THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Comma separated list of non-SQL Hive commands that users are authorized to execute. This can be used to restrict the set of authorized commands. The currently supported command list is "set,reset,dfs,add,delete,compile" and by default all these commands are authorized. To restrict any of these commands, set hive.security.command.whitelist to a value that does not have the command in it.
Whitelist for SQL Standard Based Hive Authorization
See hive.security.authorization.sqlstd.confwhitelist below for information about the whitelist property that authorizes set commands in SQL standard based authorization.
Hive Client Security
hive.security.authorization.enabled
...
| Info | ||
|---|---|---|
| ||
Hive 0.13.0 introduces fine-grained authorization based on the SQL standard authorization model. This is still a work in progress – see HIVE-5837 for the functional specification and list of subtasks. |
...
A comma separated list of users which will be added to the ADMIN role when the metastore starts up. More users can still be added later on.
hive.security.authorization.sqlstd.confwhitelist
- Default Value: (empty, but includes list shown below implicitly)
- Added In: Hive 0.13.0 with HIVE-6846
A comma separated list of configuration properties that users are authorized to set when SQL standard base authorization is used.
If this parameter is not set, the default list is added by the SQL standard authorizer. The default list has these properties (see HIVE-6846 for the same list arranged one property per line):
hive.exec.reducers.bytes.per.reducer, hive.exec.reducers.max, hive.map.aggr, hive.map.aggr.hash.percentmemory, hive.map.aggr.hash.force.flush.memory.threshold, hive.map.aggr.hash.min.reduction, hive.groupby.skewindata, hive.optimize.multigroupby.common.distincts, hive.optimize.index.groupby, hive.optimize.ppd, hive.optimize.ppd.storage, hive.optimize.ppd.storage, hive.ppd.recognizetransivity, hive.optimize.groupby, hive.optimize.sort.dynamic.partition, hive.optimize.skewjoin.compiletime, hive.optimize.union.remove, hive.multigroupby.singlereducer, hive.map.groupby.sorted, hive.map.groupby.sorted.testmode, hive.optimize.skewjoin, hive.optimize.skewjoin.compiletime, hive.mapred.mode, hive.enforce.bucketmapjoin, hive.exec.compress.output, hive.exec.compress.intermediate, hive.exec.parallel, hive.exec.parallel.thread.number, hive.exec.parallel.thread.number, hive.exec.rowoffset, hive.merge.mapfiles, hive.merge.mapredfiles, hive.merge.tezfiles, hive.ignore.mapjoin.hint, hive.auto.convert.join, hive.auto.convert.join.noconditionaltask, hive.auto.convert.join.noconditionaltask.size, hive.auto.convert.join.use.nonstaged, hive.auto.convert.join.noconditionaltask, hive.auto.convert.join.noconditionaltask.size, hive.auto.convert.join.use.nonstaged, hive.enforce.bucketing, hive.enforce.sorting, hive.enforce.sortmergebucketmapjoin, hive.auto.convert.sortmerge.join, hive.execution.engine, hive.vectorized.execution.enabled, hive.mapjoin.optimized.keys, hive.mapjoin.lazy.hashtable, hive.exec.check.crossproducts, hive.compat, hive.exec.dynamic.partition.mode,mapred.reduce.tasks, mapred.output.compression.codec, mapred.map.output.compression.codec, mapreduce.job.reduce.slowstart.completedmaps, mapreduce.job.queuename.
Archiving
fs.har.impl
- Default Value:
org.apache.hadoop.hive.shims.HiveHarFileSystem - Added In:
...