Updated on 2023-04-28 GMT+08:00

Creating a HetuEngine User

Scenarios

Before using the HetuEngine service in a security cluster, a cluster administrator needs to create a user and grant operation permissions to the user to meet service requirements.

HetuEngine users are classified into administrators and common users. The default HetuEngine administrator group is hetuadmin, and the user group of HetuEngine common users is hetuuser.

  • Users associated with the hetuadmin user group can obtain the O&M administrator permissions on the HetuEngine HSConsole web UI and HetuEngine compute instance web UI.
  • Users associated with the hetuuser user group can obtain the SQL execution permission.

If Ranger authentication is enabled and you need to configure the permissions to manage databases, tables, and columns of data sources for a user after it is created, see Adding a Ranger Access Permission Policy for HetuEngine.

Prerequisites

Before you use the HetuEngine service, ensure that the tenant to be associated with the HetuEngine user has been planned and created.

Common users can only perform operations on and view information about clusters of the tenants associated with them.

Procedure

Creating a HetuEngine administrator

  1. Log in to FusionInsight Manager.
  2. Choose System > Permission > User > Create.
  3. Enter a username, for example, hetu_admin.
  4. Set User Type to Human-machine.
  5. Set New Password and Confirm Password.
  6. In the User Group area, click Add to add the hive, hetuadmin, hadoop, hetuuser, and yarnviewgroup user groups for the user.
  7. In the Primary Group drop-down list, select hive as the primary group.
  8. In the Role area, click Add to assign the default, System_administrator, and desired tenant role permissions to the user.
  9. Click OK.

Creating a common HetuEngine user

  1. Log in to FusionInsight Manager.
  2. Choose System > Permission > User > Create.
  3. Enter a username, for example, hetu_test.
  4. Set User Type to Human-machine.
  5. Set New Password and Confirm Password.
  6. In the User Group area, click Add to add the hetuuser user group for the user.

    • Ranger authentication is enabled for the HetuEngine service in the MRS cluster by default. HetuEngine common users only need to be associated with the hetuuser user group. If Ranger authentication is disabled, you must associate the user with the hive user group and set it as the primary group. Otherwise, the HetuEngine service may be unavailable.
    • If Ranger authentication is enabled and you need to configure the permissions to manage databases, tables, and columns of data sources for a user after it is created, see Adding a Ranger Access Permission Policy for HetuEngine.

  7. In the Role area, click Add to assign the default or desired tenant role permissions to the user.
  8. Click OK.