Creating a default directory for managed tables
You can specify a top-level directory for managed tables when creating a Hive database.
Create a default directory for managed tables only after limiting CREATE
DATABASE and ALTER DATABASE statements to users having the Admin role, which has
hive
service user permissions. Permissions to the managed
directory must be limited to the hive
service user. In addition to
restricting permissions to the hive
user, you can further secure
managed tables using Ranger fine-grained permissions, such as row-level filtering
and column masking.
hive.metastore.warehouse.dir
configuration
property to give managed tables a common location for governance policies. The managed
location designates a single root directory for all tenant tables, managed and external.
Setting the
metastore.warehouse.tenant.colocation
property to
true
allows a common location for managed tables outside the warehouse
root directory, providing a tenant-based common root for setting quotas and other
policies. To set this property, in Cloudera Manager use the Hive on Tez safety valve
for hive-site.xml as described in the next topic.
CREATE (DATABASE|SCHEMA) [IF NOT EXISTS] database_name
[COMMENT database_comment]
[LOCATION external_table_path]
[MANAGEDLOCATION managed_table_directory_path]
[WITH DBPROPERTIES (property_name=property_value, ...)];
Do not set LOCATION and MANAGEDLOCATION to the same file system
path.ALTER (DATABASE|SCHEMA) database_name SET MANAGEDLOCATION [managed_table_directory_path];
Configuring a table location outside the warehouse root directory
You need to know how to set the property that allows you to establish a common location for tables.