Enable authorization for HDFS web UIs
You can enforce authorization for the following HDFS web UIs: the NameNode, DataNode, and JournalNode.
- In the Cloudera Manager Admin Console, go to .
Navigate to the Configurations tab and search for the
HDFS Service Advanced Configuration Snippet (Safety Valve) for hdfs-site.xml.
Add a value for the
dfs.cluster.administratorsproperty.For example, a sample property might look like this:
- Description: ACL for the admins, this configuration is used to control who can access the default servlets in the namenode and so on. The value should be a comma separated list of users and groups. The user list comes first and is separated by a space followed by the group list. For example, user1,user2 group1,group2. Both users and groups are optional. So "user1", " group1", "", "user1 group1", "user1,user2 group1,group2" are all valid. You must note the leading space in " group1". '*' grants access to all users and groups, for example, '', ' ' and ' *' are all valid.
These values would allow the users and groups to the following web UIs: NameNode, DataNode, and JournalNode.
- Save the configuration.
- Restart all stale HDFS services.