I have Zeppelin setup to access a hive databases.
Currently users authenticate with Zeppelin using LDAP. When they are authenticated they can work with hive table data via the hive interpreter.
What I want to know is what the best practices are for controlling write access on a per-user basis? Or at the very least how do I setup the hive interpreter so readonly access is allowed.
If you want to enforce Ranger rules on Hive access through Zeppelin, then you have to use the JDBC interpreter to access Hive through the Hive server, and this way you are able to define all the rules you want. If you are not going through JDBC/Hive server, then the rules that will be applied are the one defined on HDFS.
Generally, all your ACLs should be enforced using Ranger.
Hope this helps.