Provide user permissions

After the Accumulo on CDP service is added as part of the Operational Database powered by Apache Accumulo (OpDB), you have to provide privileges to the principal in which the Tracer is running.

Install the OpDB CSD file.
Install CDP and add the HDFS and ZooKeeper services to your deployment.
Install the OpDB parcel.
Add the Accumulo on CDP service.
Check the trace table.

Launch the Accumulo shell for the admin user.

Unsecure OpDB
Secure OpDB

$ accumulo shell -u root
Password: ******
Shell - Apache Accumulo Interactive Shell
-
- version: [***ACCUMULO VERSION NUMBER***]
- instance name: [***ACCUMULO INSTANCE NAME***]
- instance id: [***ACCUMULO INSTANCE ID***]
-
- type 'help' for a list of available commands
-
root@accumulo>

kinit -kt /var/run/cloudera-scm-agent/process/[***TIMESTAMP***]-[***SERVICE NAME***]-[***INSTANCE NAME***]/accumulo_on_cdp.keytab accumulo/$[***HOSTNAME***]
accumulo shell
Shell - Apache Accumulo Interactive Shell
-
- version: [***ACCUMULO VERSION NUMBER***]
- instance name: [***ACCUMULO INSTANCE NAME***]
- instance id: [***ACCUMULO INSTANCE ID***]
-
- type 'help' for a list of available commands
-
accumulo/hostname@REALM.COM@accumulo>

Add READ, WRITE, and ALTER_TABLE privileges to the principal in which the Tracer is running.
- Unsecure OpDB
- Secure OpDB
grant Table.READ -t trace -u trace grant Table.WRITE -t trace -u trace grant Table.ALTER_TABLE -t trace -u trace
'grant Table.READ -t trace -u accumulo/hostname@REALM.COM' 'grant Table.WRITE -t trace -u accumulo/hostname@REALM.COM' 'grant Table.ALTER_TABLE -t trace -u accumulo/hostname@REALM.COM'
In an unsecure OpDB deployment if you configured the trace user with a _HOST instance component, you must repeat this command with an instance for each host that will run a Tracer or Monitor role.
Start all Tracer role.

Verify your OpDB installation.