[
https://issues.apache.org/jira/browse/HIVE-27525?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Riju Trivedi updated HIVE-27525:
--------------------------------
Description:
During the creation of external tables with a specified location, the general
expectation is that the data is already present or the data might be externally
added to the location without involving HMS. So, it is really not required to
have read and write permissions on an external table during the creation time.
This enhancement can address security concerns where currently the users had to
be granted unnecessary write permissions on an external file location when the
table is only used for reading the data.
Update/delete operations would anyway require write permissions.
CTAS query with location specified is expected to fail at runtime without ,
trying to create staging directory under table location.
was:
During the creation of external tables with a specified location, the general
expectation is that the data is already present or the data might be externally
added to the location without involving HMS. So, it is really not required to
have read and write permissions on an external table during the creation time.
This enhancement can address security concerns where currently the users had to
be granted unnecessary write permissions on an external file location when the
table is only used for reading the data.
Update/delete operations would anyway require write permissions.
In case of CTAS with location specified, query would pass he authorization
> Ease the write permissions on external table during create table operation
> --------------------------------------------------------------------------
>
> Key: HIVE-27525
> URL: https://issues.apache.org/jira/browse/HIVE-27525
> Project: Hive
> Issue Type: Improvement
> Components: Standalone Metastore
> Reporter: Sai Hemanth Gantasala
> Assignee: Riju Trivedi
> Priority: Major
> Labels: pull-request-available
>
> During the creation of external tables with a specified location, the general
> expectation is that the data is already present or the data might be
> externally added to the location without involving HMS. So, it is really not
> required to have read and write permissions on an external table during the
> creation time.
> This enhancement can address security concerns where currently the users had
> to be granted unnecessary write permissions on an external file location when
> the table is only used for reading the data.
> Update/delete operations would anyway require write permissions.
> CTAS query with location specified is expected to fail at runtime without ,
> trying to create staging directory under table location.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
