Skip to content

Immuta HDFS Principals Tutorial

Audience: User Admins

Content Summary: Immuta System Administrators are in charge of assigning HDFS principals to Immuta users so that they can access data through Immuta via the HDFS and Spark access patterns. This page outlines how to assign these principals to users.

Note: If your enterprise identity manager is configured to pull HDFS principals from the identity service provider, HDFS principals cannot be managed in the Immuta Administrator UI.

Assigning Immuta HDFS Principals

  1. Before assigning principals to Immuta users, make sure that the principals exist on your HDFS cluster:

    • For clusters secured with kerberos, you will need to create a kerberos principal for each Immuta HDFS principal that you wish to assign.

    • For insecure clusters, you will need to create a system user for Immuta HDFS principal that you wish to assign.

  2. Once you have created the required resources on the cluster, follow these steps to link Immuta users to HDFS principals:

    1. Navigate to the Users section of the Admin page in Immuta.
    2. Select the user you would like to modify in the left sidebar.
    3. Select Change HDFS Principal in the top section of the user page. You can also view the user's current HDFS principal in this section under HDFS Principal.

      Admin HDFS User Page

    4. Type in the principal name that you would like to associate with the user and click Save.

      Admin HDFS Change Principal

The user's new HDFS principal should now be visible.

Admin HDFS Principal Changed

If at any time you need to change a user's Immuta HDFS principal, you may follow these steps again to do so. If you need to completely remove a principal from a user, follow these steps again and save the principal with a blank name.