Apache Spark Component Guide
Also available as:
PDF
loading table of contents...

Spark SQL User Impersonation

When user impersonation is enabled for Spark SQL through the Spark Thrift server, the Thrift server runs queries as the submitting user. By running queries under the user account associated with the submitter, the Thrift Server can enforce user level permissions and access control lists. This enables granular access control to Spark SQL at the level of files or tables. Associated data cached in Spark is visible only to queries from the submitting user.

Spark SQL user impersonation is supported for Apache Spark 1 versions 1.6.3 and later. To enable user impersonation, see Enabling User Impersonation for the Spark Thrift Server. The following paragraphs illustrate several features of user impersonation.