Chapter 6. Storm Security Properties

The following table lists important Storm security properties.

Configuration PropertyDescriptionExample
nimbus.authorizer

This is a pluggable authorizer for a Storm Nimbus node. SimpleACLAuthorizer is the default implementation.

Note: Admins can also grant permissions via the Ranger authorizer UI. For more information, see the Ranger User's Guide.

"backtype.storm.security.auth.authorizer.SimpleACLAuthorizer"
nimbus.admins

Add Nimbus admin users. These users will have super user permissions on all topologies deployed, and will be able to perform other admin operations (such as rebalance, activate, deactivate and kill), even if they are not the owners of the topology.

By default, only users who deployed the topologies have access to admin operations such as rebalance, activate, deactivate, and kill.

"John"

"Abc"

topology.users:

This and the following config can be added as part of the topology file. The users listed in this setting will have owner privileges for the specified topology.

Config conf = new Config() 
conf.put(”topology.users”,Lists.newArrayList(“test_user1”,”test_user2")); 
StormSubmitter.submitTopology(topologyName, conf, builder.createTopology()); 
topology.groupsSimilar to topology.users. Use this to add group-level permissions to a topology.
Config conf = new Config() 
conf.put(”topology.groups”,Lists.newArrayList(“test_group1”,”test_group2")); 
StormSubmitter.submitTopology(topologyName, conf, builder.createTopology());