Create a default directory for managed tables

You can specify a top level directory for managed tables when creating a Hive database.

Create a default directory for managed tables only after limiting CREATE DATABASE and ALTER DATABASE statements to users having the Admin role. Only in the Admin role can you ensure that the managed directory has the correct setup that restricts permissions to the directory for managed tables to the hive service user.

In addition to restricting permissions to the hive user, you can further secure managed tables using Ranger fine-grained permissions, such as row-level filtering and column masking.

As Admin, you specify a managed location within metastore.warehouse.dir to give managed tables a common location for governance policies. You specify a MANAGEDLOCATION in the metastore.warehouse.dir to designate a single root directory for all tenant tables, managed and external.

When turned on, setting metastore.warehouse.tenant.colocation to true allows tables to be in a directory outside the warehouse root directory, providing a tenant-based common root for setting quotas and other policies.

Use the following syntax to create a database that specifies a location for managed tables:
    [COMMENT database_comment]
    [LOCATION managed_table_path]
    [MANAGEDLOCATION managed_table_directory_path]
    [WITH DBPROPERTIES (property_name=property_value, ...)];
Do not set LOCATION and MANAGEDLOCATION to the same HDFS path.
MANAGEDLOCATION [managed_table_directory_path];
  1. Create a database mydatabase that specifies a top level directory named sales for managed tables.
    CREATE DATABASE mydatabase
    MANAGEDLOCATION '/warehouse/tablespace/managed/hive/sales';
  2. Change the abc_sales database location to the same location as mydatabase.
    ALTER DATABASE abc_sales
    SET MANAGEDLOCATION '/warehouse/tablespace/managed/hive/sales';