You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@hive.apache.org by Mainak Ghosh <mg...@twitter.com> on 2019/06/06 23:53:54 UTC
Restrict users from creating tables in default warehouse
Hello,
We are trying to restrict our customers from creating new tables in the default warehouse and encourage them to create their own warehouses for simpler maintenance. Can you suggest some ways we can achieve this?
Thanks and Regards,
Mainak
Re: Restrict users from creating tables in default warehouse
Posted by Kristopher Kane <kk...@gmail.com>.
Authorization, rather.
On Thu, Jun 13, 2019 at 10:51 AM Kristopher Kane <kk...@gmail.com> wrote:
>
> You really have no choice with storage based authentication.
>
> On Fri, Jun 7, 2019 at 12:24 PM Mainak Ghosh <mg...@twitter.com> wrote:
> >
> > Hey Alan,
> >
> > Thanks for replying. We are currently using storage based authorization and Hive 2.3.2. Unfortunately, we found that the default warehouse path requires a 777 file permission. Let us know if we completely misunderstood this requirement.
> >
> > As a result, users now have the ability to create tables in default warehouse. I can look into grant and revoke statements.
> >
> > Mainak
> >
> > On Jun 6, 2019, at 9:30 PM, Alan Gates <al...@gmail.com> wrote:
> >
> > The easiest way to do this is through grant and revoke statements and/or file permissions. Hive has several authorization schemes (storage based auth, sql standard auth, integration with Ranger and Sentry) added over several releases. Which version of Hive are you using and which, if any, of these authorization schemes?
> >
> > Alan.
> >
> > On Thu, Jun 6, 2019 at 4:54 PM Mainak Ghosh <mg...@twitter.com> wrote:
> >>
> >> Hello,
> >>
> >> We are trying to restrict our customers from creating new tables in the default warehouse and encourage them to create their own warehouses for simpler maintenance. Can you suggest some ways we can achieve this?
> >>
> >> Thanks and Regards,
> >> Mainak
> >
> >
Re: Restrict users from creating tables in default warehouse
Posted by Kristopher Kane <kk...@gmail.com>.
You really have no choice with storage based authentication.
On Fri, Jun 7, 2019 at 12:24 PM Mainak Ghosh <mg...@twitter.com> wrote:
>
> Hey Alan,
>
> Thanks for replying. We are currently using storage based authorization and Hive 2.3.2. Unfortunately, we found that the default warehouse path requires a 777 file permission. Let us know if we completely misunderstood this requirement.
>
> As a result, users now have the ability to create tables in default warehouse. I can look into grant and revoke statements.
>
> Mainak
>
> On Jun 6, 2019, at 9:30 PM, Alan Gates <al...@gmail.com> wrote:
>
> The easiest way to do this is through grant and revoke statements and/or file permissions. Hive has several authorization schemes (storage based auth, sql standard auth, integration with Ranger and Sentry) added over several releases. Which version of Hive are you using and which, if any, of these authorization schemes?
>
> Alan.
>
> On Thu, Jun 6, 2019 at 4:54 PM Mainak Ghosh <mg...@twitter.com> wrote:
>>
>> Hello,
>>
>> We are trying to restrict our customers from creating new tables in the default warehouse and encourage them to create their own warehouses for simpler maintenance. Can you suggest some ways we can achieve this?
>>
>> Thanks and Regards,
>> Mainak
>
>
Re: Restrict users from creating tables in default warehouse
Posted by Mainak Ghosh <mg...@twitter.com>.
Hey Alan,
Thanks for replying. We are currently using storage based authorization and Hive 2.3.2. Unfortunately, we found that the default warehouse path requires a 777 file permission. Let us know if we completely misunderstood this requirement.
As a result, users now have the ability to create tables in default warehouse. I can look into grant and revoke statements.
Mainak
> On Jun 6, 2019, at 9:30 PM, Alan Gates <al...@gmail.com> wrote:
>
> The easiest way to do this is through grant and revoke statements and/or file permissions. Hive has several authorization schemes (storage based auth, sql standard auth, integration with Ranger and Sentry) added over several releases. Which version of Hive are you using and which, if any, of these authorization schemes?
>
> Alan.
>
> On Thu, Jun 6, 2019 at 4:54 PM Mainak Ghosh <mghosh@twitter.com <ma...@twitter.com>> wrote:
> Hello,
>
> We are trying to restrict our customers from creating new tables in the default warehouse and encourage them to create their own warehouses for simpler maintenance. Can you suggest some ways we can achieve this?
>
> Thanks and Regards,
> Mainak
Re: Restrict users from creating tables in default warehouse
Posted by Alan Gates <al...@gmail.com>.
The easiest way to do this is through grant and revoke statements and/or
file permissions. Hive has several authorization schemes (storage based
auth, sql standard auth, integration with Ranger and Sentry) added over
several releases. Which version of Hive are you using and which, if any,
of these authorization schemes?
Alan.
On Thu, Jun 6, 2019 at 4:54 PM Mainak Ghosh <mg...@twitter.com> wrote:
> Hello,
>
> We are trying to restrict our customers from creating new tables in the
> default warehouse and encourage them to create their own warehouses for
> simpler maintenance. Can you suggest some ways we can achieve this?
>
> Thanks and Regards,
> Mainak