Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Apache Sentry - HDFS ACL

Apache Sentry - HDFS ACL

Expert Contributor

Does Sentry allow us to override ACLs of files in hdfs similar to the way apache ranger does? Can we manage permissions as to who can access hdfs directories and files using Sentry?

 

Thanks

Ahmad 

1 REPLY 1
Highlighted

Re: Apache Sentry - HDFS ACL

Super Collaborator

Hi,

 

Unless it has changed since I last used sentry (which is possible), it is a little different than how ranger works.

 

In ranger you can explicitely defined security rules for HDFS.

 

In Sentry, there is a plugin that synchronize the Hive/Impala security rules with HDFS ACLs (on a list of HDFS directories). What does it means ?

- If you grant "SELECT" permissions on a table for a group, then it will give "read" permission on HDFS on the folder of that table.

- If you grant "INSERT" permissions on a database for a group, then it will give "write" permission on HDFS on the root folder of the database.

- etc.

 

https://www.cloudera.com/documentation/enterprise/latest/topics/sg_hdfs_sentry_sync.html

 

regards,

Mathieu

 

 

 

 

Don't have an account?
Coming from Hortonworks? Activate your account here