> ## Documentation Index
> Fetch the complete documentation index at: https://docs.nx1cloud.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Ranger hands-on examples

> Examples showing how to configure and use access control with Apache Ranger.

The Ranger hands-on examples page demonstrates how to use Ranger.

## Add a new service

Use the following steps to add a new service:

1. Open the Ranger Admin UI. It should default to the **Resource Policies** sidebar option.
   This is also the Service Manager.
2. Click the plus sign to add a service. Select a service type, such as
   Trino or Hive.
3. Provide a service name and connection details such as URLs or credentials.
4. Test the connection to ensure Ranger can communicate with the service.
5. Save the service configuration.

<Card img="https://mintcdn.com/nexusone-4c77570d/G-bxbzTzQDe1jZv3/images/platform-components/apache-ranger/02-add-a-new-service.png?fit=max&auto=format&n=G-bxbzTzQDe1jZv3&q=85&s=8ac312f26d7a9df18eb08fa80d7daba6" width="1896" height="882" data-path="images/platform-components/apache-ranger/02-add-a-new-service.png">
  Add a new service
</Card>

## Create a policy

Use the following steps to create a policy:

1. Open the Ranger Admin UI. It should default to the **Resource Policies** sidebar option.
   This is also the Service Manager.
2. Select the service that you want to create a policy for.
3. At the top right-corner of the page, click **Add New Policy**.
4. Specify a policy name.
5. Define a resource scope, such as which databases, tables, or columns.
6. Add users or groups who should receive access.
7. Select permissions such as `SELECT`, `INSERT`, or `UPDATE`.
8. Optionally, add policy conditions.
9. Click **Save** at the bottom of the screen to save the policy.

<Card img="https://mintcdn.com/nexusone-4c77570d/G-bxbzTzQDe1jZv3/images/platform-components/apache-ranger/03-create-a-policy.png?fit=max&auto=format&n=G-bxbzTzQDe1jZv3&q=85&s=dd85ca89977e450c7511f4f0b3ebf2a5" width="1895" height="885" data-path="images/platform-components/apache-ranger/03-create-a-policy.png">
  Create a policy
</Card>

## Synchronize users and groups

Use the following steps to synchronize users and groups:

1. Configure Keycloak connection details in Ranger usersync configuration.
2. Specify a base DN, search filters, and sync intervals.
3. Start the usersync service.
4. In the Ranger Admin UI, click **Settings**, and verify that the users and groups appear
   under the Users, Groups, and Roles section.

## View audit logs

Use the following steps to view audit logs:

1. Open the Ranger Admin UI, and then click **Audits**.
2. Select one option, such as **Admin** or **Login Sessions**.
3. You should see a table showing the logs. You can use filters to narrow the
   results by user, resource, date range, or access result.
4. Export audit data for offline analysis or compliance reporting.
5. Create saved searches for frequent audit queries.

## Delegate an administrator

Use the following steps to delegate an administrator:

1. [Create a policy](#create-a-policy) granting administrative permissions
   to specific users.
2. Scope the administrator's permissions.

Doing this enables distributed administration where team leads manage their own resources

## Additional resources

* To get an overview of Ranger, refer to the [Ranger in NexusOne](./ranger-in-nx1) page.
* To learn about best practices when using Ranger, refer to the
  [Ranger best practices](./ranger-best-practices) page.
* For more details about Ranger, refer to the
  [Ranger](https://spark.apache.org/docs/latest/api/python/reference/pyspark.sql/index.html) official documentation.
* For more details about Spark in NexusOne, refer to [Spark in NexusOne](/platform-components/apache-spark)
  page.
* For more details about Trino in NexusOne, refer to [Trino in NexusOne](/platform-components/trino)
  page.
