2.3.2.7. Configure HBase for Access Control Lists (ACL)

Use the following instructions to configure HBase for ACL:

  1. Kinit as HBase user.

    1. Create a keytab for princpal hbase@REALM and store it in the hbase.headless.keytab file. Refer to the instructions provided here for creating principal and keytab file.

    2. Kinit as HBase user. Execute the following command on your HBase Master:

      kinit -kt hbase.headless.keytab hbase

  2. Start the HBase shell. On the HBase Master host machine, execute the following command:

    hbase shell
  3. Set ACLs using HBase shell:

    grant '$USER', '$permissions'

    where

    • $USER is any user responsible for create/update/delete operations in HBase.

      [Note]Note

      You must set the ACLs for all those users who will be responsible for create/update/delete operations in HBase.

    • $permissions is zero or more letters from the set "RWCA": READ('R'), WRITE('W'), CREATE('C'), ADMIN('A').


loading table of contents...