Authorization With ACLs

This section covers Ozone's ACL support, which can be used to restrict access to different portions of the namespace once a user has authenticated with Kerberos. To configure access for administrator operations that do not involve the Ozone namespace, see the Administrator Guide.

📄️ Native ACLs

Ozone supports a set of native ACLs.

📄️ Ranger authorization policies

Ozone supports two authorization models: Native ACLs and Apache Ranger policies.