Hbase权限控制 | 您所在的位置:网站首页 › hbase权限 › Hbase权限控制 |
Hbase权限配置、使用手册
1 Hbase权限控制简介
Hbase的权限控制是通过AccessController Coprocessor协处理器框架实现的,可实现对用户的RWXCA的权限控制。 2 配置配置hbase-site.xml CM主页→点击hbase(进入Hbase主页)→点击配置 1 点击左侧的Hbase服务范围启用Hbase权限控制,设置Hbase超级用户hbase.superuser 2 点击左侧的master在 hbase.coprocessor.master.classes里追加如下内容 org.apache.hadoop.hbase.security.access.AccessController 3 点击左侧的regionserver在hbase.coprocessor.region.classes里追加如下内容 org.apache.hadoop.hbase.security.token.TokenProvider,org.apache.hadoop.hbase.security.access.AccessController 配置文件附录: hbase.security.authorization true hbase.coprocessor.master.classes org.apache.hadoop.hbase.security.access.AccessController hbase.coprocessor.region.classes org.apache.hadoop.hbase.security.token.TokenProvider,org.apache.hadoop.hbase.security.access.AccessController hbase.superuser hbase,root,administrator 3 使用 3.1 hbase权限验证1 管理员用户Hbase下对Hbase进行赋权 grant 'wcj','r' grant 'wcj' ,w' #授予用户shenl读、写表wcj的权限 grant 'shenl', 'RW', 'wcj' #授予用户shenl对表wcj的列族f1的age只读权限 grant 'shenl', 'R', 'wcj', 'f1', 'age' 2 管理员用户Hbase下收回Hbase表的访问权限权限 revoke ‘R’ ‘wcj’ revoke ‘W’ ‘wcj’ 3 管理员下hbase权限 user_permission ‘wcj’ 1 hbase权限与常用命令对照表 ACLs Permissions Comment READ('R') Get, Scan, or Exists calls R denotes read permissions WRITE('W') Put, Delete, LockRow, UnlockRow, IncrementColumnValue, CheckAndDelete, CheckAndPut, Flush, & Compact W denotes write permissions EXEC('X') denotes execute permissions, which is required to execute coprocessor endpoints CREATE('C') Create, Alter, & Drop denotes create permissions ADMIN('A') Enable, Disable, Snapshot, Restore, Clone,Split, MajorCompact, Grant, Revoke, and Shutdown denotes admin permissions 2 hbase权限命令 grant [[ [ ] ] ] #grants permissions revoke [ [ [ ] ] ] # revokes permissions user_permission # displaysexisting permissions 3现实版访问场景 Job Title Scope Permissions Description Senior Administrator Global Access, Create Manages the cluster and gives access to Junior Administrators. Junior Administrator Global Create Creates tables and gives access to Table Administrators. Table Administrator Table Access Maintains a table from an operations point of view. Data Analyst Table Read Creates reports from HBase data. Web Application Table Read, Write Puts data into HBase and uses HBase data to perform operations. 4 问题总结 |
CopyRight 2018-2019 实验室设备网 版权所有 |