The global-policy.ini File

The default global-policy.ini file defines the admin_role, which gives full access to the Hiveserver2 server for the mapr user. The file is located in /opt/mapr/sentry/sentry-<version>/conf in your local file system. You can relocate the file to the MapR file system if you prefer. By default, the file contains these sections:

      mapr = admin_role
      admin_role = server=HS2

Sample sentry-provider.ini File

        # Defines the location of the per-DB policy file for the customer's DB or schema
        customers = /etc/sentry/customers.ini
        customers_admin = customers_admin_role
        customers_admin_role = server=HS2->db=customers

Sample customers.ini File

        manager = customers_insert_role, customers_select_role
        analyst = customers_select_role
        customers_insert_role = server=HS2->db=customers->table=*->action=insert
        customers_select_role = server=HS2->db=customers->table=*->action=select