Managing YARN queue users
To manage users of secure YARN queues, you need to know how to configure impersonation.
To allow access to YARN queues, as Administrator, you configure HiveServer user
impersonation. To manage YARN queues, you need the following behavior:
- User submits the query through HiveServer (HS2) to the YARN queue
- Tez app starts for the user
- Access to the YARN queue is checked for this user.
As administrator, you can allocate resources to different users.
You configure HiveServer not to use impersonation (doas=false). HiveServer
authorizes only the hive user, not the connected end user, to access Hive
tables and YARN queues unless you also configure the following parameter:
hive.server2.tez.queue.access.check=true
