Kudu authorization policies

Review the authorization policies that are enforced by Kudu masters and Kudu tablet servers.

Policy for Kudu masters

The following authorization policy is enforced by Kudu masters:
Table 1. Authorization Policy for Masters
Operation Required Privilege
CreateTable CREATE ON DATABASE
CreateTable with a different owner specified than the requesting user ALL ON DATABASE with the Sentry GRANT OPTION.
DeleteTable DROP ON TABLE
AlterTable (with no rename) ALTER ON TABLE
AlterTable (with rename) ALL ON TABLE <old-table> and CREATE ON DATABASE <new-database>
IsCreateTableDone METADATA ON TABLE
IsAlterTableDone METADATA ON TABLE
ListTables METADATA ON TABLE
GetTableLocations METADATA ON TABLE
GetTableSchema METADATA ON TABLE
GetTabletLocations METADATA ON TABLE

Policy for Kudu tablet servers

The following authorization policy is enforced by Kudu tablet servers:
Table 2. Authorization Policy for Tablet Servers
Operation Required Privilege
Scan

SELECT ON TABLE, or

METADATA ON TABLE and SELECT ON COLUMN for each projected column and each predicate column

Scan (no projected columns, equivalent to COUNT(*))

SELECT ON TABLE, or

SELECT ON COLUMN for each column in the table

Scan (with virtual columns)

SELECT ON TABLE, or

SELECT ON COLUMN for each column in the table

Scan (in ORDERED mode) <privileges required for a Scan> and SELECT ON COLUMN for each primary key column
Insert INSERT ON TABLE
Update UPDATE ON TABLE
Upsert INSERT ON TABLE and UPDATE ON TABLE
Delete DELETE ON TABLE
SplitKeyRange SELECT ON COLUMN for each primary key column and SELECT ON COLUMNfor each projected column
Checksum User must be configured in --superuser_acl
ListTablets User must be configured in --superuser_acl