hive整合sentry,impala,hue之後權限管理操作
7.Hive授權參考(開啟sentry之後,對用戶授權用不了,只能針對用戶組,grant role testrole to user xxxxxxx; )
7.1:角色創建和刪除
create role test;
drop role test;
grant role star_read to group star_read;
7.2:角色授權和取消授權
7.2.1:表授權給角色
grant select on table test_table to role role_name(針對表級賦予角色權限);
grant select on database hbase_db to role hbase_read(針對數據庫級賦予角色權限);
revoke select on table test_table to role role_name(取消權限);
7.2.1:列授權給角色
grant select(column1,column2) on table test_table to role role_name;
revoke select(column1,column2) on table test_table to role role_name;
7.3:組授權和取消授權
grant role role_name to group user_group;
revoke role role_name to group user_group;
註意:Sentry適用於用戶組授權,不適用於用戶授權;
8.查看賦予的權限
show grant role aragon on database hbase_db(查看角色aragon有數據庫hbase_db哪些權限);
show role grant group star_read;(查看哪些角色賦予了star_read組)
+-----------+--------+------------+---------+-----------------+-----------------+------------+---------------+-------------------+----------+--+
| database | table | partition | column | principal_name | principal_type | privilege | grant_option | grant_time | grantor |
+-----------+--------+------------+---------+-----------------+-----------------+------------+---------------+-------------------+----------+--+
| hbase_db | | | | aragon | ROLE | select | false | 1535966545398000 | -- |
+-----------+--------+------------+---------+-----------------+-----------------+------------+---------------+-------------------+----------+--+
hive整合sentry,impala,hue之後權限管理操作