AnsweredAssumed Answered

Ways to limit MapR users' options in terms of interacting with the cluster?

Question asked by reedv on Jul 2, 2018
Latest reply on Jul 6, 2018 by keysbotzum

Is there any way to block specific MapR users' ability to use certain options of the hadoop, maprcli, and maprlogin commands? Eg. we don't want them to be able to generate their own tickets (so they can't just create their own 100-year ticket) or be able to create volumes (even within the volumes they have permission to write to). The only thing we would like some MapR users to be able to do is submit YARN spark jobs (via sparklyr in RStudio). Is there some recommended way to do this for our MapR users? 

 

** Could not find anything about this in the MapR (6.0) docs, which makes me suspect that I may not be aware of some alternative recommended security practice (ie. I am misunderstanding some fundamental thing about mapr tickets or how volume permissions work that make my concerns moot). If so please help me understand a bit more. Thanks. 

Outcomes