Admin ACLs
Use the YARN Admin ACLs to allow users to run YARN administrator sub-commands, which
are executed via the yarn rmadmin <command>.
The default YARN Admin ACL is set to the wildcard character (*),
meaning all users and groups have YARN Administrator access and
privileges. So after YARN ACL enforcement is enabled, (via the
yarn.acl.enable property) every user has YARN ACL
Administrator access. Unless you wish for all users to have YARN
Admin ACL access, edit the yarn.admin.acl setting
upon initial YARN configuration, and before enabling YARN ACLs.
A typical YARN Admin ACL looks like the following, where the
system's Hadoop administrator and multiple groups are granted
access:
hadoopadmin<space>yarnadmgroup,hadoopadmgroup