# (C) 2020 Starburstdata # Template for configuring Additional settings for Ranger Admin (Policy Manager). # Edit this file and upload it to S3 bucket. Provide path to uploaded file as # RangerConfigFile parameter when configuring Starburstdata Presto in # Cloud Formation Marketplace. # HTTPS configuration. # To enable SSL: # - set policymgr_http_enabled to false # - change policymgr url # - upload keystore with bootstrap script # - set path to uploaded keystore, alias and password policymgr_external_url=http://localhost:6080 policymgr_http_enabled=true policymgr_https_keystore_file= policymgr_https_keystore_keyalias= policymgr_https_keystore_password= # Additional database connection settings. # You may configure SSL by uploading keystore/truststore using bootstrap script and providing values below. db_ssl_enabled=false db_ssl_required=false db_ssl_verifyServerCertificate=false javax_net_ssl_keyStore= javax_net_ssl_keyStorePassword= javax_net_ssl_trustStore= javax_net_ssl_trustStorePassword= # Configure Audit Store using Apache solr. To enable, set audit_store to solr # and provide values for properties below. audit_store=none audit_solr_urls= audit_solr_user= audit_solr_password= audit_solr_zookeepers= # Authentication setup - you may use LDAP or ACTIVE_DIRECTORY instead of default NONE (built-in). # This is independent from usersync configuration. #LDAP|ACTIVE_DIRECTORY|NONE authentication_method=NONE remoteLoginEnabled=true authServiceHostName=localhost authServicePort=5151 # LDAP settings, required if authentication_method is set to LDAP # # Example settings # #xa_ldap_url=ldap://my-ldap:389 #xa_ldap_userDNpattern=uid={0},ou=users,dc=example,dc=com #xa_ldap_groupSearchBase=ou=groups,dc=example,dc=com #xa_ldap_groupSearchFilter=(member=uid={0},ou=users,dc=example,dc=com) #xa_ldap_groupRoleAttribute=cn #xa_ldap_base_dn=dc=example,dc=com #xa_ldap_bind_dn=cn=admin,ou=users,dc=example,dc=com #xa_ldap_bind_password=superSecret #xa_ldap_referral=follow|ignore #xa_ldap_userSearchFilter=(uid={0}) xa_ldap_url= xa_ldap_userDNpattern= xa_ldap_groupSearchBase= xa_ldap_groupSearchFilter= xa_ldap_groupRoleAttribute= xa_ldap_base_dn= xa_ldap_bind_dn= xa_ldap_bind_password= xa_ldap_referral= xa_ldap_userSearchFilter= # Active Directory settings, required if authentication_method is set to ACTIVE_DIRECTORY # # Example settings # #xa_ldap_ad_domain=example.com #xa_ldap_ad_url=ldap://ad.example.com:389 #xa_ldap_ad_base_dn=dc=example,dc=com #xa_ldap_ad_bind_dn=cn=administrator,ou=users,dc=example,dc=com #xa_ldap_ad_bind_password=superSecret #xa_ldap_ad_referral=follow|ignore #xa_ldap_ad_userSearchFilter=(sAMAccountName={0}) xa_ldap_ad_domain= xa_ldap_ad_url= xa_ldap_ad_base_dn= xa_ldap_ad_bind_dn= xa_ldap_ad_bind_password= xa_ldap_ad_referral= xa_ldap_ad_userSearchFilter= # Optional Kerberos configuration spnego_principal= spnego_keytab= token_valid=30 cookie_domain= cookie_path=/ admin_principal= admin_keytab= lookup_principal= lookup_keytab= hadoop_conf=/etc/hadoop/conf # Single Sign-On configuration sso_enabled=false sso_providerurl= sso_publickey=