The username and/or group should be a user present in Linux and Kerberos that you have designated as the user responsible for managing keys on your cluster, and you can use an existing user/group or create a new one as makes sense in your environment. Typically this would be a group of administrators who you would entrust to configure security for you, so that only one user or a handful of users can grant access.
... View more
