Skip to content

Latest commit

 

History

History
99 lines (75 loc) · 2.83 KB

sentrytool.md

File metadata and controls

99 lines (75 loc) · 2.83 KB

sentrytool

Command-line interface to Apache Sentry

Synopsis

Command-line interface to Apache Sentry. See https://github.com/akolb1/sentrytool/blob/master/doc/sentrytool.md for full documentation

Configuration:

The tool can be configured using either command-line flags, environment variables or a config file. Config file may be in JSON, TOML, YAML, HCL, and Java properties config files format. B default the file ~/.sentrytool.yaml is used.

The following environment variables are used:

  • SENTRY_HOST: Sentry server host name or IP address ('host' in the config file)
  • SENTRY_PORT: Listening port for the Sentry server ('port' in the config file)
  • SENTRY_USER: User name on which behalf the request is made ('user' in the config file)
  • SENTRY_COMPONENT: Component name (e.g. 'kafka'). ('component' in the config file)
  • SENRY_VERBOSE: Use verbose mode if set ('verbose' in config file)

Host may be specified in one of the following ways:

  • 1.2.3.4
  • host.domain.com
  • host:port
  • host1,host2:port2, host4:port3

When multiple hosts are specified, the wirst responding host is used. The value of port from the host string overrides all other values for a port.

When a component is specified the tool uses Generic client model, otherwise it uses the legacy model.

sentrytool

Examples


  # Display everything
  $ sentrytool
  [roles]
  admin
  customer
  [groups]
  g1 = admin
  g2 = admin
  g3 = admin
  user_group = customer
  [privileges]

  # List roles
  $ sentrytool role list
  admin
  customer
  # List roles with groups
  $ sentrytool role list -v
  admin: (g1,g2,g3)
  customer: (user_group)

  # Listing groups
  sentrytool group list
  # Grant and revoke groups to roles
  sentrytool group grant -r admin_role admin_group finance_group
  sentrytool group revoke admin_role finance_group

  # Grant and list privileges
  sentrytool privilege grant -r r1 -s server1 -d db2 -t table1 -c columnt1 \
      -a insert
  sentrytool privilege list r1 r1 = db=db1->action=all, \
     server=server1->db=db2->table=table1->column=column1->action=insert

Options

  -C, --component string   sentry client component
      --config string      config file (default is $HOME/.sentrytool.yaml)
  -H, --host string        hostname for Sentry server (default "localhost")
  -J, --jstack             show Java stack on for errors
  -P, --port string        port for Sentry server (default "8038")
  -U, --username string    user name (default "akolb")
  -v, --verbose            verbose mode

SEE ALSO

Auto generated by spf13/cobra on 14-Dec-2016