Accumulo 2.x Documentation  >>  Security  >>  Permissions

Permissions

Accumulo users can only perform actions if they are given permission.

Accumulo has three types of permissions:

These permissions are managed by SecurityOperations in Java API or the Accumulo shell.

Configuration

Accumulo’s PermissionHandler is configured by setting instance.security.permissionHandler.

The default permission handler is described below.

Granting permission

Users can be granted permissions in the shell:

root@uno> grant System.CREATE_TABLE -s -u bob

Or in the Java API using SecurityOperations:

client.securityOperations().grantSystem("bob", SystemPermission.CREATE_TABLE);

View permissions

Permissions can be listed for a user in the shell:

root@uno> userpermissions -u bob
System permissions: System.CREATE_TABLE, System.DROP_TABLE

Namespace permissions (accumulo): Namespace.READ

Table permissions (accumulo.metadata): Table.READ
Table permissions (accumulo.replication): Table.READ
Table permissions (accumulo.root): Table.READ

Revoking permissions

Permissions can be revoked for a user in the shell

root@uno> revoke System.CREATE_TABLE -s -u bob

Or in the Java API using SecurityOperations:

client.securityOperations().revokeSystemPermission("bob", SystemPermission.CREATE_TABLE);
Find documentation for all releases in the archive