hive整合sentry,impala,hue之后权限管理操作
Posted gxc2015
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了hive整合sentry,impala,hue之后权限管理操作相关的知识,希望对你有一定的参考价值。
7.Hive授权参考(开启sentry之后,对用户授权用不了,只能针对用户组,grant role testrole to user xxxxxxx; )
7.1:角色创建和删除
create role test;
drop role test;
grant role star_read to group star_read;
7.2:角色授权和取消授权
7.2.1:表授权给角色
grant select on table test_table to role role_name(针对表级赋予角色权限);
grant select on database hbase_db to role hbase_read(针对数据库级赋予角色权限);
revoke select on table test_table to role role_name(取消权限);
7.2.1:列授权给角色
grant select(column1,column2) on table test_table to role role_name;
revoke select(column1,column2) on table test_table to role role_name;
7.3:组授权和取消授权
grant role role_name to group user_group;
revoke role role_name to group user_group;
注意:Sentry适用于用户组授权,不适用于用户授权;
8.查看赋予的权限
show grant role aragon on database hbase_db(查看角色aragon有数据库hbase_db哪些权限);
show role grant group star_read;(查看哪些角色赋予了star_read组)
+-----------+--------+------------+---------+-----------------+-----------------+------------+---------------+-------------------+----------+--+
| database | table | partition | column | principal_name | principal_type | privilege | grant_option | grant_time | grantor |
+-----------+--------+------------+---------+-----------------+-----------------+------------+---------------+-------------------+----------+--+
| hbase_db | | | | aragon | ROLE | select | false | 1535966545398000 | -- |
+-----------+--------+------------+---------+-----------------+-----------------+------------+---------------+-------------------+----------+--+
以上是关于hive整合sentry,impala,hue之后权限管理操作的主要内容,如果未能解决你的问题,请参考以下文章
0031-如何在CDH启用Kerberos的情况下安装及使用Sentry
Hadoop,Zookeeper,Hbase,Hive,Spark,Kafka,CDH,impala,azkaban,oozie,hue中webui常用端口