The acl commands let you work with access control lists (ACLs):

  • acl edit - modifies a specific user's access to a cluster or volume
  • acl set - modifies the ACL for a cluster or volume
  • acl show - displays the ACL associated with a cluster or volume

In order to use the acl edit command, you must have full control (fc) permission on the cluster or volume for which you are running the command.

Specifying Permissions

Specify permissions for a user or group with a string that lists the permissions for that user or group. To specify permissions for multiple users or groups, use a string for each, separated by spaces. The format is as follows:

  • Users - <user>:<action>[,<action>...][ <user>:<action>[,<action...]]
  • Groups - <group>:<action>[,<action>...][ <group>:<action>[,<action...]]

The following tables list the permission codes used by the acl commands.

Cluster Permission Codes

Permission Code

Allowed Action


Log in to the MapR Control System, use the API and command-line interface,
read access on cluster and volumes


Start/stop services


Create volumes


Administrative access to cluster ACLs. Grants no other permissions.


Full control over the cluster. This enables all cluster-related administrative options with the exception of changing the cluster ACLs.


Volume Permission Codes


Allowed Action


Dump the volume


Mirror or restore the volume


Modify volume properties, create and delete snapshots


Delete a volume


Full control (admin access and permission to change volume ACL)