CREATE ROLE statement
statement creates a role to which privileges can be granted. Privileges can be granted to roles,
which can then be assigned to users. A user that has been assigned a role will only be able to
exercise the privileges of that role. Only users that have administrative privileges can
create/drop roles. By default, the
hue users have administrative privileges in Sentry.
CREATE ROLE role_name
Only administrative users (those with
ALL privileges on the server, defined in the Sentry
policy file) can use this statement.
Impala makes use of any roles and privileges specified by the
REVOKE statements in Hive, and Hive makes use of any roles and privileges specified by the
REVOKE statements in Impala. The Impala
REVOKE statements for privileges do not require the
ROLE keyword to be
repeated before each role name, unlike the equivalent Hive statements.
Cancellation: Cannot be cancelled.
HDFS permissions: This statement does not touch any HDFS files or directories, therefore no HDFS permissions are required.