02-03-2017 11:04 AM
We have HUE 3.11 running with HDFS 2.7.3 version. We are working on, how to control HUE user access to S3 storage buckets and folders. Currently all user can see all s3 storage buckets and its folders. Please suggest solution on how we can limit access to S3 storage based on user roles.
Technologies, we are using are:
Solved! Go to Solution.
02-03-2017 12:02 PM
You may need to follow the ACL conept, pls refer the below link, it has very high level information about security
02-06-2017 09:05 AM
03-09-2017 12:15 PM - edited 03-09-2017 12:17 PM
The link you have provided is talking about Hadoop ACLs.
Issue here is how I can control access to S3 buckets and objects based on HUE (3.11) login credentials. I mean when I login to HUE with my credentials, I should see S3 object only i have Privilieges (Read, write,Delete). Appreciate any thoughts to resolve this issue.
03-09-2017 12:31 PM
For object based security you have to implement Sentry
1. Install Kerberos (Pre-request: for Sentry)
2. Enabling Kerberos Authentication for Hadoop (Pre-request: Kerberos Installation is different from enable Kerberos to Hadoop)
3. Add Sentry Service in cluster
4. Enable Sentry service for Hive & Impala.
5. Create necessary groups, users in OS and match the same with Hue. You can try this manually for few users/group for testing purpose...
Ex: For Role creation
03-27-2017 08:36 AM