-
|
I'm currently using hive metastore with authz plugin to enable authorization control using ranger. I can restrict users using ranger policies when queries are run against tables registered in Hive Metastore but users can still workaround the policies and query directly against the data path (we are using s3) e.g. select * from parquet. I have explored options to defined URL based policies in ranger but this does not seem to take affect |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
The feature - authz for URLs - has not been implemented yet. Currently, we can only disable spark.sql.runSQLOnFiles system-wide and restrict end-users from modifying it |
Beta Was this translation helpful? Give feedback.
-
|
thanks, I can take this approach and restrict users from querying files directly |
Beta Was this translation helpful? Give feedback.
The feature - authz for URLs - has not been implemented yet.
Currently, we can only disable spark.sql.runSQLOnFiles system-wide and restrict end-users from modifying it