Privacera and Tableau — EMR Hive

I am using the following setup to test Apache Ranger policies with Tableau for EMR Hive. The goal is to do table, column and row level access control in Tableau.

The following setup is running in my mac. EMR Hive is running and Kerberos is in place.

neeraj_mac:~ neerajsab$ kinit neerajsab@example.com

neerajsab@example.com’s password:

neeraj_mac:~ neerajsab$ klist

Credentials cache: API:56B9D7E0–6DC7–46D4–91E1–710039407C26

Principal: neerajsab@example.com

Issued Expires Principal

Feb 6 15:12:56 2020 Feb 7 01:12:56 2020 krbtgt/example.com@example.com

neeraj_mac:~ neerajsab$

The prinicipal/user neerajsab is part of KDC and I have Kerberos ticket based on realm example.com

The private IP is listed in my /etc/hosts in mac pointing to public IP of EMR master node and also, KDC master.

Connection details
neerajsab user does not have access to see database and table
added a new policy in ranger
ns_customer database and access on all the tables
neerajsab can access the database and table
Audit
All rows
Row level filter
Only rows from ‘cam%’ shows up as row level filter kicked in

Reach out to me on twitter @123nsab in case any questions.

Sales @Privacera

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store