Configure ACLs for Application Priorities

Configure Priority ACLs to ensure that only select users can submit applications with a specified priority to a queue. You must configure these Priority ACLs at the leaf queue-level.

If ACLs are already configured for user access to a leaf queue, then the Priority ACLs for the queue can include only those users with access to that queue.

Set the following property in the capacity-scheduler.xml file to set the Priority ACLs:


<property>
    <name>yarn.scheduler.capacity.<leaf-queue-path>.acl_application_max_priority</name>
    <value>[user={username} group={groupname} max_priority={priority} default_priority={priority}]
    </value>
    <description>
      The ACL of users who can submit applications with configured priority.
    </description>
</property>

The following example shows how you can configure Priority ACLs for a user maria and for the users of a group hadoop:


yarn.scheduler.capacity.root.queue1.acl_application_max_priority=[user=maria group=hadoop max_priority=7 default_priority=4]

The user maria and the users of the hadoop group can submit applications with a maximum priority of 7.