atlas-simple-authz-policy.json

{
  "roles": {
    "ROLE_ADMIN": {
      "adminPermissions": [
        {
          "privileges": [ ".*" ]
        }
      ],

      "entityPermissions": [
        {
          "privileges":      [ ".*" ],
          "entityTypes":     [ ".*" ],
          "entityIds":       [ ".*" ],
          "classifications": [ ".*" ]
        }
      ],

      "typePermissions": [
        {
          "privileges":     [ ".*" ],
          "typeCategories": [ ".*" ],
          "typeNames":      [ ".*" ]
        }
      ],
      "relationshipPermissions": [
        {
          "privileges":                 [ ".*" ],
          "relationshipTypes":          [ ".*" ],
          "endOneEntityType":           [ ".*" ],
          "endOneEntityId":             [ ".*" ],
          "endOneEntityClassification": [ ".*" ],
          "endTwoEntityType":           [ ".*" ],
          "endTwoEntityId":             [ ".*" ],
          "endTwoEntityClassification": [ ".*" ]
        }
      ]
    },

    "DATA_SCIENTIST": {
      "entityPermissions": [
        {
          "privileges":       [ "entity-read", "entity-read-classification" ],
          "entityTypes":      [ ".*" ],
          "entityIds":        [ ".*" ],
          "classifications":  [ ".*" ],
          "labels":           [ ".*" ],
          "businessMetadata": [ ".*" ]
        }
      ]
    },

    "DATA_STEWARD": {
      "entityPermissions": [
        {
          "privileges":       [ "entity-read", "entity-create", "entity-update", "entity-read-classification", "entity-add-classification", "entity-update-classification", "entity-remove-classification", "entity-add-label", "entity-remove-label", "entity-update-business-metadata" ],
          "entityTypes":      [ ".*" ],
          "entityIds":        [ ".*" ],
          "classifications":  [ ".*" ],
          "labels":           [ ".*" ],
          "businessMetadata": [ ".*" ]
        }
      ]
    }
  },

  "userRoles": {
    "admin":          [ "ROLE_ADMIN" ],
    "rangertagsync":  [ "DATA_SCIENTIST" ],
    "dataScientist1": [ "DATA_SCIENTIST"],
    "dataSteward1":   [ "DATA_STEWARD"]
  },

  "groupRoles": {
    "ROLE_ADMIN":      [ "ROLE_ADMIN" ],
    "hadoop":          [ "DATA_STEWARD" ],
    "DATA_STEWARD":    [ "DATA_STEWARD" ],
    "RANGER_TAG_SYNC": [ "DATA_SCIENTIST" ]
  }
}