Once Kerberos is enabled, it is possible to get a listing of the expected Kerberos principals and keytab files. This data is typically used when manually managing the Kerberos Identities for the Ambari cluster and may be easily downloaded as a CSV file from the Enable Kerberos Wizard in the Ambari UI.
After Kerberos is enabled in Ambari, details about the expected Kerberos Identities may be obtained using the following REST API call:
Note: replace :cluster_name with the name of your cluster.
The result of this query is a JSON formatted document containing a high level listing of the expected identities.
In many cases, this may be good enough. However there may be a need to get this data in a different format, especially when using the data in a script. In that case, it is possible to retrieve this as CSV formatted data by appending format=CSV to the query: