Authorizing Over 32 Roles in Hive

Scenario

This function applies to Hive.

The number of OS user groups is limited, and the number of roles that can be created in Hive cannot exceed 32. After this function is enabled, more than 32 roles can be created in Hive.

Note

  • After this function is enabled and the table or database is authorized, roles that have the same permission on the table or database will be combined using vertical bars (|). When the ACL permission is queried, the combined result is displayed, which is different from that before the function is enabled. This operation is irreversible. Determine whether to make adjustment based on the actual application scenario.

  • If the current component uses Ranger for permission control, you need to configure related policies based on Ranger for permission management. For details, see Adding a Ranger Access Permission Policy for Hive.

  • After this function is enabled, a maximum of 512 roles (including owner) are supported by default. The number is controlled by the user-defined parameter hive.supports.roles.max of MetaStore. You can change the value based on the actual application scenario.

Procedure

  1. Log in to FusionInsight Manager. For details, see Accessing FusionInsight Manager. Choose Cluster > Services > Hive > Configurations > All Configurations.

  2. Choose MetaStore(Role) > Customization, add a customized parameter to the hivemetastore-site.xml parameter file, set Name to hive.supports.over.32.roles, and set Value to true. Restart all Hive instances after the modification.