We have created a separate user to create ssh tunnel to federated metastore and that user has access to the tables on federated hive metastore. Currently we have a user cluster on which few users have read access to few databases on our local hive metastore and write access to remaining databases on it. We have enabled hive authorization on our user cluster to enable user access checks. This is causing issues while running queries on tables accessed using federated hive metastore. It throws the below error:
Error: Error while compiling statement: FAILED: HiveAccessControlException Permission denied: Principal [name=skamatham, type=USER] does not have following privileges for operation SHOWPARTITIONS [[SELECT] on Object [type=TABLE_OR_VIEW, name=dsp_dm.order_trans_fact]] (state=42000,code=40000)
After doing some research, we found out that the query on federated metastore is trying to check if the user "skamatham" has access to the table or not, where as the access to federated metastore was provided for the ssh tunnel user which is a service account.
Is it possible to bypass hive authorization for queries on federated hive metastore?
Can you please suggest if there is a work around for it.
Please let me know if you need more information on it.
Thanks
Sreshta