Stack Overflow
Stack Overflow

Questions tagged [apache-sentry]

Apache Sentry is a system for enforcing fine grained role based authorization to data and metadata stored on a Hadoop cluster.

Apache Sentry is a system for enforcing fine grained role based authorization to data and metadata stored on a Hadoop cluster.

Sentry currently integrates with the open source SQL query frameworks, Apache Hive and Apache Impala (incubating), and the open source search engine, Cloudera Search, and can also extend to other computing engines within the Hadoop ecosystem.

It was originally developed by Cloudera, but graduated in March 2016 to become a top-Level Apache project:

53 questions
16
votes
4 answers

How to choose between apache ranger and sentry

From the wiki provided by those 2 projects, I found it seems they did the similar job. But there must be some difference or it's no need for 2. So what are the differences, and what is the practical advice to choose from one another. thx a lot!
kiwi
  • 487
  • 1
  • 4
  • 16
6
votes
0 answers

Lookup Hbase Tbl from UDF (Beeline , Hbase,Delegation Tokens)

I have a requirement to write Custom UDF for data lookup from Hbase Table . NOTE : I have done Unit Testing with HIVE . It seems to be working . But when I use the same UDF Beeline, Its failed . By default Cloudera restricts impersonation and…
Govind
  • 419
  • 8
  • 25
3
votes
2 answers

Add prefixes to ostream outputs

I am looking for a way of adding a prefix to an ostream, pass it down to other functions so that their outputs are prefixed and then remove it to continue. Check the following pseudocode: ... void function(ostream &out){ out << "output 1\n"; …
Arkaitz Jimenez
  • 22,500
  • 11
  • 75
  • 105
3
votes
1 answer

Privileges for spark sql with sentry

I'm trying to make the privileges to access Spark-SQL with sentry, and spark sql connects with thrift port withe hiveserver2( --hiveconf hive.server2.thrift.port). However, while I can limit users' privileges on hive successfully, I cannot limit the…
IT-DONG
  • 41
  • 5
3
votes
0 answers

Hive Admin not working after enabling Sentry and no kerberos set

I need your help in resolving an issue related to Hive Permission. I have enabled Sentry in CDH 5.5 environment but Kerberos is not sent. I could not able to create roles or grant permission to hive objects. For every access need to login through…
Vaidya
  • 31
  • 2
3
votes
1 answer

Grant create external table in Sentry

I have a 4 node cloudera cluster with kerberos enabled on it with sentry securing Hive service. When i am create a table using hive user i am able to do so as it have all privileges on database default. 0: jdbc:hive2://clnode4:10000/default> create…
Vikas Hardia
  • 2,635
  • 5
  • 34
  • 53
2
votes
0 answers

Impala [Catalog] and Hive [Metastore/Sentry] Not Sync

We use Cloudera (CDH 5.7.5) and Hue [3.9.0]. For admin user, some of hive tables (60%) is accessible through impala. The other hive tables is not accessible. For non admin user, no database which is accessible through Impala. And again, some of…
Mahadi Siregar
  • 615
  • 3
  • 17
  • 38
2
votes
1 answer

how to integrate cloudera apache sentry with open ldap

I have LDAP in my CDH 5.10 quick start VM for development and I have started the Sentry service within that. Now I want to integrate Apache Sentry with LDAP. Please let me know if that is even possible and if yes please guide me through the…
sachingupta
  • 709
  • 2
  • 9
  • 30
2
votes
1 answer

Sentry | java.lang.NullPointerException: Config key sentry.service.client.server.rpc-address is required

solrctl sentry --list-roles I am running above command but it failed with below error. I am new to Sentry. I have double checked value of sentry.service.client.server.rpc-address in Solr configuration and it has the right value of hostname where…
Amit Kumar
  • 2,685
  • 2
  • 37
  • 72
2
votes
1 answer

Hive User Impersonation for Sentry

I was reading on that for while using sentry you must disable hive user impersonation. Is it necessary to disable to impersonation? If Yes is there any other way to impersonate hive user with sentry enabled?
Shashi
  • 2,686
  • 7
  • 35
  • 67
2
votes
1 answer

Cloudera Sentry with LDAP - Unable to add user as Sentry admin

Background: By default the Sentry service has the users hive, hue and impala as the sentry admins. This is w.r.t to the property on Cloudera Manager (CM) sentry.service.admin.group. I want to add a user or group which has my user account, so that I…
Aditya Lolla
  • 31
  • 4
2
votes
1 answer

create database in hive with multiple locations having sentry enable

I am creating a database in hive with multiple location for example CREATE DATABASE sample1 location 'hdfs://nameservice1:8020/db/dev/abc','hdfs://nameservice1:8020/db/dev/def','hdfs://nameservice1:8020/db/dev/ghi' but i am getting error while doing…
Md Danish Alam
  • 46
  • 7
1
vote
1 answer

Does Sentry control access to HDFS files for clients using the HDFS protocol?

The Apache Sentry docs describe Sentry as follows: Sentry currently works out of the box with Apache Hive, Hive Metastore/HCatalog, Apache Solr, Impala and HDFS (limited to Hive table data). The docs also show an image that suggests applications…
Chris Snow
  • 23,813
  • 35
  • 144
  • 309
1
vote
0 answers

Sentry privileges on Spark

I have a question regarding Spark privileges with Sentry on Hadoop cluster. First, some background - I'm using CDH version 5.13.2 ACL sync on HDFS is enabled Impersonation disabled Grant on database level and for specific cases gants on…
sharon
  • 51
  • 3
1
vote
1 answer

Sentry can not synchronize the ACLs between HDFS files and Hive tables

Sentry cannot send a full image snapshot of Hive table access control list to HDFS, so that HDFS ACL and Hive table ACL are not synchronized. I am running Cloudera CDH 5.14.2, which contains Sentry 1.5.1 and Hadoop 2.6.0. I have enabled Sentry and…
Leon
  • 13
  • 5
1
2 3 4