowborder" valign="top" width="26.16%" headers="mcps1.3.3.2.4.2.1.2.3.1.1 "><p id="mrs_01_24245__p195031559193017">job</p>
</td>
<td class="cellrowborder" valign="top" width="73.83999999999999%" headers="mcps1.3.3.2.4.2.1.2.3.1.2 "><p id="mrs_01_24245__p14759236141011">Name of the job applicable to the current policy. You can enter multiple values. The value can contain wildcards, such as <strong id="mrs_01_24245__b133131106625858">test</strong>, <strong id="mrs_01_24245__b125025324225858">test*</strong>, and <strong id="mrs_01_24245__b108158319325858">*</strong>.</p>
<p id="mrs_01_24245__p99402217306">The <span class="parmname" id="mrs_01_24245__parmname67315817025858"><b>Include</b></span> policy applies to the current input object, and the <span class="parmname" id="mrs_01_24245__parmname124166630325858"><b>Exclude</b></span> policy applies to objects other than the current input object.</p>
</td>
</tr>
<tr id="mrs_01_24245__row0216030173315"><td class="cellrowborder" valign="top" width="26.16%" headers="mcps1.3.3.2.4.2.1.2.3.1.1 "><p id="mrs_01_24245__p15697173210192">Description</p>
</td>
<td class="cellrowborder" valign="top" width="73.83999999999999%" headers="mcps1.3.3.2.4.2.1.2.3.1.2 "><p id="mrs_01_24245__p1869773261914">Policy description.</p>
</td>
</tr>
<tr id="mrs_01_24245__row130463413301"><td class="cellrowborder" valign="top" width="26.16%" headers="mcps1.3.3.2.4.2.1.2.3.1.1 "><p id="mrs_01_24245__p898812379471">Audit Logging</p>
</td>
<td class="cellrowborder" valign="top" width="73.83999999999999%" headers="mcps1.3.3.2.4.2.1.2.3.1.2 "><p id="mrs_01_24245__p18988437174719">Whether to audit the policy.</p>
</td>
</tr>
<tr id="mrs_01_24245__row18304133403012"><td class="cellrowborder" valign="top" width="26.16%" headers="mcps1.3.3.2.4.2.1.2.3.1.1 "><p id="mrs_01_24245__p5304134113010">Allow Conditions</p>
</td>
<td class="cellrowborder" valign="top" width="73.83999999999999%" headers="mcps1.3.3.2.4.2.1.2.3.1.2 "><p id="mrs_01_24245__p2150185173119">Permission and exception conditions allowed by a policy. The priority of an exception condition is higher than that of a normal condition.</p>
<p id="mrs_01_24245__p3943134320378">In the <strong id="mrs_01_24245__b2055117325858">Select Role</strong>, <strong id="mrs_01_24245__b27080647925858">Select Group</strong>, and <strong id="mrs_01_24245__b82186326325858">Select User</strong> columns, select the role, user group, or user to which you want to assign permissions.</p>
<p id="mrs_01_24245__p276554473717">Click <strong id="mrs_01_24245__b40300360225858">Add Conditions</strong>, add the IP address range to which the policy applies, and click <strong id="mrs_01_24245__b214311739925858">Add Permissions</strong> to add corresponding permissions.</p>
<ul id="mrs_01_24245__ul615075143113"><li id="mrs_01_24245__li815015515316"><strong id="mrs_01_24245__b72982829525858">Create</strong> permission.</li><li id="mrs_01_24245__li16289742111312"><strong id="mrs_01_24245__b147275658325858">Execute</strong> permission.</li><li id="mrs_01_24245__li1015019513318"><strong id="mrs_01_24245__b43298123925858">Delete</strong> permission.</li><li id="mrs_01_24245__li1374119511160"><strong id="mrs_01_24245__b143531339351">Update</strong> permission.</li><li id="mrs_01_24245__li141505516317"><strong id="mrs_01_24245__b126961131113912">Get</strong> permission.</li><li id="mrs_01_24245__li1663701573417"><strong id="mrs_01_24245__b74681604925858">Select/Deselect All</strong> permission.</li></ul>
<p id="mrs_01_24245__p1545113122150">To add multiple permission control rules, click <span><img id="mrs_01_24245__image341133521514" src="en-us_image_0000001583961513.png"></span>.</p>
<p id="mrs_01_24245__p8404164411">If users or user groups in the current condition need to manage this policy, select <strong id="mrs_01_24245__b48300663725858">Delegate Admin</strong>. These users will become the agent administrators. The agent administrators can update and delete this policy and create sub-policies based on the original policy.</p>
</td>
</tr>
<tr id="mrs_01_24245__row43041334133011"><td class="cellrowborder" valign="top" width="26.16%" headers="mcps1.3.3.2.4.2.1.2.3.1.1 "><p id="mrs_01_24245__p155351440143214">Deny Conditions</p>
</td>
<td class="cellrowborder" valign="top" width="73.83999999999999%" headers="mcps1.3.3.2.4.2.1.2.3.1.2 "><p id="mrs_01_24245__p1453514405325">Policy rejection condition, which is used to configure the permissions and exceptions to be denied in the policy. The configuration method is the same as that of <strong id="mrs_01_24245__b176541218425858">Allow Conditions</strong>. The priority of the rejection condition is higher than that of the allowed conditions configured in <strong id="mrs_01_24245__b178276231525858">Allow Conditions</strong>.</p>
</td>
</tr>
</tbody>
</table>
</div>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="mrs_01_24245__table25376475282" frame="border" border="1" rules="all"><caption><b>Table 2 </b>Setting user permissions</caption><thead align="left"><tr id="mrs_01_24245__row145381247152817"><th align="left" class="cellrowborder" valign="top" width="36.059999999999995%" id="mcps1.3.3.2.4.2.2.2.3.1.1"><p id="mrs_01_24245__p45386472286"><strong id="mrs_01_24245__b4200856125117">Scenario</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="63.94%" id="mcps1.3.3.2.4.2.2.2.3.1.2"><p id="mrs_01_24245__p1334011246306"><strong id="mrs_01_24245__b7252617524">Role Authorization</strong></p>
</th>
</tr>
</thead>
<tbody><tr id="mrs_01_24245__row1453844742812"><td class="cellrowborder" valign="top" width="36.059999999999995%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="mrs_01_24245__p1538164712286">Setting the CDL administrator permission</p>
</td>
<td class="cellrowborder" valign="top" width="63.94%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><ol type="a" id="mrs_01_24245__ol11931192419182"><li id="mrs_01_24245__li189314241186">On the home page, click the component plug-in name in the <strong id="mrs_01_24245__b129482651025858">CDL</strong> area, for example, <strong id="mrs_01_24245__b99798747825858">CDL</strong>.</li><li id="mrs_01_24245__li209311324191819">Select the policies whose <strong id="mrs_01_24245__b033216587572">Policy Name</strong> is <strong id="mrs_01_24245__b152841219154620">all - job</strong>, <strong id="mrs_01_24245__b111343266461">all - link</strong>, <strong id="mrs_01_24245__b2285152816462">all - driver</strong> or <strong id="mrs_01_24245__b2925123024614">all - env</strong>, and click <span><img id="mrs_01_24245__image6791193812175" src="en-us_image_0000001583881265.png"></span> to edit the policies.</li><li id="mrs_01_24245__li1093142401818">In the <strong id="mrs_01_24245__b83893131225858">Allow Conditions</strong> area, select a user from the <strong id="mrs_01_24245__b72468557525858">Select User</strong> drop-down list.</li><li id="mrs_01_24245__li11121181115317">Click <strong id="mrs_01_24245__b176862393125858">Add Permissions</strong> and select <strong id="mrs_01_24245__b171225686425858">Select/Deselect All</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_24245__row9244412279"><td class="cellrowborder" valign="top" width="36.059999999999995%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="mrs_01_24245__p166224716278">Setting the permission to manage a CDL job</p>
</td>
<td class="cellrowborder" valign="top" width="63.94%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><ol type="a" id="mrs_01_24245__ol186229718271"><li id="mrs_01_24245__li126221679270">Select a CDL job name from the <strong id="mrs_01_24245__b14137269484">job</strong> drop-down list.</li><li id="mrs_01_24245__li9622177162712">In the <strong id="mrs_01_24245__b26583465425858">Allow Conditions</strong> area, select a user from the <strong id="mrs_01_24245__b63695572225858">Select User</strong> drop-down list.</li><li id="mrs_01_24245__li186225752714">Click <strong id="mrs_01_24245__b18419696825858">Add Permissions</strong> and select <strong id="mrs_01_24245__b115299875125858">Select/Deselect All</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_24245__row1238694413210"><td class="cellrowborder" valign="top" width="36.059999999999995%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="mrs_01_24245__p103864447325">Setting the permission to create a CDL job</p>
</td>
<td class="cellrowborder" valign="top" width="63.94%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><ol type="a" id="mrs_01_24245__ol1193519563418"><li id="mrs_01_24245__li1935155163415">Select a CDL job name from the <strong id="mrs_01_24245__b126917510527">job</strong> drop-down list.</li><li id="mrs_01_24245__li1793510573419">In the <strong id="mrs_01_24245__b87527587825858">Allow Conditions</strong> area, select a user from the <strong id="mrs_01_24245__b106589438925858">Select User</strong> drop-down list.</li><li id="mrs_01_24245__li13935135103414">Click <strong id="mrs_01_24245__b170215553325858">Add Permissions</strong> and select <strong id="mrs_01_24245__b48514144125858">Create</strong>.<div class="note" id="mrs_01_24245__note205117456283"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="mrs_01_24245__p1351254572817">By default, all users have the permission to create a CDL job.</p>
</div></div>
</li></ol>
</td>
</tr>
<tr id="mrs_01_24245__row2185182617346"><td class="cellrowborder" valign="top" width="36.059999999999995%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="mrs_01_24245__p418512643410">Setting the permission to delete a CDL job</p>
</td>
<td class="cellrowborder" valign="top" width="63.94%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><ol type="a" id="mrs_01_24245__ol68764496344"><li id="mrs_01_24245__li48761499344">Select a CDL job name from the <strong id="mrs_01_24245__b1636183416545">job</strong> drop-down list.</li><li id="mrs_01_24245__li18768499341">In the <strong id="mrs_01_24245__b79467778425858">Allow Conditions</strong> area, select a user from the <strong id="mrs_01_24245__b80525361925858">Select User</strong> drop-down list.</li><li id="mrs_01_24245__li5876144953417">Click <strong id="mrs_01_24245__b76464750025858">Add Permissions</strong> and select <strong id="mrs_01_24245__b98668985725858">Delete</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_24245__row19860454204111"><td class="cellrowborder" valign="top" width="36.059999999999995%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="mrs_01_24245__p15861135474111">Setting the permission to obtain information about a CDL job</p>
</td>
<td class="cellrowborder" valign="top" width="63.94%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><ol type="a" id="mrs_01_24245__ol9198511184219"><li id="mrs_01_24245__li519812111429">Select a CDL job name from the <strong id="mrs_01_24245__b678813243558">job</strong> drop-down list.</li><li id="mrs_01_24245__li12198111124215">In the <strong id="mrs_01_24245__b161623039625858">Allow Conditions</strong> area, select a user from the <strong id="mrs_01_24245__b141075636625858">Select User</strong> drop-down list.</li><li id="mrs_01_24245__li1619811111426">Click <strong id="mrs_01_24245__b19113344625858">Add Permissions</strong> and select <strong id="mrs_01_24245__b181732162525858">Get</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_24245__row17538647112817"><td class="cellrowborder" valign="top" width="36.059999999999995%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="mrs_01_24245__p6539121692914">Setting the permission to execute a CDL job</p>
</td>
<td class="cellrowborder" valign="top" width="63.94%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><ol type="a" id="mrs_01_24245__o4fec88099543498580262f53621ac547"><li id="mrs_01_24245__li1952454211196">Select a CDL job name from the <strong id="mrs_01_24245__b2365191295616">job</strong> drop-down list.</li><li id="mrs_01_24245__li052464261919">In the <strong id="mrs_01_24245__b105346791225858">Allow Conditions</strong> area, select a user from the <strong id="mrs_01_24245__b39436349625858">Select User</strong> drop-down list.</li><li id="mrs_01_24245__li052474211199">Click <strong id="mrs_01_24245__b124471445225858">Add Permissions</strong> and select <strong id="mrs_01_24245__b87808753125858">Execute</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_24245__row79051436445"><td class="cellrowborder" valign="top" width="36.059999999999995%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="mrs_01_24245__p1790510434446">Setting the permission to manage a CDL data link</p>
</td>
<td class="cellrowborder" valign="top" width="63.94%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><ol type="a" id="mrs_01_24245__ol59598654518"><li id="mrs_01_24245__li11959116144510">Select the CDL data link name on the right of the <strong id="mrs_01_24245__b825419382613">link</strong> drop-down list.</li><li id="mrs_01_24245__li16959866457">In the <strong id="mrs_01_24245__b3262844325858">Allow Conditions</strong> area, select a user from the <strong id="mrs_01_24245__b118468329925858">Select User</strong> drop-down list.</li><li id="mrs_01_24245__li10959166144513">Click <strong id="mrs_01_24245__b25710382225858">Add Permissions</strong> and select <strong id="mrs_01_24245__b16470147425858">Select/Deselect All</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_24245__row1997915611165"><td class="cellrowborder" valign="top" width="36.059999999999995%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="mrs_01_24245__p498085661618">Setting the permission to create a CDL data link</p>
</td>
<td class="cellrowborder" valign="top" width="63.94%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><ol type="a" id="mrs_01_24245__ol113322610178"><li id="mrs_01_24245__li103312263174">Select the CDL data link name on the right of the <strong id="mrs_01_24245__b152171527181913">link</strong> drop-down list.</li><li id="mrs_01_24245__li8332263178">In the <strong id="mrs_01_24245__b46950820725858">Allow Conditions</strong> area, select a user from the <strong id="mrs_01_24245__b36571892125858">Select User</strong> drop-down list.</li><li id="mrs_01_24245__li233026101713">Click <strong id="mrs_01_24245__b106756047325858">Add Permissions</strong> and select <strong id="mrs_01_24245__b34818297625858">Create</strong>.<div class="note" id="mrs_01_24245__note97001440203916"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="mrs_01_24245__p670013403391">By default, all users have the permission to creat CDL data links.</p>
</div></div>
</li></ol>
</td>
</tr>
<tr id="mrs_01_24245__row665581815358"><td class="cellrowborder" valign="top" width="36.059999999999995%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="mrs_01_24245__p565681816352">Setting the permission to delete a CDL data link</p>
</td>
<td class="cellrowborder" valign="top" width="63.94%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><ol type="a" id="mrs_01_24245__ol848715331715"><li id="mrs_01_24245__li34877339720">Select the CDL data link name on the right of the <strong id="mrs_01_24245__b1068310537205">link</strong> drop-down list.</li><li id="mrs_01_24245__li748713334719">In the <strong id="mrs_01_24245__b201864323525858">Allow Conditions</strong> area, select a user from the <strong id="mrs_01_24245__b123332859325858">Select User</strong> drop-down list.</li><li id="mrs_01_24245__li14487153316714">Click <strong id="mrs_01_24245__b37576934825858">Add Permissions</strong> and select <strong id="mrs_01_24245__b165614136025858">Delete</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_24245__row17639204311"><td class="cellrowborder" valign="top" width="36.059999999999995%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="mrs_01_24245__p863919010317">Setting the permission to update a CDL data link</p>
</td>
<td class="cellrowborder" valign="top" width="63.94%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><ol type="a" id="mrs_01_24245__ol042713255815"><li id="mrs_01_24245__li1142718252814">Select the CDL data link name on the right of the <strong id="mrs_01_24245__b13713203012114">link</strong> drop-down list.</li><li id="mrs_01_24245__li64271250813">In the <strong id="mrs_01_24245__b30968195225858">Allow Conditions</strong> area, select a user from the <strong id="mrs_01_24245__b97629442725858">Select User</strong> drop-down list.</li><li id="mrs_01_24245__li94273257816">Click <strong id="mrs_01_24245__b85390095925858">Add Permissions</strong> and select <strong id="mrs_01_24245__b141770385325858">Update</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_24245__row9792181212522"><td class="cellrowborder" valign="top" width="36.059999999999995%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="mrs_01_24245__p1852519428818">Setting the permission to obtain information about a CDL data link</p>
</td>
<td class="cellrowborder" valign="top" width="63.94%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><ol type="a" id="mrs_01_24245__ol35257421482"><li id="mrs_01_24245__li175253422818">Select the CDL data link name on the right of the <strong id="mrs_01_24245__b19659143613228">link</strong> drop-down list.</li><li id="mrs_01_24245__li11525134214814">In the <strong id="mrs_01_24245__b105657987325858">Allow Conditions</strong> area, select a user from the <strong id="mrs_01_24245__b196782043725858">Select User</strong> drop-down list.</li><li id="mrs_01_24245__li15255421087">Click <strong id="mrs_01_24245__b26565978825858">Add Permissions</strong> and select <strong id="mrs_01_24245__b210095831925858">Get</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_24245__row74251934348"><td class="cellrowborder" valign="top" width="36.059999999999995%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="mrs_01_24245__p1717021110107">Setting the permission to manage a CDL driver</p>
</td>
<td class="cellrowborder" valign="top" width="63.94%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><ol type="a" id="mrs_01_24245__ol2170131191016"><li id="mrs_01_24245__li417021116108">Select the CDL driver name on the right of the <strong id="mrs_01_24245__b20374204612417">driver</strong> drop-down list.</li><li id="mrs_01_24245__li1717012116108">In the <strong id="mrs_01_24245__b87112736325858">Allow Conditions</strong> area, select a user from the <strong id="mrs_01_24245__b44597780425858">Select User</strong> drop-down list.</li><li id="mrs_01_24245__li61701711201012">Click <strong id="mrs_01_24245__b39035872725858">Add Permissions</strong> and select <strong id="mrs_01_24245__b186816638225858">Select/Deselect All</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_24245__row6399175518132"><td class="cellrowborder" valign="top" width="36.059999999999995%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="mrs_01_24245__p15170121191015">Setting the permission to delete a CDL driver</p>
</td>
<td class="cellrowborder" valign="top" width="63.94%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><ol type="a" id="mrs_01_24245__ol4170131191013"><li id="mrs_01_24245__li17170111118102">Select the CDL driver name on the right of the <strong id="mrs_01_24245__b1485714382252">driver</strong> drop-down list.</li><li id="mrs_01_24245__li171701711161020">In the <strong id="mrs_01_24245__b132450066225858">Allow Conditions</strong> area, select a user from the <strong id="mrs_01_24245__b100492426525858">Select User</strong> drop-down list.</li><li id="mrs_01_24245__li10171161110109">Click <strong id="mrs_01_24245__b40235533925858">Add Permissions</strong> and select <strong id="mrs_01_24245__b119080174025858">Delete</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_24245__row1581011381566"><td class="cellrowborder" valign="top" width="36.059999999999995%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="mrs_01_24245__p7171121116108">Setting the permission to update a CDL driver</p>
</td>
<td class="cellrowborder" valign="top" width="63.94%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><ol type="a" id="mrs_01_24245__ol1617114119107"><li id="mrs_01_24245__li5171151110102">Select the CDL driver name on the right of the <strong id="mrs_01_24245__b2077121782610">driver</strong> drop-down list.</li><li id="mrs_01_24245__li1817117111108">In the <strong id="mrs_01_24245__b96017174525858">Allow Conditions</strong> area, select a user from the <strong id="mrs_01_24245__b119460772725858">Select User</strong> drop-down list.</li><li id="mrs_01_24245__li5171311171010">Click <strong id="mrs_01_24245__b95996100225858">Add Permissions</strong> and select <strong id="mrs_01_24245__b2880240225858">Update</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_24245__row840514206318"><td class="cellrowborder" valign="top" width="36.059999999999995%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="mrs_01_24245__p19171211191012">Setting the permission to obtain information about a CDL driver</p>
</td>
<td class="cellrowborder" valign="top" width="63.94%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><ol type="a" id="mrs_01_24245__ol2017181121017"><li id="mrs_01_24245__li13171211111010">Select the CDL driver name on the right of the <strong id="mrs_01_24245__b080218019270">driver</strong> drop-down list.</li><li id="mrs_01_24245__li1917110119107">In the <strong id="mrs_01_24245__b91888596325858">Allow Conditions</strong> area, select a user from the <strong id="mrs_01_24245__b182980155125858">Select User</strong> drop-down list.</li><li id="mrs_01_24245__li13171151191016">Click <strong id="mrs_01_24245__b42576003425858">Add Permissions</strong> and select <strong id="mrs_01_24245__b15746794625858">Get</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_24245__row169716541591"><td class="cellrowborder" valign="top" width="36.059999999999995%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="mrs_01_24245__p186801225121315">Setting the permission to manage a CDL environment variable</p>
</td>
<td class="cellrowborder" valign="top" width="63.94%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><ol type="a" id="mrs_01_24245__ol15680102510132"><li id="mrs_01_24245__li36805251134">Select the CDL environment variable name on the right of the <strong id="mrs_01_24245__b137471811331">env</strong> drop-down list.</li><li id="mrs_01_24245__li5680525181317">In the <strong id="mrs_01_24245__b142075038525858">Allow Conditions</strong> area, select a user from the <strong id="mrs_01_24245__b147987440025858">Select User</strong> drop-down list.</li><li id="mrs_01_24245__li16680192510135">Click <strong id="mrs_01_24245__b65599757525858">Add Permissions</strong> and select <strong id="mrs_01_24245__b116123980825858">Select/Deselect All</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_24245__row622862061310"><td class="cellrowborder" valign="top" width="36.059999999999995%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="mrs_01_24245__p96801625111316">Setting the permission to create a CDL environment variable</p>
</td>
<td class="cellrowborder" valign="top" width="63.94%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><ol type="a" id="mrs_01_24245__ol868017251135"><li id="mrs_01_24245__li16801625181316">Select the CDL environment variable name on the right of the <strong id="mrs_01_24245__b1635411488343">env</strong> drop-down list.</li><li id="mrs_01_24245__li15680112511311">In the <strong id="mrs_01_24245__b140738490325858">Allow Conditions</strong> area, select a user from the <strong id="mrs_01_24245__b45921029225858">Select User</strong> drop-down list.</li><li id="mrs_01_24245__li8680152514136">Click <strong id="mrs_01_24245__b2116686525858">Add Permissions</strong> and select <strong id="mrs_01_24245__b58308036425858">Create</strong>.<div class="note" id="mrs_01_24245__note514173019412"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="mrs_01_24245__p9146308410">By default, all users have the permission to create a CDL environment variable.</p>
</div></div>
</li></ol>
</td>
</tr>
<tr id="mrs_01_24245__row622813200137"><td class="cellrowborder" valign="top" width="36.059999999999995%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="mrs_01_24245__p668012517137">Setting the permission to delete a CDL environment variable</p>
</td>
<td class="cellrowborder" valign="top" width="63.94%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><ol type="a" id="mrs_01_24245__ol1968062561310"><li id="mrs_01_24245__li9680122541316">Select the CDL environment variable name on the right of the <strong id="mrs_01_24245__b4731546143510">env</strong> drop-down list.</li><li id="mrs_01_24245__li168142514138">In the <strong id="mrs_01_24245__b19880163725858">Allow Conditions</strong> area, select a user from the <strong id="mrs_01_24245__b199826274125858">Select User</strong> drop-down list.</li><li id="mrs_01_24245__li186816254135">Click <strong id="mrs_01_24245__b87049488325858">Add Permissions</strong> and select <strong id="mrs_01_24245__b16931436225858">Delete</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_24245__row162291620151311"><td class="cellrowborder" valign="top" width="36.059999999999995%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="mrs_01_24245__p0681142516137">Setting the permission to update a CDL environment variable</p>
</td>
<td class="cellrowborder" valign="top" width="63.94%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><ol type="a" id="mrs_01_24245__ol18681192515130"><li id="mrs_01_24245__li18681225121312">Select the CDL environment variable name on the right of the <strong id="mrs_01_24245__b101081412362">env</strong> drop-down list.</li><li id="mrs_01_24245__li668172561310">In the <strong id="mrs_01_24245__b189590908525858">Allow Conditions</strong> area, select a user from the <strong id="mrs_01_24245__b167378847025858">Select User</strong> drop-down list.</li><li id="mrs_01_24245__li1968172511139">Click <strong id="mrs_01_24245__b94592971825858">Add Permissions</strong> and select <strong id="mrs_01_24245__b191459034225858">Update</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_24245__row822918209138"><td class="cellrowborder" valign="top" width="36.059999999999995%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="mrs_01_24245__p11681525181318">Setting the permission to obtain information about a CDL environment variable</p>
</td>
<td class="cellrowborder" valign="top" width="63.94%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><ol type="a" id="mrs_01_24245__ol4681725151319"><li id="mrs_01_24245__li2681525141319">Select the CDL environment variable name on the right of the <strong id="mrs_01_24245__b2201352193618">env</strong> drop-down list.</li><li id="mrs_01_24245__li14681162513131">In the <strong id="mrs_01_24245__b152924252425858">Allow Conditions</strong> area, select a user from the <strong id="mrs_01_24245__b62719057125858">Select User</strong> drop-down list.</li><li id="mrs_01_24245__li1568162531318">Click <strong id="mrs_01_24245__b50784102725858">Add Permissions</strong> and select <strong id="mrs_01_24245__b69275164625858">Get</strong>.</li></ol>
</td>
</tr>
</tbody>
</table>
</div>
</p></li><li id="mrs_01_24245__li1843153914410"><span>(Optional) Add the validity period of the policy. Click <strong id="mrs_01_24245__b72575072825858">Add Validity period</strong> in the upper right corner of the page, set <strong id="mrs_01_24245__b14904199025858">Start Time</strong> and <strong id="mrs_01_24245__b169545463625858">End Time</strong>, and select <strong id="mrs_01_24245__b157418241925858">Time Zone</strong>. Click <strong id="mrs_01_24245__b210709689425858">Save</strong>. To add multiple policy validity periods, click <span><img id="mrs_01_24245__image15741956174617" src="en-us_image_0000001533481354.png"></span>. To delete a policy validity period, click <span><img id="mrs_01_24245__image9741115619467" src="en-us_image_0000001533641294.png"></span>.</span></li><li id="mrs_01_24245__li18337132412418"><span>Click <strong id="mrs_01_24245__b88156902525858">Add</strong> to view the basic information about the policy in the policy list. After the policy takes effect, check whether the related permissions are normal.</span><p><p id="mrs_01_24245__p63219632216">To disable a policy, click <span><img id="mrs_01_24245__image163536740125858" src="en-us_image_0000001584081289.png"></span> to edit the policy and set the policy to <strong id="mrs_01_24245__b109940661925858">Disabled</strong>.</p>
<p id="mrs_01_24245__p1156483182316">If a policy is no longer used, click <span><img id="mrs_01_24245__image79841567249" src="en-us_image_0000001533162146.png"></span> to delete it.</p>
</p></li></ol>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="mrs_01_1849.html">Using Ranger</a></div>
</div>
</div>
View Git Blame Copy Permalink