atlas-simple-authz-policy.json

{
  "roles": {
    "ROLE_ADMIN": {
      "adminPermissions": [
        {
          "privileges": [ ".*" ]
        }
      ],
      "typePermissions": [
        {
          "privileges":     [ ".*" ],
          "typeCategories": [ ".*" ],
          "typeNames":      [ ".*" ]
        }
      ],
      "entityPermissions": [
        {
          "privileges":      [ ".*" ],
          "entityTypes":     [ ".*" ],
          "entityIds":       [ ".*" ],
          "classifications": [ ".*" ],
          "labels" : [ ".*" ],
          "businessMetadata" : [ ".*" ],
          "attributes" :[ ".*" ]
        }
      ],
      "relationshipPermissions": [
        {
          "privileges":     [ ".*" ],
          "relationshipTypes": [ ".*" ],
          "end1EntityType":           [ ".*" ],
          "end1EntityId":             [ ".*" ],
          "end1EntityClassification": [ ".*" ],
          "end2EntityType":           [ ".*" ],
          "end2EntityId":             [ ".*" ],
          "end2EntityClassification": [ ".*" ]
        }
      ]
    },

    "DATA_SCIENTIST": {
      "entityPermissions": [
        {
          "privileges":      [ "entity-read", "entity-read-classification" ],
          "entityTypes":     [ ".*" ],
          "entityIds":       [ ".*" ],
          "classifications": [ ".*" ]
        }
      ]
    },

    "DATA_STEWARD": {
      "entityPermissions": [
        {
          "privileges":      [ "entity-read", "entity-create", "entity-update", "entity-read-classification", "entity-add-classification", "entity-update-classification", "entity-remove-classification" ],
          "entityTypes":     [ ".*" ],
          "entityIds":       [ ".*" ],
          "classifications": [ ".*" ]
        }
      ],
      "relationshipPermissions": [
        {
          "privileges":               [ "add-relationship", "update-relationship", "remove-relationship" ],
          "relationshipTypes":        [ ".*" ],
          "end1EntityType":           [ ".*" ],
          "end1EntityId":             [ ".*" ],
          "end1EntityClassification": [ ".*" ],
          "end2EntityType":           [ ".*" ],
          "end2EntityId":             [ ".*" ],
          "end2EntityClassification": [ ".*" ]
        }
      ]
    }
  },

  "userRoles": {
    "admin": [ "ROLE_ADMIN" ],
    "rangertagsync": [ "DATA_SCIENTIST" ]
  },

  "groupRoles": {
    "ROLE_ADMIN":      [ "ROLE_ADMIN" ],
    "hadoop":          [ "DATA_STEWARD" ],
    "DATA_STEWARD":    [ "DATA_STEWARD" ],
    "RANGER_TAG_SYNC": [ "DATA_SCIENTIST" ]
  }
}