Configure HBase for Access Control Lists (ACL)
Use the following instructions to configure HBase for ACL:
Open
kinit
as HBase user.Create a keytab for principal
hbase@REALM
and store it in thehbase.headless.keytab
file. See instructions provided here for creating principal and keytab file.Open
kinit
as HBase user. Execute the following command on your HBase Master:kinit -kt hbase.headless.keytab hbase
Start the HBase shell. On the HBase Master host machine, execute the following command:
hbase shell
Set ACLs using HBase shell:
grant '
$USER
', '$permissions
'where
$USER
is any user responsible for create/update/delete operations in HBase.Note You must set the ACLs for all those users who will be responsible for create/update/delete operations in HBase.
$permissions
is zero or more letters from the set "RWCA": READ('R'), WRITE('W'), CREATE('C'), ADMIN('A').