Appendix-A: Native authorizers in Ozone

The native authorizer helps manage permissions within the Ozone data store.

You can set the permissions either at the key level or the prefix level (volumes and buckets treated as prefixes) similar to HDFS. The following examples show the Access Control List (ACL) commands using the native authorizer:
#Add ACL at volume level 
> ozone sh volume addacl /volume1 -a user:testuser2/HOST@EXAMPLE.COM:xyrw

#Add ACL at bucket level 
> ozone sh bucket addacl /volume2/bucket2 -a user:testuser2/HOST@EXAMPLE.COM:xyrw

#Get ACL
> ozone sh bucket getacl /${volume3}/bk1