Configuring Authentication with Kerberos
Also available as:
PDF
loading table of contents...

Kerberos Storm Security Properties

A reference table that lists important Storm security properties.

Configuration Property Description Example
nimbus.authorizer

This is a pluggable authorizer for a Storm Nimbus node. SimpleACLAuthorizer is the default implementation.

Note: Admins can also grant permissions via the Ranger authorizer UI. For more information, see the Ranger User's Guide.

"org.apache.storm.security.auth.authorizer.SimpleACLAuthorizer"
nimbus.admins

Add Nimbus admin users. These users will have super user permissions on all topologies deployed, and will be able to perform other admin operations (such as rebalance, activate, deactivate and kill), even if they are not the owners of the topology.

By default, only users who deployed the topologies have access to admin operations such as rebalance, activate, deactivate, and kill.

"John"

"Abc"

topology.users:

This and the following config can be added as part of the topology file. The users listed in this setting will have owner privileges for the specified topology.

Config conf = new Config() 
conf.put(”topology.users”,Lists.newArrayList(“test_user1”,”test_user2")); 
StormSubmitter.submitTopology(topologyName, conf, builder.createTopology());
topology.groups Similar to topology.users. Use this to add group-level permissions to a topology.
Config conf = new Config() 
conf.put(”topology.groups”,Lists.newArrayList(“test_group1”,”test_group2")); 
StormSubmitter.submitTopology(topologyName, conf, builder.createTopology());