Appendix-A: Native authorizers in Ozone
The native authorizer helps manage permissions within the Ozone data store.
You can set the permissions either at the key level or the prefix level (volumes and
buckets treated as prefixes) similar to HDFS. The following examples show the Access
Control List (ACL) commands using the native authorizer:
#Add ACL at volume level
> ozone sh volume addacl /volume1 -a user:testuser2/HOST@EXAMPLE.COM:xyrw
#Add ACL at bucket level
> ozone sh bucket addacl /volume2/bucket2 -a user:testuser2/HOST@EXAMPLE.COM:xyrw
#Get ACL
> ozone sh bucket getacl /${volume3}/bk1