yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
0b3a43371a4bcc99577594de0a685249d676a567
doc-exports/docs/mrs/umn/admin_guide_000148.html
yangtong c285e88a17 MRS UMN 20250806 version 
Reviewed-by: Pruthi, Vineet <vineet.pruthi@t-systems.com>
Co-authored-by: yangtong <yangtong2@huawei.com>
Co-committed-by: yangtong <yangtong2@huawei.com>
2025-09-02 10:43:57 +00:00

38 lines
10 KiB
HTML
Raw Blame History

<a name="admin_guide_000148"></a><a name="admin_guide_000148"></a>
<h1 class="topictitle1">Managing Roles</h1>
<div id="body1529658735915"><div class="section" id="admin_guide_000148__section2257160"><h4 class="sectiontitle">Scenario</h4><p id="admin_guide_000148__p44289360"><span id="admin_guide_000148__text15946118176">MRS</span> Manager supports a maximum of 5000 roles (including system built-in roles but excluding roles automatically created by tenants). Based on different service requirements, you need to create and manage different roles on <span id="admin_guide_000148__text013316437512">MRS</span> Manager and perform authorization management for <span id="admin_guide_000148__text148201049165118">MRS</span> Manager and components using roles.</p>
</div>
<div class="section" id="admin_guide_000148__section20314447"><h4 class="sectiontitle">Prerequisites</h4><ul id="admin_guide_000148__ul7580267"><li id="admin_guide_000148__li1113543">You have learned service requirements.</li><li id="admin_guide_000148__li10021890">You have logged in to <span id="admin_guide_000148__text65931852135117">MRS</span> Manager.</li></ul>
</div>
<div class="section" id="admin_guide_000148__section2095713912713"><a name="admin_guide_000148__section2095713912713"></a><a name="section2095713912713"></a><h4 class="sectiontitle">Creating a Role</h4><ol id="admin_guide_000148__ol58200784"><li id="admin_guide_000148__li54045009"><span>Choose <strong id="admin_guide_000148__b253618495516">System</strong> &gt; <strong id="admin_guide_000148__b4543852355">Permission</strong> &gt; <strong id="admin_guide_000148__b171119550519">Role</strong>.</span></li><li id="admin_guide_000148__li16643039"><span>On the displayed page, click <span class="uicontrol" id="admin_guide_000148__uicontrol271618592610"><b>Create Role</b></span> and fill in <span class="parmname" id="admin_guide_000148__parmname2717559562"><b>Role Name</b></span> and <span class="parmname" id="admin_guide_000148__parmname1771905918612"><b>Description</b></span>.</span><p><p id="admin_guide_000148__p4036485719637">The role name consists of 3 to 50 characters, including digits, letters, and underscores (_). It cannot be the same as an existing role name in the system.</p>
</p></li><li id="admin_guide_000148__li15569626"><span>In the <strong id="admin_guide_000148__b1234334556112555">Configure Resource Permission</strong> area, click the cluster whose permissions are to be added and select service permissions for the role.</span><p><p id="admin_guide_000148__p5908907">When setting permissions for a component, enter a resource name in the search text box in the upper right corner and click the search icon to view the search result.</p>
<p id="admin_guide_000148__p53180163">The search result contains only directories, but not subdirectories. Search by keyword supports fuzzy match and is case-insensitive.</p>
<div class="note" id="admin_guide_000148__note47302913446"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="admin_guide_000148__en-us_topic_0193195756_ul1293412368313"><li id="admin_guide_000148__en-us_topic_0193195756_li199344366319">For components (except HDFS and Yarn) for which Ranger authorization has been enabled, the permissions of non-default roles on Manager do not take effect. You need to configure Ranger policies to assign permissions to user groups.</li><li id="admin_guide_000148__en-us_topic_0193195756_li49343361439">If the resource requests of HDFS and Yarn are beyond the Ranger policies, the ACL rules of the components still take effect.</li><li id="admin_guide_000148__li1235815232018">A maximum of 1000 permissions can be set for a component at a time.</li></ul>
</div></div>
</p></li><li id="admin_guide_000148__li8859419"><span>Click <strong id="admin_guide_000148__b187981849141110">OK</strong>.</span></li></ol>
</div>
<div class="section" id="admin_guide_000148__section10339426153111"><h4 class="sectiontitle">Modifying Role Information</h4><p id="admin_guide_000148__p1177313165">Locate the row that contains the target role and click <strong id="admin_guide_000148__b1770116502121">Modify</strong>.</p>
</div>
<div class="section" id="admin_guide_000148__section182991736133116"><h4 class="sectiontitle">Exporting Role Information</h4><p id="admin_guide_000148__p318031164">Click <strong id="admin_guide_000148__b1519726372112555">Export All</strong> to export all role information at a time in <span class="parmvalue" id="admin_guide_000148__parmvalue364908441112555"><b>TXT</b></span> or <span class="parmvalue" id="admin_guide_000148__parmvalue70347278112555"><b>CSV</b></span> format.</p>
<p id="admin_guide_000148__p1818113161620">The exported role information contains the role name, description, and whether the role is the default role.</p>
</div>
<div class="section" id="admin_guide_000148__section547002011328"><h4 class="sectiontitle">Deleting a Role</h4><p id="admin_guide_000148__p6181138166">Locate the row that contains the target role and click <strong id="admin_guide_000148__b5383142613142">Delete</strong>. To delete multiple roles in batches, select the target roles and click <strong id="admin_guide_000148__b176174581420">Delete</strong> above the role list. A role bound to a user cannot be deleted. To delete such a role, disassociate the role from the user by modifying the user first.</p>
</div>
<div class="section" id="admin_guide_000148__section17497204712110"><h4 class="sectiontitle">Task Example (Creating a Manager Role)</h4><ol id="admin_guide_000148__ol3199621919814"><li id="admin_guide_000148__li1284158219814"><span>Choose <strong id="admin_guide_000148__b47581233103810">System</strong> &gt; <strong id="admin_guide_000148__b1275813373812">Permission</strong> &gt; <strong id="admin_guide_000148__b16759933113811">Role</strong>.</span></li><li id="admin_guide_000148__li4846537519814"><span>On the displayed page, click <span class="uicontrol" id="admin_guide_000148__uicontrol369516364383"><b>Create Role</b></span> and fill in <span class="parmname" id="admin_guide_000148__parmname136961136143814"><b>Role Name</b></span> and <span class="parmname" id="admin_guide_000148__parmname1697436173818"><b>Description</b></span>.</span></li><li id="admin_guide_000148__li3338129719814"><span>In the <strong id="admin_guide_000148__b1450335623814">Configure Resource Permission</strong> area, click <strong id="admin_guide_000148__b125191538394">Manager</strong> and set permissions for the role.</span><p><p class="litext" id="admin_guide_000148__p46568871">Manager permissions:</p>
<ul class="subitemlist" id="admin_guide_000148__ul16466658"><li class="subitemlist" id="admin_guide_000148__li1617718356243">Cluster<ul id="admin_guide_000148__ul116523019302"><li id="admin_guide_000148__li451722614308"><strong id="admin_guide_000148__b10560125712417">view</strong> permission: permission to view information on the <strong id="admin_guide_000148__b97661012204519">Cluster</strong> page and view alarms and events under <strong id="admin_guide_000148__b1092004611457">O&amp;M</strong> &gt; <strong id="admin_guide_000148__b13411145354510">Alarm</strong>.</li><li id="admin_guide_000148__li44262516317"><strong id="admin_guide_000148__b191252281505">management</strong> permission: permission for management on the <strong id="admin_guide_000148__b317416615215">Cluster</strong> and <strong id="admin_guide_000148__b15572111216219">O&amp;M</strong> pages.</li></ul>
</li><li id="admin_guide_000148__li16221220202713">User<ul id="admin_guide_000148__ul975394214327"><li id="admin_guide_000148__li1936304513320"><strong id="admin_guide_000148__b10664105515219">view</strong> permission: permission to view information on pages under <strong id="admin_guide_000148__b4475838232">System</strong> &gt; <strong id="admin_guide_000148__b1359717361339">Permission</strong>.</li><li id="admin_guide_000148__li14378104573218"><strong id="admin_guide_000148__b136271755835">management</strong> permission: permission for management on pages under <strong id="admin_guide_000148__b1657591110417">System</strong> &gt; <strong id="admin_guide_000148__b957513111642">Permission</strong>.</li></ul>
</li><li class="subitemlist" id="admin_guide_000148__li272818383157">Audit<p class="subitemlist" id="admin_guide_000148__p10338123525515"><a name="admin_guide_000148__li272818383157"></a><a name="li272818383157"></a><strong id="admin_guide_000148__b475785215414">management</strong> permission: permission for management on the <strong id="admin_guide_000148__b821512471059">Audit</strong> page.</p>
</li><li class="subitemlist" id="admin_guide_000148__li1421685319153">Tenant<ul id="admin_guide_000148__ul134361738135516"><li id="admin_guide_000148__li61211883458"><strong id="admin_guide_000148__b175161401405">view</strong> permission: permission to view information on the <strong id="admin_guide_000148__b3608191204110">Tenant Resources</strong> page. </li><li class="subitemlist" id="admin_guide_000148__li889911373559"><strong id="admin_guide_000148__b6999272068">management</strong> permission: permission for management on the <strong id="admin_guide_000148__b7999478616">Tenant</strong> page and permission to view alarms and events under <strong id="admin_guide_000148__b5008564">O&amp;M</strong> &gt; <strong id="admin_guide_000148__b170148168">Alarm</strong>.</li></ul>
</li><li class="subitemlist" id="admin_guide_000148__li4834342166">System<ul id="admin_guide_000148__ul135961616195516"><li id="admin_guide_000148__li174381813124518"><strong id="admin_guide_000148__b54251641114219">view</strong> permission: permission to view all pages except those under <span class="wintitle" id="admin_guide_000148__wintitle33191552164319"><b>Permission</b></span> on the <span class="wintitle" id="admin_guide_000148__wintitle16319252174317"><b>System</b></span> module. </li><li class="subitemlist" id="admin_guide_000148__li2411181595511"><strong id="admin_guide_000148__b7932184716719">management</strong> permission: permission for management on all pages except those under <strong id="admin_guide_000148__b12582172614812">Permission</strong> on the <strong id="admin_guide_000148__b103501048889">System</strong> page and permission to view alarms and events under <strong id="admin_guide_000148__b36159141797">O&amp;M</strong> &gt; <strong id="admin_guide_000148__b1961551410914">Alarm</strong>.</li></ul>
</li></ul>
</p></li><li class="subitemlist" id="admin_guide_000148__li253911224216"><span>Click <strong id="admin_guide_000148__b200230728">OK</strong>.</span></li></ol>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="admin_guide_000135.html">Configuring Permissions</a></div>
</div>
</div>
View Git Blame Copy Permalink