Community Articles
Find and share helpful community-sourced technical articles
Labels (2)
Cloudera Employee

If a user has partial access to a Hive table access via ranger policies, he/she won’t be able to run the describe statement against this table. As per screenshot below, user “yarn” has access to all columns of customer table except column “c_last_name”.

If user “yarn” tries to run “describe customer;” a Permission Denied message will be displayed.

To overcome this inconvenience, we can add “xasecure.hive.describetable.showcolumns.authorization.option=show-all” property in “Custom ranger-hive-security” section in Hive configs via ambari and restart Hive service

Once restart is done, try running the describe statement again. We should be able to see the table description.

328 Views
0 Kudos