Creating a view from Spark
You can create a view of an Apache Hive table from a Spark client, such as SparkSQL, that only authorized users can access. You learn how authorization works and how to create the view.
- A Ranger policy grants you access to the view.
- A Ranger policy grants you access to the underlying Hive table.
Only Hive allows a Ranger Policy to grant access to a view on tables, which are otherwise restricted. Other engines will when querying the view, even if the view has been explicitly granted access. Exception: Spark can gain access a view/table through the Hive Warehouse Connector (HWC), as that can ensure proper authentication enforcement is in place.
- Obtain access to the view from a superuser who can create the Ranger policy.
- Obtain access to the underlying Hive table through a Ranger policy.
In SparkSQL, create a Spark view from SparkSQL of a Hive table named, for example, employee.
sparksql > CREATE VIEW emp_part AS SELECT name, age FROM employee;
In Hive, select the view.
Hive > SELECT * FROM emp_part;Only from Hive can you access the view. From other engines, such as Spark or Impala, authorization does not succeed.