vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/mrs/component-operation-guide/mrs_01_1422.html
Yang, Tong 6182f91ba8 MRS component operation guide_normal 2.0.38.SP20 version 
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com>
Co-authored-by: Yang, Tong <yangtong2@huawei.com>
Co-committed-by: Yang, Tong <yangtong2@huawei.com>
2022-12-09 14:55:21 +00:00

175 lines
15 KiB
HTML
Raw Blame History

<a name="mrs_01_1422"></a><a name="mrs_01_1422"></a>
<h1 class="topictitle1">CarbonData Access Control</h1>
<div id="body1595920210183"><p id="mrs_01_1422__ae3621e74c69f4bc19017580c1a02c408">The following table provides details about Hive ACL permissions required for performing operations on CarbonData tables.</p>
<div class="section" id="mrs_01_1422__sa3392f67165245298a3d2ffb1672a912"><h4 class="sectiontitle">Prerequisites</h4><p id="mrs_01_1422__adb5721f42e444466b02d6f3d065a58d9">Parameters listed in <a href="mrs_01_1404.html#mrs_01_1404__ta902cd071dfb426097416a5c7034ee6c">Table 5</a> or <a href="mrs_01_1404.html#mrs_01_1404__t3897ae14f205433fb0f98b79411cfa0c">Table 6</a> have been configured.</p>
</div>
<div class="section" id="mrs_01_1422__section499719371830"><h4 class="sectiontitle">Hive ACL permissions</h4>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="mrs_01_1422__t5b5b750213444fbc83c32f6e3994b57c" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Hive ACL permissions required for CarbonData table-level operations</caption><thead align="left"><tr id="mrs_01_1422__rb4677962578c437e9cbb765216a0c2fe"><th align="left" class="cellrowborder" valign="top" width="42.66%" id="mcps1.3.3.2.2.3.1.1"><p id="mrs_01_1422__aa4567d364df24c78af7c007ab27c178c">Scenario</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="57.34%" id="mcps1.3.3.2.2.3.1.2"><p id="mrs_01_1422__a1c831c316d7f4a3da7607e123eb287fb">Required Permission</p>
</th>
</tr>
</thead>
<tbody><tr id="mrs_01_1422__r7b5a265a207249419535c462c320ecae"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__ab5c95baeb434465889323608ca1c6cca">DESCRIBE TABLE</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__ad5f524be9cd349578011b7afc2253fc3">SELECT (of table)</p>
</td>
</tr>
<tr id="mrs_01_1422__re3c8256199ff4de0a56eb6428ec4af8b"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__abc67a7dca11e44d5816cb973fddedabf">SELECT</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__a484fb54ecf3f44d18a9ecf6b7b596e11">SELECT (of table)</p>
</td>
</tr>
<tr id="mrs_01_1422__r2b16f2701cb54c8489ae01bf45def6a2"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__ac332e73abb574d9cb1b251c2ab506e43">EXPLAIN</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__a04f13fc515784062877d78ce1608584b">SELECT (of table)</p>
</td>
</tr>
<tr id="mrs_01_1422__r108a23e124ec45b98d3a93bc9d9319f7"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__a9f29c7bd831e474ebfdb45bf5c65e832">CREATE TABLE</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__ade8e2249d41244cb9858f3566902ffda">CREATE (of database)</p>
</td>
</tr>
<tr id="mrs_01_1422__row20539162451520"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__p9553195145619">CREATE TABLE As SELECT</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__p1755312515565">CREATE (on database), INSERT (on table), RW on data file, and SELECT (on table)</p>
</td>
</tr>
<tr id="mrs_01_1422__r51b4d03366f349c1ad334d2b3c7437ae"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__a89535ec3251f41ca94857abdddb30343">LOAD</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__a419792f20a8e4cff83a450d815501ac3">INSERT (of table) RW on data file</p>
</td>
</tr>
<tr id="mrs_01_1422__r7040bc9894ad407c96389708fcc113d2"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__ae6d101843cfd407e990b9593a5efb835">DROP TABLE</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__abc511deefd734d0aa99e67ca43466ab3">OWNER (of table)</p>
</td>
</tr>
<tr id="mrs_01_1422__raa7e23eaddd6483cb54b4b38b0170b0c"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__ab0c5fa96b6bb49899c0d3426d9977480">DELETE SEGMENTS</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__a43774bb7b2e74f1ba560e5d8fa81b8b7">DELETE (of table)</p>
</td>
</tr>
<tr id="mrs_01_1422__r677976a442364e7d9be6710a1a9ffc6f"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__ac10edc2cd011440ea188b09b7cbcb25d">SHOW SEGMENTS</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__abc257c2b8d6343e6a8dcc86f430d424f">SELECT (of table)</p>
</td>
</tr>
<tr id="mrs_01_1422__rb27c58a98f6648f2959d9356d3cf4858"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__a1f4e96e4aacf4b78a64bebab81e0f29e">CLEAN FILES</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__aff35b3a045d648a3a90f18d9f8c345b8">DELETE (of table)</p>
</td>
</tr>
<tr id="mrs_01_1422__r46d7d85f6bc8434aba7e794ffd4e5366"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__aa5e4be8c615a4a679c864509fa82cc09">INSERT OVERWRITE / INSERT INTO</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__aad80b25c32ba4bd9b3bdcb6efe493ddd">INSERT (of table) RW on data file and SELECT (of table)</p>
</td>
</tr>
<tr id="mrs_01_1422__red4b8a7f81df47ad86249a2afd61e1c1"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__a9e179ed119bd487a9305f7c2e0adc121">CREATE INDEX</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__a3f09717b24744822b35b1ca11986b521">OWNER (of table)</p>
</td>
</tr>
<tr id="mrs_01_1422__r8b2afdbec0894d898b960454ac18e929"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__a73a4dd25f1e04e7084cbfbd0cfe4608d">DROP INDEX</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__a1fca129bd3164f68a42b7f981a53518f">OWNER (of table)</p>
</td>
</tr>
<tr id="mrs_01_1422__rc92c11ed3c4047e1bad50656f5cd679f"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__aefef7935423748a891df31971cb5b7e8">SHOW INDEXES</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__a738471fcc9554b01847e284289e04086">SELECT (of table)</p>
</td>
</tr>
<tr id="mrs_01_1422__r194119fa9b2a4e69a92ba6173c73ba65"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__a968b50c3f604446cbf17d452075404a1">ALTER TABLE ADD COLUMN</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__ae72dfacb46c545aca18a8862a9475897">OWNER (of table)</p>
</td>
</tr>
<tr id="mrs_01_1422__rb4db8a9971094ca09c75e91e8d2687fa"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__ab4136968040f4dc083451fcdf9dd279c">ALTER TABLE DROP COLUMN</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__a941b00492e234ca0a1482f4cd22ebf11">OWNER (of table)</p>
</td>
</tr>
<tr id="mrs_01_1422__rf96727bc61ba46bf8c5bf5009c4f9aa4"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__aa17e28a1753541978cab8d603288292f">ALTER TABLE CHANGE DATATYPE</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__a85849aff7d4d456390fd39f54b0a2c3e">OWNER (of table)</p>
</td>
</tr>
<tr id="mrs_01_1422__r6cd682820c63493f8b081cec37e6aa0d"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__a4d60985ea53a4260a088a563ac2e5478">ALTER TABLE RENAME</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__a9dc273e453b841f0b61623937fc18b82">OWNER (of table)</p>
</td>
</tr>
<tr id="mrs_01_1422__rd42f1c72d6fe4ab485e4390117614691"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__a90ec6d802b97446b952349a88f1a146a">ALTER TABLE COMPACTION</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__a7de9c916d88048dfb28e7020f75139ea">INSERT (on table)</p>
</td>
</tr>
<tr id="mrs_01_1422__row344310182147"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__p644331861411">FINISH STREAMING</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__p644341851413">OWNER (of table)</p>
</td>
</tr>
<tr id="mrs_01_1422__row12314162151415"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__p2031414216144">ALTER TABLE SET STREAMING PROPERTIES</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__p12314102161417">OWNER (of table)</p>
</td>
</tr>
<tr id="mrs_01_1422__row1250682910144"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__p8506429161413">ALTER TABLE SET TABLE PROPERTIES</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__p350613290148">OWNER (of table)</p>
</td>
</tr>
<tr id="mrs_01_1422__r348ad3dfd4284d16b8e704a4ef344d2b"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__af6a4e5d320034ee0bae6aa481a747e02">UPDATE CARBON TABLE</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__a0408987407d04744a2c1dba5c30748db">UPDATE (of table)</p>
</td>
</tr>
<tr id="mrs_01_1422__r54211a34ecc84a508a5c16a594410347"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__afdf5c8a1784f4d62a926398ee9be2d2a">DELETE RECORDS</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__a41471d52260a4654b4ffdfa4c841f584">DELETE (of table)</p>
</td>
</tr>
<tr id="mrs_01_1422__row127116505256"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__p1271450132512">REFRESH TABLE</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__p1327215012259">OWNER (of main table)</p>
</td>
</tr>
<tr id="mrs_01_1422__row1844775815252"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__p1044725817254">REGISTER INDEX TABLE</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__p8447958122511">OWNER (of table)</p>
</td>
</tr>
<tr id="mrs_01_1422__row780814772614"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__p5808147152612">SHOW PARTITIONS</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__p2080812712263">SELECT (on table)</p>
</td>
</tr>
<tr id="mrs_01_1422__row6889141132615"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__p1188919112262">ALTER TABLE ADD PARTITION</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__p158891711142617">OWNER (of table)</p>
</td>
</tr>
<tr id="mrs_01_1422__row599204182618"><td class="cellrowborder" valign="top" width="42.66%" headers="mcps1.3.3.2.2.3.1.1 "><p id="mrs_01_1422__p299213442610">ALTER TABLE DROP PARTITION</p>
</td>
<td class="cellrowborder" valign="top" width="57.34%" headers="mcps1.3.3.2.2.3.1.2 "><p id="mrs_01_1422__p18992114132611">OWNER (of table)</p>
</td>
</tr>
</tbody>
</table>
</div>
<div class="note" id="mrs_01_1422__n260c0d09588a418ea559cb1baf0184e7"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="mrs_01_1422__ubb0c545967d74080acba58e53a16c531"><li id="mrs_01_1422__l0e8ff4b033824a8185d9bb3acf41ebbc">If tables in the database are created by multiple users, the <strong id="mrs_01_1422__b71701333365">Drop database</strong> command fails to be executed even if the user who runs the command is the owner of the database.</li><li id="mrs_01_1422__l1d8512aa564641edb419efa78a018d94">In a secondary index, when the parent table is triggered, <strong id="mrs_01_1422__b315665014293">insert</strong> and <strong id="mrs_01_1422__b52645525294">compaction</strong> are triggered on the index table. If you select a query that has a filter condition that matches index table columns, you should provide selection permissions for the parent table and index table.</li><li id="mrs_01_1422__li1447138173113">The LockFiles folder and lock files created in the LockFiles folder will have full permissions, as the LockFiles folder does not contain any sensitive data.</li><li id="mrs_01_1422__li14849163615319">If you are using ACL, ensure you do not configure any path for DDL or DML which is being used by other process. You are advised to create new paths.<p id="mrs_01_1422__p1313064183612"><a name="mrs_01_1422__li14849163615319"></a><a name="li14849163615319"></a>Configure the path for the following configuration items:</p>
<p id="mrs_01_1422__p131309411367">1) carbon.badRecords.location</p>
<p id="mrs_01_1422__p1613018413369">2) Db_Path and other items during database creation</p>
</li><li id="mrs_01_1422__li953403824415">For Carbon ACL in a non-security cluster, <strong id="mrs_01_1422__b124901153103311">hive.server2.enable.doAs</strong> in the <strong id="mrs_01_1422__b194951535336">hive-site.xml</strong> file must be set to <strong id="mrs_01_1422__b4496253193319">false</strong>. Then the query will run as the user who runs the hiveserver2 process.</li></ul>
</div></div>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="mrs_01_1400.html">Using CarbonData (for MRS 3.x or Later)</a></div>
</div>
</div>
View Git Blame Copy Permalink