Support Questions
Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Advanced Search

Apache Sentry - HDFS ACL

Labels:
afdebbas
Expert Contributor

Created ‎10-24-2017 11:38 PM

Does Sentry allow us to override ACLs of files in hdfs similar to the way apache ranger does? Can we manage permissions as to who can access hdfs directories and files using Sentry?

 

Thanks

Ahmad 

Reply
1,391 Views
0 Kudos
1 REPLY 1

Re: Apache Sentry - HDFS ACL

mathieu.d
Super Collaborator

Created ‎10-25-2017 02:44 AM

Hi,

 

Unless it has changed since I last used sentry (which is possible), it is a little different than how ranger works.

 

In ranger you can explicitely defined security rules for HDFS.

 

In Sentry, there is a plugin that synchronize the Hive/Impala security rules with HDFS ACLs (on a list of HDFS directories). What does it means ?

- If you grant "SELECT" permissions on a table for a group, then it will give "read" permission on HDFS on the folder of that table.

- If you grant "INSERT" permissions on a database for a group, then it will give "write" permission on HDFS on the root folder of the database.

- etc.

 

https://www.cloudera.com/documentation/enterprise/latest/topics/sg_hdfs_sentry_sync.html

 

regards,

Mathieu

 

 

 

 

Reply
1,381 Views
0 Kudos
Don't have an account?
Register
Announcements
What's New @ Cloudera
Cloud Resource Validation tool (cdpctl) provides pre-validation of cloud resources, significantly reducing onboarding time
What's New @ Cloudera
Cloudera Machine Learning now enables administrators to register custom ML Runtimes
What's New @ Cloudera
Cloudera Machine Learning Runtimes are replacing Legacy Engines
What's New @ Cloudera
Cloudera Data Engineering (CDE) service diagnostic bundles improves service visibility and troubleshooting
What's New @ Cloudera
CDP Operational Database enables customers to use Spark with database through both SQL & NoSQL interfaces
View More Announcements