Configure HBase ACLs
HBase supports Access Control Lists (ACLs) to limit the privileges of users on the system. Before you can use ACLs, you need to perform the steps to enable ACLs.
HBase ACLs support the following privileges:
- Read
- Write
- Create tables
- Administrator
Once you enable the use of ACLs, you can grant and remove privileges from users by using
the grant
and revoke
commands from the HBase shell. The
following example grants user jfoo
read privileges from column family
cf1
of table mytable
:
hbase(main):001:0> grant 'jfoo' 'R' 'mytable','cf1'
This example removes user kbar
's administrative
privileges on the cluster:
hbase(main):001:0> revoke 'kbar' 'A'