SQL Client security
Before launching the SQL Client, you need to use the kinit command to have Kerberos authentication for the client. You also need to add the keytab files for starting the YARN session to use the SQL Client in a secured environment.
In Kerberos protected environments, you must use
kinit <principal> before
flink-sql-client. The CLI does not support keytab based Kerberos
flink-sql-clientis connected to should be started with Kerberos keytab and principal properties:
flink-yarn-session -tm 2096 -s 2 -d -nm "<application_name>" \ -D security.kerberos.login.principal=<username> \ -D security.kerberos.login.keytab=<keytab_name>