Blog

We can grant and revoke permissions to users in HBase. There are three commands for security purpose: grant, revoke, and user_permission.

grant

The grant command grants specific rights such as read, write, execute, and admin on a table to a certain user. The syntax of grant command is as follows:

hbase> grant <user> <permissions> [<table> [<column family> [<column; qualifier>]]

We can grant zero or more privileges to a user from the set of RWXCA, where

• R – represents read privilege.
• W – represents write privilege.
• X – represents execute privilege.
• C – represents create privilege.
• A – represents admin privilege.

Given below is an example that grants all privileges to a user named ‘Adglob’.

hbase(main):018:0> grant 'Adglob', 'RWXCA'

revoke

The revoke command is used to revoke a user’s access rights of a table. Its syntax is as follows:

hbase> revoke <user>

The following code revokes all the permissions from the user named ‘Adglob’.

hbase(main):006:0> revoke 'Adglob'

user_permission

This command is used to list all the permissions for a particular table. The syntax of user_permission is as follows:

hbase>user_permission ‘tablename’

The following code lists all the user permissions of ‘emp’ table.

hbase(main):013:0> user_permission 'emp'