User hdfs not allowed to do DECRYPT EEK on key

0 votes

hi Team,

I was using hadoop cli command below is my command in HA ranger kms environment

sudo -u hdfs hadoop distcp /tmp /zone1

Caused by: org.apache.hadoop.security.authorize.AuthorizationException: User:hdfs not allowed to do 'DECRYPT_EEK' on 'key'.

I added the policy as well for user hdfs .

I added policy as well.What i am missing.i came across different blog everyone talks abt  adding policy.i added but its nt helping me .Please pour suggestion.

Nov 20, 2020 in Big Data Hadoop by Shilpa S
• 450 points

edited Nov 20, 2020 by Shilpa S 2,439 views

1 answer to this question.

0 votes
Best answer

Hi@Shilpa,

I don't think you have given permission to HDFS user. You need to add an HDFS user in Ranger KMS for the given policy and provide appropriate permission.

answered Nov 20, 2020 by MD
• 95,460 points

selected Nov 21, 2020 by Shilpa S
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP