Sentry Column Level Access Control is an improvement which make Sentry supports privileges granularity up to a column. The column level privileges are a fairly standard functionality supported by most RDBMS vendors. This facilitate users to restrict access to sensitive data. In absence of column level privileges, one has to create views with subset of columns and grant privileges on views. This add a major administrative overhead.
HiveServer2 (hive-site.xml)
| Config Property | Value | Description | Default |
|---|---|---|---|
| hive.stats.collect.scancols | true | Whether column accesses are tracked in the QueryPlan. This is useful to identify how tables are accessed and to determine if there are wasted columns that can be trimmed. | false |