Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: The Cloudera Community will undergo maintenance on Saturday, August 17 at 12:00am PDT. See more info here.

HDFS folder permissions to prevent access to Hive tables

HDFS folder permissions to prevent access to Hive tables

Rising Star

Hello,

 

I have a CDH 5.11 cluster. Users are authenticated using KDC.

 

I want to restrict access to Hive databases to specific users, who will be able to:

 

  1. access only specific databases
  2. submit spark jobs to the cluster

 

Can I achieve this without Sentry, by configuring HDFS files/floders permissions? There are only few databases (4).

 

 

Thank you,

Gerasimos

3 REPLIES 3
Highlighted

Re: HDFS folder permissions to prevent access to Hive tables

Explorer

I think you are trying to find easy but unsecure solution to your problem. if you want to limit your users to reach your certain databases, file restriction wouldnt be a primary solution.

Try to set up sentry , it is invented especially for these kinds of task.

 

here is the link:

https://www.cloudera.com/documentation/enterprise/5-7-x/topics/sg_sentry_service_config.html

 

Re: HDFS folder permissions to prevent access to Hive tables

Rising Star
Thank you. I am aware of Sentry as I mentioned, but tried to exhaust any other alternatives.

Re: HDFS folder permissions to prevent access to Hive tables

Explorer

you can try to restrict permissions on hive metadata for a specific table or even database

for example: if your cluster metadata is set up with mysql, you can limit the user access on metadata permission.