CREATE ROLE statement
statement creates a role to which privileges can be granted. Privileges can be granted to roles,
which can then be assigned to a group and the users belonging to the group will be assigned the
role. A user that has been assigned a role will only be able to exercise the privileges of that
role. Only users with administrative privileges can create/drop roles. By default, the
Impala users do not have administrative privileges in Ranger. For Impala
users to have administrative privileges in Ranger you must use Ranger Web UI and
CREATE ROLE role_name
Only administrative users can use this statement.
Impala makes use of any roles and privileges specified by the
REVOKE statements in Hive, and Hive makes use of any roles and privileges specified by the
REVOKE statements in Impala. The Impala
REVOKE statements for privileges do not require the
ROLE keyword to be
repeated before each role name, unlike the equivalent Hive statements.
Cancellation: Cannot be cancelled.
HDFS permissions: This statement does not touch any HDFS files or directories, therefore no HDFS permissions are required.