Enable HBase Access Control

The following steps explain how enable HBase ACLs.

  1. On the HBase Region Server, edit the /opt/mapr/hbase/hbase-<version>/conf/hbase-site.xml file and add the following section:
    <property>
        <name>hbase.coprocessor.region.classes</name>
        <value>org.apache.hadoop.hbase.security.token.TokenProvider,org.apache.hadoop.hbase.security.access.AccessController</value>
    </property>
    <property>
        <name>hbase.superuser</name>
        <value><admin1>,<admin2>,@<group1>,...</value> <!-- group names are
    prefixed with '@' -->
      </property>
    <property>
        <name>hbase.rpc.engine</name>
        <value>org.apache.hadoop.hbase.ipc.SecureRpcEngine</value>
    </property>
  2. On the HBase Master, edit the /opt/mapr/hbase/hbase-<version>/conf/hbase-site.xml file and add the following section:
    <property>
        <name>hbase.rpc.engine</name>
        <value>org.apache.hadoop.hbase.ipc.SecureRpcEngine</value>
    </property>
    <property>
        <name>hbase.coprocessor.master.classes</name>
        <value>org.apache.hadoop.hbase.security.access.AccessController</value>
    </property>
    <property>
        <name>hbase.superuser</name>
        <value><admin1>,<admin2>,@<group1>,...</value> <!-- group names are
    prefixed with '@' -->
      </property>
  3. On every HBase client node, edit the /opt/mapr/hbase/hbase-<version>/conf/hbase-site.xml file and add the following section:
    <property>
        <name>hbase.rpc.engine</name>
        <value>org.apache.hadoop.hbase.ipc.SecureRpcEngine</value>
    </property>
  4. Restart HBase on every node.