Using HuePDF version

Accessing S3 bucket from Hue in Cloudera Data Warehouse with RAZ

Hue offers you the capability to browse S3 buckets, upload files to S3, and create tables by importing files from S3. With Ranger Authorization (RAZ), you can grant fine-grained access to per-user home directories.

If you have enabled RAZ while registering your AWS environment with Cloudera, then Hue uses RAZ as the default mechanism for enabling the S3 File Browser. Before you can enable the S3 File Browser in Hue, you must complete the following prerequisites:
  1. Follow the instructions listed in Introduction to RAZ on AWS environments to register an AWS environment with the Enable Ranger authorization for AWS S3 option enabled. You can use the Cloudera web interface or the Cloudera CLI to complete this task.
  2. Log in to the Cloudera Management Console as a DWAdmin or DWUser and go to the Cloudera Data Warehouse service.
  3. Click > Open Ranger on your Database Catalog.
  4. Create the following Ranger policies:
    1. Hadoop SQL policy (all - database, table, column, all - url).
      You must grant permissions to individual users or groups in these Ranger policies. To grant permissions to all users, you can specify {USER} in the Permission section.
    2. S3 (cm_S3) policy (Default: User Home)
      You must grant permissions to the following users in the Permissions section for the user home directory (/user/{USER}): {USER}.
      Specify the bucket name in the S3 Bucket field and the directory path in the Path field of the cm_S3 Ranger policy.
    3. S3 (cm_S3) policy (Default: user)
      You must grant permissions to the following users in the Permissions section for the root directory (/user/): hive, impala.
  5. You must also grant appropriate permissions to the users in Cloudera User Management Service (UMS). For example, EnvironmentUser.

We want your opinion

How can we improve this page?

What kind of feedback do you have?