Hortonworks Docs » Data Platform 3.0.0 » Apache ZooKeeper ACLs
Apache ZooKeeper ACLs
Also available as:
PDF

ZooKeeper ACLs Best Practices: Oozie

You must follow the best practices for tightening the ZooKeeper ACLs or permissions for Oozie when provisioning a secure cluster.

  • ZooKeeper Usage:

    • Used to coordinate multiple Oozie servers.

  • Default ACLs:

    In a secure cluster, Oozie restricts the access to Oozie Znodes to the oozie principals only using Kerberos backed ACLs.

    • /oozie - node that stores oozie server information in HA mode

    Default ACLs:

    • /oozie - world:anyone:cdrwa

  • Security Best Practice ACLs/Permissions and Required Steps:

    • Set oozie.zookeeper.secure to secure

© 2012–2019, Hortonworks, Inc.
Document licensed under the Creative Commons Attribution ShareAlike 4.0 License.
Hortonworks.com | Documentation | Support | Community