2. Hive Policy Creation

You can create policies in Hive at the Database Name, Table Name, and Column Name level.

To add a policy to a Hive repository, use the Hive Add Policy form.

Hive Policy Creation Console

Hive Add Policy Form

Complete the Hive Add Policy Form as follows:

 

Table 5.2. Hive Add Policy Fields

FieldDescription
Enter Policy NameEnter an appropriate policy name. This name cannot be duplicated across the system. This field is mandatory.
Select DataBase NameSelect the appropriate database. Multiple databases can be selected for a particular policy. This field is mandatory.
Table/UDF Drop-downTo continue adding a table-based policy, keep Table selected. To add a User Defined Function (UDF), select UDF.
Select Table NameFor the selected database, select table(s) for which the policy will be applicable.
Select Column NameFor the selected database and table(s), select columns for which the policy will be applicable.
Enter UDF NameWhen UDF is selected, this field displays in place of Select Table Name and Select Column Name. Enter the name of the User Defined Function that should be the subject of the new policy.
Audit LoggingSpecify whether this policy is audited. (De-select to disable auditing).
Group PermissionsSpecify the group to which this policy applies. To designate the group as an Administrator for the chosen research, specify Admin permission. (Administrators can create child policies based on existing policies).
User PermissionsSpecify a particular user to which this policy applies (outside of an already-specified group) OR designate a particular user as Admin for this policy (Administrators can create child policies based on existing policies).
Include/ExcludeFlags particular fields (table names or column names) as being included or excluded from consideration in the policy.
Enable/DisablePolicies are enabled by default. To restrict user or group access for the policy, select Disable.


Wild cards can be included in the resource path, in the database name, the table name, or column name:

  • * indicates zero or more occurrences of characters

  • ? indicates a single character