Support Questions
Find answers, ask questions, and share your expertise

How do I authorize users for access of Spark SQL Thrift Server?

Explorer

We have a Spark SQL Thrift Server running with Kerberos enabled. While Kerberos helps in authenticate users, I am not sure how I could authorize who could use what tables. We use "Ranger" and it has "hive" policies. I think this is more for "HS2" access. Does this also protect access via Spark-SQL Thrift server?

1 REPLY 1

Cloudera Employee

@Sarnath K, Do you mean Authentication or Authorization for Spark Thrift Server.

For Authentication you can Enable ACL's - http://spark.apache.org/docs/latest/security.html

Authorization for Spark can be done using

  • HDFS ACLs, which can also be managed using Ranger.
  • LLAP enabled Spark for Coloumn Security, in which reads from HDFS go directly through LLAP.

You can refer to the following KB Article - SPARKSQL, RANGER, AND LLAP VIA SPARK THRIFT SERVER FOR BI SCENARIOS TO PROVIDE ROW, COLUMN LEVEL SEC...

; ;