Community Articles
Find and share helpful community-sourced technical articles
Labels (1)

This article just gives an example of how grant/revoke works when hive plugin is enabled with Ranger.

Doc reference - https://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.6.5/bk_security/content/user_access_hive_db_tab...

A user who is admin in Ranger, can manage access to hive tables via grant/revoke operation.

In Ranger UI -> Settings -> Users and Groups -> Users

User “hive” is in Role “Admin” -

93659-screen-shot-2018-11-17-at-100100-pm.png

On the beeline, login as user hive:

[hive@c141-node5 root]$ beeline -u "jdbc:hive2://c141-node4.pitot.com:2181,c141-node3.pitot.com:2181,c141-node2.pitot.com:2181/;serviceDiscoveryMode=zooKeeper;zooKeeperNamespace=hiveserver2" -n hive

Run the grant command to give select privileges on a table:

93660-grant-select.png

In Ranger a new policy is created by that command:

93661-screen-shot-2018-11-17-at-101303-pm.png

Similarly a revoke run, user mugdha will be removed from the policy:

0: jdbc:hive2://c141-node4.pitot.com:2181,c14> revoke select on pageviews from user mugdha;
No rows affected (0.169 seconds)
0: jdbc:hive2://c141-node4.pitot.com:2181,c14>
872 Views
Don't have an account?
Version history
Revision #:
2 of 2
Last update:
‎08-17-2019 05:47 AM
Updated by:
 
Contributors
Top Kudoed Authors