[HIVE-25214] Add hive authorization support for Data connectors. - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 4.0.0-alpha-1
Component/s: None
Labels:
- pull-request-available

Description

We need to add authorization support for data connectors in hive. The default behavior should be
1) Connectors can be create/dropped by users in admin role.
2) Connectors have READ and WRITE permissions.

READ permissions are required to fetch a connector object or fetch all connector names. So to create a REMOTE database using a connector, users will need READ permission on the connector. DDL queries like "show connectors" and "describe <connector>" will check for read access on the connector as well.
WRITE permissions are required to alter/drop a connector. DDL queries like "alter connector" and "drop connector" will need WRITE access on the connector.

Adding this support, Ranger can integrate with this.

Attachments

Issue Links

breaks

HIVE-25571 Fix Metastore script for Oracle Database

Resolved

relates to

HIVE-26245 Fix some issues for data connector authorization

Open

links to

GitHub Pull Request #2384

Activity

People

Assignee:: Dantong Dong

Reporter:: Naveen Gangam

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 07/Jun/21 20:38

Updated:: 17/Nov/22 08:48

Resolved:: 23/Jul/21 17:46

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

1h 10m