Reply
Explorer
Posts: 11
Registered: ‎09-20-2017

HDFS folder permissions to prevent access to Hive tables

[ Edited ]

Hello,

 

I have a CDH 5.11 cluster. Users are authenticated using KDC.

 

I want to restrict access to Hive databases to specific users, who will be able to:

 

  1. access only specific databases
  2. submit spark jobs to the cluster

 

Can I achieve this without Sentry, by configuring HDFS files/floders permissions? There are only few databases (4).

 

 

Thank you,

Gerasimos

Highlighted
New Contributor
Posts: 5
Registered: ‎09-25-2017

Re: HDFS folder permissions to prevent access to Hive tables

I think you are trying to find easy but unsecure solution to your problem. if you want to limit your users to reach your certain databases, file restriction wouldnt be a primary solution.

Try to set up sentry , it is invented especially for these kinds of task.

 

here is the link:

https://www.cloudera.com/documentation/enterprise/5-7-x/topics/sg_sentry_service_config.html

 

Explorer
Posts: 11
Registered: ‎09-20-2017

Re: HDFS folder permissions to prevent access to Hive tables

Thank you. I am aware of Sentry as I mentioned, but tried to exhaust any other alternatives.
New Contributor
Posts: 5
Registered: ‎09-25-2017

Re: HDFS folder permissions to prevent access to Hive tables

you can try to restrict permissions on hive metadata for a specific table or even database

for example: if your cluster metadata is set up with mysql, you can limit the user access on metadata permission.

Announcements