HBase - Security

We can grant and revoke permissions to users in HBase. There are three commands for security purpose: grant, revoke, and user_permission.


The grant command grants specific rights such as read, write, execute, and admin on a table to a certain user. The syntax of grant command is as follows:

hbase> grant <user> <permissions> [<table> [<column family> [<column; qualifier>]]

We can grant zero or more privileges to a user from the set of RWXCA, where

  • R - represents read privilege.
  • W - represents write privilege.
  • X - represents execute privilege.
  • C - represents create privilege.
  • A - represents admin privilege.

Given below is an example that grants all privileges to a user named ‘Tutorialspoint’.

hbase(main):018:0> grant 'Tutorialspoint', 'RWXCA'


The revoke command is used to revoke a user's access rights of a table. Its syntax is as follows:

hbase> revoke <user>

The following code revokes all the permissions from the user named ‘Tutorialspoint’.

hbase(main):006:0> revoke 'Tutorialspoint'


This command is used to list all the permissions for a particular table. The syntax of user_permission is as follows:

hbase>user_permission ‘tablename’

The following code lists all the user permissions of ‘emp’ table.

hbase(main):013:0> user_permission 'emp'