Cloudera Docs

Enabling Sentry in the security browser

Enabling Sentry in the Hue Security Browser enables Sentry to work with Hue and other services, such as Hive and Impala.

  1. Set up an external database for Sentry metadata.

    For example:

    create database sentry default character set utf8 default collate utf8_general_ci;
grant all on sentry.* to 'sentry'@'%' identified by 'sentrypassword';
  2. Log in to Cloudera Manager and add the Sentry Service.
  3. Configure Sentry Admin Groups for applicable services and manually add the Hue user group.
  4. Enable Sentry Service for each applicable service installed:
    • Go to Hue > Configuration > Sentry Service, select Sentry radio button, and click Save Changes.
    • Repeat for Hive, Impala.
  5. Uncheck Hive > Configuration > HiveServer2 Enable Impersonation.
  6. Check HDFS > Configuration > Enable Access Control Lists.
  7. Ensure all changes are saved and restart applicable services. If necessary, restart the cluster.