Cloudera Community

Archives of Support Questions (Read Only)

This is an archived board for historical reference. Information and links may no longer be available or relevant
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
This board is archived and read-only for historical reference. To ask a new question, please post a new topic on the appropriate active board.
Solved Go to solution

HDFS Encryption Error | root not allowed to do 'CREATE_KEY'

avatar
author-rank shashi_vish123
New Member

Created ‎05-05-2016 07:26 PM

I am using HDP sandbox with Ranger KMS installed as KMS Server. I fired below command on sandbox.

hadoop key create testKey

I got below exception as a result.

testKey has not been created. org.apache.hadoop.security.authorize.AuthorizationException: User:root not allowed to do 'CREATE_KEY' on 'testKey'

I am not able to create key for creating encryption zone. Do I need specific user for doing this.

Any pointer on this?

Note : I have kerberos enabled cluster.

4,323 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank shashi_vish123
New Member

Created ‎05-06-2016 10:54 AM

I referred same document for installation but it did not worked. After that I added hdfs user in Sandbox_kms poliy and after that key creation worked.

View solution in original post

3,256 Views
0 Kudos
2 REPLIES 2

avatar
author-rank ravi1 author-rank
Guru

Created ‎05-05-2016 08:28 PM

Take a look at KMS documentation

If you are sandbox, login to ranger as keyadmin/keyadmin, select sandbox_kms and add a key from there.

3,256 Views

avatar
author-rank shashi_vish123
New Member

Created ‎05-06-2016 10:54 AM

I referred same document for installation but it did not worked. After that I added hdfs user in Sandbox_kms poliy and after that key creation worked.

3,257 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Real time Monitoring for 7.1.9+ and 7.2.18+ with Cl...
What's New @ Cloudera
Announcing Cloudera Streaming Analytics 1.17: Python UDFs, S...
Community Announcements
Content Update: Evolving Our Community Content for Better, A...
Community Announcements
Product Name Updates — Community Label Changes & Notificatio...
What's New @ Cloudera
Announcing Cloudera Data Lineage for Trino
View More Announcements