I have a 4 node cloudera cluster with kerberos enabled on it with sentry securing Hive service.
When i am create a table using hive user i am able to do so as it have all privileges on database default.
0: jdbc:hive2://clnode4:10000/default> create table t123 (a int);
No rows affected (0.204 seconds)
0: jdbc:hive2://clnode4:10000/default> show tables from default;
+--------------+--+
| tab_name |
+--------------+--+
| t1 |
| t12 |
| t123 |
+--------------+--+
3 rows selected (0.392 seconds)
But when i am trying to create a external table on same env with same user hive i am getting error as below
0: jdbc:hive2://clnode4:10000/default> create external table t1_ex (a string) ROW FORMAT DELIMITED FIELDS TERMINATED BY '\t' LOCATION 'hdfs:///user/olap/KyvosDemo/Distance.csv';
Error: Error while compiling statement: FAILED: SemanticException No valid privileges
User hive does not have privileges for CREATETABLE (state=42000,code=40000)
I have provided all access on URI as well from were i am reading the data for external table.
Is there any way to provide create external table to user in sentry any help would be great.
I am able to solve the problem by granting all privileges on the server to hive user as below
grant all on server server1 to role hive;
role hive is assigned to hive user.
Edit
More help on this one can find the server name in hive configuration with the property name "hive.sentry.server"