# spark-ranger **Repository Path**: hspghost/spark-ranger ## Basic Information - **Project Name**: spark-ranger - **Description**: No description available - **Primary Language**: Unknown - **License**: Apache-2.0 - **Default Branch**: master - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 1 - **Created**: 2022-03-14 - **Last Updated**: 2024-07-18 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README # Notice: This library has been contribute to https://github.com/apache/submarine as a sub-module, and that module can still be used individually. The project here will no longer be updated. If you have any questions please go to https://github.com/apache/submarine/tree/master/docs/submarine-security/spark/README.md to learn how to use and give feedback to the apache submarine community by following https://submarine.apache.org/community/contributors.html # Spark SQL Ranger Security Plugin [![License](https://img.shields.io/badge/license-Apache%202-4EB1BA.svg)](https://www.apache.org/licenses/LICENSE-2.0.html) [![](https://tokei.rs/b1/github/yaooqinn/spark-ranger)](https://github.com/yaooqinn/spark-ranger) [![codecov](https://codecov.io/gh/yaooqinn/spark-ranger/branch/master/graph/badge.svg)](https://codecov.io/gh/yaooqinn/spark-ranger) [![Build Status](https://travis-ci.com/yaooqinn/spark-ranger.svg?branch=master)](https://travis-ci.com/yaooqinn/spark-ranger) [![HitCount](http://hits.dwyl.io/yaooqinn/spark-ranger.svg)](http://hits.dwyl.io/yaooqinn/spark-ranger) ACL Management for Apache Spark SQL with Apache Ranger, enabling: - Table/Column level authorization - Row level filtering - Data masking ## Build Spark SQL Ranger Security Plugin is built based on [Apache Maven](http://maven.apache.org), ```bash mvn clean package -Pspark-2.3 -Pranger-1.0 -DskipTests ``` Currently, available profiles are: Spark: -Pspark-2.3, -Pspark-2.4 Ranger: -Pranger-1.0, -Pranger-1.1, -Pranger-1.2 -Pranger-2.0 ## Usage ### Installation Place the spark-ranger-<version>.jar into $SPARK_HOME/jars. ### Installation Addons You can find some tips and known problems about this library [here](docs/installation-addons.md). ### Configurations #### Ranger admin client configurations Create ranger-spark-security.xml in $SPARK_HOME/conf and add the following configurations for pointing to the right ranger admin server ```xml ranger.plugin.spark.policy.rest.url ranger admin address like http://ranger-admin.org:6080 ranger.plugin.spark.service.name a ranger hive service name ranger.plugin.spark.policy.cache.dir ./a ranger hive service name/policycache ranger.plugin.spark.policy.pollIntervalMs 5000 ranger.plugin.spark.policy.source.impl org.apache.ranger.admin.client.RangerAdminRESTClient ``` Create ranger-spark-audit.xml in $SPARK_HOME/conf and add the following configurations to enable/disable auditing. ```xml xasecure.audit.is.enabled true xasecure.audit.destination.db false xasecure.audit.destination.db.jdbc.driver com.mysql.jdbc.Driver xasecure.audit.destination.db.jdbc.url jdbc:mysql://10.171.161.78/ranger xasecure.audit.destination.db.password rangeradmin xasecure.audit.destination.db.user rangeradmin ``` #### Enable plugin via spark extensions spark.sql.extensions=org.apache.ranger.authorization.spark.authorizer.RangerSparkSQLExtension