MapR provides volumes as a way to organize data and manage cluster performance. For example, you might want to create a volume for each user, department, or project. You can then create a volume-level ACL that controls which users and groups have access to that volume, and what actions they may perform.
You can create volume-level ACLs from the Control System or from the command line.
To create an ACL at the command line, use the acl set command to
specify a list of authorized users (or groups) and the actions they are allowed to
perform.
The syntax is:
maprcli acl set -type volume -name <volume name> [-user <username>:<action> -group <groupname>:<action>]Include spaces between multiple entries, such as a list of usernames and their associated permission levels (or actions). Each allowed action has a permission code associated with it. The codes are explained below.
| Permission Code | Allowed Action |
|---|---|
| dump | Dump or back up the volume |
| restore | Restore or mirror the volume |
| m | Modify the volume's properties |
| d | Delete the volume |
| a | Administrator (can edit and view ACLs, but cannot perform volume operations) |
| fc | Full control over the volume (this enables all volume-related administrative options with the exception of changing the volume ACLs) |
This example shows how to create an ACL for a volume named test-volume
that allows full control over volume ACLs for user rjones. In addition, all
users in the developers group are given permission to dump, restore, and
modify volume properties.
maprcli acl set -type volume -name test-volume -user rjones:fc
-group developers:dump,restore,m