ACL Configuration for Spark

Starting in the EEP 6.0 release, the ACL configuration for Spark is disabled by default.

If you are authorized by PAM, you will have access to all Spark UIs. For the Spark History Server, you can only see the logs of your own Spark jobs if PAM is enabled (regardless of ACL being enabled).

Starting in Spark-2.4.4.0, MapR Spark ACLs behave like Apache Spark ACLs. With this change, all users can log in to the Spark History Server UI and see the full list of applications. Only an application owner or the users specified in spark.ui.view.acls or history.ui.admin.acls can see application details. Users specified in history.ui.admin.acls can see the details for all applications.

By default on a secure cluster:
spark.acls.enable false
spark.admin.acls mapr
spark.admin.acls.groups mapr
spark.ui.view.acls mapruser1
Other Example:
spark.acls.enable true - ACL is enabled and restricted access to Spark master and thriftserver UIs for other users.
spark.admin.acls mapr - Administrator or "sudoer" of ACL access.
spark.admin.acls.groups mapr - Group of administrators.
spark.ui.view.acls mapruser1 - user who can be logged in to Spark master and thriftserver UIs.