Hi,

I am trying to secure multiple MR job queues from being accessed from
unauthorized users.

I know there is "acl_submit_applications" and "acl_administer_queue" for a
specific queue, but neither of those properties control who can view the
list of jobs that have been or are executing in a specific queue.

I would like to have a group of users only be able to view the list of jobs
in some queues, but not others. Is there a way to do this?

Even with "mapreduce.cluster.acls.enabled" set to true, which means that
only the job owner and admins can view the details of a job, the listing of
jobs itself has a lot of sensitive information.

The only thing I can find is that I can filter the view by queue, which
doesn't really help with security.

Thanks in advance,
Alex.

Reply via email to