Support Questions
Find answers, ask questions, and share your expertise

MIT principal and keytab management via Amabari 2.1.2

Contributor

Can I use Ambari 2.1.2 (API or other) to manage principals and keytab deployments for non-ambari controlled services?

1 ACCEPTED SOLUTION

Accepted Solutions

Re: MIT principal and keytab management via Amabari 2.1.2

No, this is not supported.

View solution in original post

3 REPLIES 3

Re: MIT principal and keytab management via Amabari 2.1.2

No, this is not supported.

View solution in original post

Re: MIT principal and keytab management via Amabari 2.1.2

Re: MIT principal and keytab management via Amabari 2.1.2

Ambari can only manage the principals and keytabs for the services managed by it. The pricipal and keytabs are actually provided as part of the configuration files with the stack definition.

For e.g. for Storm, looking at the stack , you can see -

....

          "name": "storm_components",
          "principal": {
            "value": "${storm-env/storm_user}-${cluster_name}@${realm}",
            "type": "user",
            "configuration": "storm-env/storm_principal_name"
          },
          "keytab": {
            "file": "${keytab_dir}/storm.headless.keytab",
            "owner": {
              "name": "${storm-env/storm_user}",
              "access": "r"
            },
....

Ambari does not support managing principals and keytabs of other components that are outside its purview.