Contact UsGet started

Service roles to manage metadata in a Hive Metastore cluster

Written by
Updated at October 13, 2024

With Metastore service roles, you can view Metastore cluster metadata and manage clusters.

managed-metastore.auditor

The managed-metastore.auditor role allows you to view information on Hive Metastore clusters and the Yandex Cloud managed DB service quotas.

managed-metastore.viewer

The managed-metastore.viewer role allows you to view information on Hive Metastore clusters and their runtime logs, as well as details on the Yandex Cloud managed DB service quotas.

Users with this role can:

  • View info on Hive Metastore clusters.
  • View Hive Metastore cluster logs.
  • View info on the Yandex Cloud managed DB service quotas.
  • View info on the relevant cloud and folder.

This role also includes the managed-metastore.auditor permissions.

managed-metastore.editor

The managed-metastore.editor role allows you to manage Hive Metastore clusters, as well as view their runtime logs and information on the Yandex Cloud managed DB service quotas.

Users with this role can:

  • View info on Hive Metastore clusters, as well as create, modify, run, stop, and delete them.
  • Export and import Hive Metastore clusters.
  • View Hive Metastore cluster logs.
  • View info on the Yandex Cloud managed DB service quotas.
  • View info on the relevant cloud and folder.

This role also includes the managed-metastore.viewer permissions.

To create clusters, you also need the vpc.user role.

managed-metastore.admin

The managed-metastore.admin role allows you to manage Hive Metastore clusters, as well as view their runtime logs and information on service quotas of Yandex Cloud managed DBs.

Users with this role can:

  • View info on Hive Metastore clusters, as well as create, modify, run, stop, and delete them.
  • Export and import Hive Metastore clusters.
  • View Hive Metastore cluster logs.
  • View info on the Yandex Cloud managed DB service quotas.
  • View info on the relevant cloud and folder.

This role also includes the managed-metastore.editor permissions.

To create clusters, you also need the vpc.user role.

managed-metastore.integrationProvider

The managed-metastore.integrationProvider role allows the Hive Metastore cluster to work with user resources required for its operation on behalf of the service account. You can assign this role to a service account linked to a Hive Metastore cluster.

Users with this role can:

  • Add entries to log groups.
  • View info on log groups.
  • View info on log sinks.
  • View info on granted access permissions for Cloud Logging resources.
  • View info on log exports.
  • View info on Monitoring metrics and their labels, as well as upload and download metrics.
  • View the list of Monitoring dashboards and widgets and info on them, as well as create, modify, and delete them.
  • View the Monitoring notification history.
  • View details on Monitoring quotas.
  • View info on the relevant cloud and folder.

This role also includes the logging.writer and monitoring.editor permissions.

Previous
Connection Manager roles
Next
Schema Registry roles