This is the documentation for Cloudera Manager 4.8.4.
Documentation for other versions is available at Cloudera Documentation.

Configuring Sentry

Sentry enables role-based, fine-grained authorization for HiveServer2 and Cloudera Search. It provides classic database-style authorization for Hive and Cloudera Impala.

For detailed information about Sentry, see the Sentry Guide.

When using Sentry, you must use Impala or HiveServer2 to access Hive tables. You can also use Hue Beeswax if Beeswax is configured to use HiveServer2. You cannot use the Hive CLI or WebHCat with Sentry.

In order to use Sentry with CDH 4.3, you must install Sentry manually; it is not included in the CDH 4.3 parcel or package. Sentry is included with CDH 4.4.0 or later.

Support for Sentry has been added in Cloudera Manager 4.7. This means that the configuration of Sentry can be done entirely through the Cloudera Manager Admin Console. It is possible to install Sentry in a cluster managed by Cloudera Manager 4.5 or 4.6 by undertaking some manual configuration steps, but installation with Cloudera Manager 4.7 or later is strongly recommended.

Installing and Removing the Sentry Parcel

If you are using CDH 4.3, you can add it as follows:
  1. Under the Administration tab, go to Settings, then Parcels.
  2. In the Remote Parcel Repository URLs property, click the Plus sign to add a remote repository location. The Sentry parcel for CDH 4.3 can be found at http://archive.cloudera.com/sentry/parcels/latest/. Once this is done the Sentry parcel should appear on the Hosts > Parcels page.
  3. Now Download, Distribute, and Activate the parcel from the Hosts > Parcels page. See Using Parcels for details about adding a parcel.
If you have upgraded to CDH 4.4 from CDH 4.3 and did have the separate Sentry parcel installed with CDH 4.3, you must remove the stand-alone parcel:
  1. Under the Administration tab, go to Settings, then Parcels.
  2. Now Deactivate, Remove, and Delete the parcel from the Hosts > Parcels page. See Using Parcels for details about adding a parcel.