Add values for the following properties in the "Custom kms-site" section. These properties allow the specified system users (
hive, oozie, the user we are using and others) to proxy on behalf of other users when communicating with Ranger KMS. This helps individual services (such as Hive) use their own keytabs, but retain the ability to access Ranger KMS as the end user (use access policies associated with the end user).hadoop.kms.proxyuser.{hadoop-user}.usershadoop.kms.proxyuser.{hadoop-user}.groupshadoop.kms.proxyuser.{hadoop-user}.hosts
No comments:
Post a Comment