Support Questions

Find answers, ask questions, and share your expertise

Cloudbreak HDP instances require owner access to azure ADLS?

avatar
Master Guru

I launched a HDP instance on azure via Cloudbreak and added my ADLS information prior to creation. I am reading this tutorial:

https://community.hortonworks.com/articles/105994/how-to-configure-authentication-with-adls.html

which mentions to assign app owner role to ADLS. My app has contributor role and owner role is not allowed as the enterprise owns it (ADLS) and will not provide me such access. Is there any way for my app with contributor role to use ADLS?

Here is the error I get:

[cloudbreak@sparky-m1 bin]$ hadoop fs -ls adl://xxxxx.azuredatalakestore.net
ls: GETFILESTATUS failed with error 0x83090aa2 (Forbidden. ACL verification failed. Either the resource does not exist or the user is not authorized to perform the requested operation.). [e300ca0f-5b03-48d8-a63a-e66175efe18a][2018-08-16T14:23:24.5402535-07:00] [ServerRequestId:e300ca0f-5b03-48d8-a63a-e66175efe18a]
1 ACCEPTED SOLUTION

avatar

@sunile.manjee

That tutorial is not 100% correct, you can set fine grained RWX ACL permissions for your application to the files and folders of your ADLS account, as documented here and setting those properly should be enough to work with your ADLS account without granting the application any roles.

Hope this helps!

View solution in original post

2 REPLIES 2

avatar

@sunile.manjee

That tutorial is not 100% correct, you can set fine grained RWX ACL permissions for your application to the files and folders of your ADLS account, as documented here and setting those properly should be enough to work with your ADLS account without granting the application any roles.

Hope this helps!

avatar

@sunile.manjee I updated the tutorial to include @pdarvasi's suggestion as a note.