Coffee With Hadoop: Coffee with permission configuration using Sentry on Hive Tables Via Hue

Tuesday 7 March 2017

Coffee with permission configuration using Sentry on Hive Tables Via Hue

Sentry

Sentry is an apache integrated project which brings secure, Fine-Grained,role based and multi-tenant administration to Hadoop ecosystem. Sentry is supported with Hive. It acts a layer between SQL parser and query execute engine and verifies the user issuing.

There are some factors that play part in sentry authorization

1. Resource

2. Privileges

3. Roles

4. Users and Groups

Roles:

Roles is a set of privileges. In the data processing, it is a module to combine multiple privileges required for a logical role.

Groups:

A set of users is called a Group. Sentry allows users to associate role to groups.

Actual Problem : We have two tables with name sample_07 and sample_08.We want that

sample_07 should have read and write access/permission for any users and sample_8 should has no access/permission denied for any user.

Configuration of Sentry on Hue with Hive

Following steps are used to configure the Sentry on Hue

1. Go to configuration file section and select [libsentry].

2. Allow Hue to connect to the service by adding the hue user to the following property in the /etc/sentry/conf/sentry-store-site.xml file.

<property>

<name>sentry.service.allow.connect</name>

<value>impala,hive,solr,hue</value>

</property>

Following steps need to be taken for resolving the given problem.

Step 1.Click on Security then click on Sentry Table

.

2.Database and tables privileges à click on default ,then select sample_07.

3. Add or select a role open dialog box will be open.

3.1 Name àWrite the role name.

3.2 Group à Write the group name.

3.3 Click on privileges then click on save.

To avoid unauthorized access from databases (tables) to users.

11.Select default database from “Databases and tables privileges option”.

2 2. “Add or select a role”, dialog box will open.

2.1 Name àWrite the role name.

2.2 Group à Write the group name.

33.Privileges àSelect àAll.

44. Click on with grant option.

Permission by Admin to particular user.

Step 1. Admin àManage users

Step 2. Select permission option àSecurity

Step 3. In the security option , you can choose the user whom you want to provide access of the database.

When other user will login into the Hue then user will not able to see any databases.

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)