Support Questions

james_jones · ‎06-29-2016

We are enabling the Ranger authorization in Hive, but previously we created roles & grants in beeline. Should we remove manually created Hive grants and roles in beeline before switching from StdSqlAuth to Ranger authorization or will magic happen? The roles we created match our AD group names in the policies. (HDP 2.4)

KuldeepK · ‎06-29-2016

@james.jones - I don't think so as you are modifying authorization property, it should not consider sql grants once you set authorization to Ranger.

Please also have a look at https://community.hortonworks.com/questions/28136/will-ranger-hive-plugin-override-existing-hive-sec...

View solution in original post

KuldeepK · ‎06-29-2016

@james.jones - I don't think so as you are modifying authorization property, it should not consider sql grants once you set authorization to Ranger.

Please also have a look at https://community.hortonworks.com/questions/28136/will-ranger-hive-plugin-override-existing-hive-sec...

james_jones · ‎06-29-2016

Awesome. Thanks. I wasn't sure if under the covers Ranger was just doing sql grants.

Cloudera Community

Support Questions

Should we remove Hive CLI roles & grants before enabling Ranger Authorization in Hive?