ZooKeeper ACLs Best Practices: YARN

You must follow the best practices for tightening the ZooKeeper ACLs or permissions for YARN when provisioning a secure cluster.

ZooKeeper Usage:
- /yarn-leader-election - used for RM leader election
- /rmstore - used for storing RM application state
Default ACLs:
note
Cloudera Manager automatically sets the customized principle at first launch: [***customized principle upon first launch***]. For any later launches Cloudera Manager checks only the root znodes.
- /yarn-leader-election - sasl:[***customized principle upon first launch***]:cdrwa
- /rmstore - sasl:[***customized principle upon first launch***]:cdrwa