Security
Also available as:
PDF
loading table of contents...
Configure HBase for Access Control Lists (ACL)

Use the following instructions to configure HBase for ACL:

  1. Open kinit as HBase user.

    1. Create a keytab for principal hbase@REALM and store it in the hbase.headless.keytab file. See instructions provided Creating Service Principals and Keytab Files for HDP for creating principal and keytab file.

    2. Open kinit as HBase user. Execute the following command on your HBase Master:

      kinit -kt hbase.headless.keytab hbase
  2. Start the HBase shell. On the HBase Master host machine, execute the following command:

    hbase shell
  3. Set ACLs using HBase shell:

    grant '$USER', '$permissions'

    where

    • $USER is any user responsible for create/update/delete operations in HBase.

      [Note]Note

      You must set the ACLs for all those users who will be responsible for create/update/delete operations in HBase.

    • $permissions is zero or more letters from the set "RWCA": READ('R'), WRITE('W'), CREATE('C'), ADMIN('A').