https://community.cloudera.com/t5/Archives-of-Support-Questions/restrict-hbase-users-in-ambari/m-p/141660#M48188 <P>@<A href="https://community.hortonworks.com/users/2302/arunpoy.html">ARUN</A></P><P>I do not see any option from ambari side to do that. However you should be able to set the ACL via HBase itself as described in: <A href="http://hbase.apache.org/0.94/book/hbase.accesscontrol.configuration.html" target="_blank">http://hbase.apache.org/0.94/book/hbase.accesscontrol.configuration.html</A></P><P>The <STRONG>"hbase:acl"</STRONG> table defines Access Control Lists which helps us in to limiting the privileges of users to hbase table.</P><P>You must set the ACLs for all those users who will be responsible for create/update/delete operations in HBase. As by default every once can access others table.</P><P>HBase ACLs support the following privileges:</P><P>a)Read</P><P>b)Write</P><P>c)Create tables</P><P>d)Administrator</P><P><STRONG>Example: </STRONG></P><P><STRONG></STRONG>1. Start the HBase shell. On the HBase Master host: </P><PRE>hbase shell </PRE><P>2. Set ACLs using the HBase shell: </P><PRE>grant '$USER', '$permissions'</PRE><P><STRONG>Ranger: </STRONG></P><P>You can also create Ranger policies by issuing grant/revoke commands via hbase shell.</P><P>As described in <EM>Page-25</EM> in the following slide: <A href="http://www.slideshare.net/Hadoop_Summit/securing-hadoop-with-apache-ranger" target="_blank">http://www.slideshare.net/Hadoop_Summit/securing-hadoop-with-apache-ranger</A></P><P>.</P> Wed, 07 Dec 2016 21:09:14 GMT Former Member 2016-12-07T21:09:14Z https://community.cloudera.com/t5/Archives-of-Support-Questions/restrict-hbase-users-in-ambari/m-p/141659#M48187 <P>By default hbase allows all users to drop hbase tables and delete rows. How to prevent the users from doing drop and delete from ambari. i remember using it through the property hbase.superuser. the above property has just hbase in its value. any thoughts</P> Wed, 07 Dec 2016 20:01:15 GMT https://community.cloudera.com/t5/Archives-of-Support-Questions/restrict-hbase-users-in-ambari/m-p/141659#M48187 arunpoy 2016-12-07T20:01:15Z https://community.cloudera.com/t5/Archives-of-Support-Questions/restrict-hbase-users-in-ambari/m-p/141660#M48188 <P>@<A href="https://community.hortonworks.com/users/2302/arunpoy.html">ARUN</A></P><P>I do not see any option from ambari side to do that. However you should be able to set the ACL via HBase itself as described in: <A href="http://hbase.apache.org/0.94/book/hbase.accesscontrol.configuration.html" target="_blank">http://hbase.apache.org/0.94/book/hbase.accesscontrol.configuration.html</A></P><P>The <STRONG>"hbase:acl"</STRONG> table defines Access Control Lists which helps us in to limiting the privileges of users to hbase table.</P><P>You must set the ACLs for all those users who will be responsible for create/update/delete operations in HBase. As by default every once can access others table.</P><P>HBase ACLs support the following privileges:</P><P>a)Read</P><P>b)Write</P><P>c)Create tables</P><P>d)Administrator</P><P><STRONG>Example: </STRONG></P><P><STRONG></STRONG>1. Start the HBase shell. On the HBase Master host: </P><PRE>hbase shell </PRE><P>2. Set ACLs using the HBase shell: </P><PRE>grant '$USER', '$permissions'</PRE><P><STRONG>Ranger: </STRONG></P><P>You can also create Ranger policies by issuing grant/revoke commands via hbase shell.</P><P>As described in <EM>Page-25</EM> in the following slide: <A href="http://www.slideshare.net/Hadoop_Summit/securing-hadoop-with-apache-ranger" target="_blank">http://www.slideshare.net/Hadoop_Summit/securing-hadoop-with-apache-ranger</A></P><P>.</P> Wed, 07 Dec 2016 21:09:14 GMT https://community.cloudera.com/t5/Archives-of-Support-Questions/restrict-hbase-users-in-ambari/m-p/141660#M48188 Former Member 2016-12-07T21:09:14Z