[
https://issues.apache.org/jira/browse/FLINK-7860?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16300504#comment-16300504
]
Eron Wright commented on FLINK-7860:
-------------------------------------
Please elaborate on the scenario you hope to support. From the description,
seems you want to create a powerful service account (e.g. 'Flink') with an
associated keytab, then launch jobs with that keytab that impersonate other
users (e.g. 'Joe'). Reads and writes to HDFS would authenticate with the
'Flink' keytab but would behave as though made by 'Joe'. In addition, the
HDFS service would be configured to allow 'Flink' to impersonate 'Joe'.
If that's the scenario, I think it is a reasonable one. But please consider
two complications:
1. The job code has access to the keytab, since the code runs in-process. The
job code must be considered 'trusted', since it could steal the keytab and
impersonate other users.
2. The Flink cluster doesn't protect the keytab very well; other processes
could also steal it. It seems unwise to give such a powerful keytab to Flink.
> Support YARN proxy user in Flink (impersonation)
> ------------------------------------------------
>
> Key: FLINK-7860
> URL: https://issues.apache.org/jira/browse/FLINK-7860
> Project: Flink
> Issue Type: New Feature
> Components: YARN
> Reporter: Shuyi Chen
> Assignee: Shuyi Chen
>
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
