Service roles to manage metadata in a Hive Metastore cluster
With Metastore service roles, you can view Metastore cluster metadata and manage clusters.
managed-metastore.auditor
The managed-metastore.auditor
role allows you to view information on Hive Metastore clusters and the Yandex Cloud managed DB service quotas.
managed-metastore.viewer
The managed-metastore.viewer
role allows you to view information on Hive Metastore clusters and their runtime logs, as well as details on the Yandex Cloud managed DB service quotas.
Users with this role can:
- View info on Hive Metastore clusters.
- View Hive Metastore cluster logs.
- View info on the Yandex Cloud managed DB service quotas.
- View info on the relevant cloud and folder.
This role also includes the managed-metastore.auditor
permissions.
managed-metastore.editor
The managed-metastore.editor
role allows you to manage Hive Metastore clusters, as well as view their runtime logs and information on the Yandex Cloud managed DB service quotas.
Users with this role can:
- View info on Hive Metastore clusters, as well as create, modify, run, stop, and delete them.
- Export and import Hive Metastore clusters.
- View Hive Metastore cluster logs.
- View info on the Yandex Cloud managed DB service quotas.
- View info on the relevant cloud and folder.
This role also includes the managed-metastore.viewer
permissions.
To create clusters, you also need the vpc.user role
.
managed-metastore.admin
The managed-metastore.admin
role allows you to manage Hive Metastore clusters, as well as view their runtime logs and information on service quotas of Yandex Cloud managed DBs.
Users with this role can:
- View info on Hive Metastore clusters, as well as create, modify, run, stop, and delete them.
- Export and import Hive Metastore clusters.
- View Hive Metastore cluster logs.
- View info on the Yandex Cloud managed DB service quotas.
- View info on the relevant cloud and folder.
This role also includes the managed-metastore.editor
permissions.
To create clusters, you also need the vpc.user
role.
managed-metastore.integrationProvider
The managed-metastore.integrationProvider
role allows the Hive Metastore cluster to work with user resources required for its operation on behalf of the service account. You can assign this role to a service account linked to a Hive Metastore cluster.
Users with this role can:
- Add entries to log groups.
- View info on log groups.
- View info on log sinks.
- View info on granted access permissions for Cloud Logging resources.
- View info on log exports.
- View info on Monitoring metrics and their labels, as well as upload and download metrics.
- View the list of Monitoring dashboards and widgets and info on them, as well as create, modify, and delete them.
- View the Monitoring notification history.
- View details on Monitoring quotas.
- View info on the relevant cloud and folder.
This role also includes the logging.writer
and monitoring.editor
permissions.