Friday, 6 April 2018

Hadoop Security: HBASE AUTHORISATION


HBase access levels are as below.


1. Read (R) - can read data 
2. Write (W) - can write data 
3. Execute (X) - can execute 
4. Create (C) - can create tables or drop tables 
5. Admin (A) - can perform cluster operations such as balancing the cluster or assigning regions.

STEPS TO IMPLEMENT IN HBASE:

Become hbase principal using hbase keytab

From the hbase shell, once can execute below commands:

Example 1: Grant ‘hadoop’ user full access to table ‘my_table’

grant 'hadoop', 'RWXAC', 'my_table'

Example 2: Grant group ‘test-ops’ full access to a namespace.

grant '@groupname', 'RWXAC', '@namespace'

Example 3 : Grant read access privilege group 'test-ops’  to a namespace.

grant '@groupname', 'RX', '@namespace'

Commands to get the permission details of tables/namespace:

1. hbase> user_permission
2. hbase> user_permission '@ns1'
3. hbase> user_permission '@.*'
4. hbase> user_permission '@^[a-c].*'
5. hbase> user_permission 'table1'
6. hbase> user_permission 'namespace1:table1'
7. hbase> user_permission '.*'
8. hbase> user_permission '^[A-C].*'

Reference:  





No comments:

Post a Comment

Note: only a member of this blog may post a comment.