Chained Impersonation
You can configure Drill to allow chained impersonation on views when you enable
impersonation in the drill-override.conf
file. Chained impersonation controls
the number of identity transitions that Drill can make when a user queries a view. Each identity
transition is equal to one hop.
An administrator can set the maximum number of hops for impersonation to limit the number of times that Drill can impersonate a different user when other users query a view. The default maximum number of hops is set at 3. When the maximum number of hops is set to 0, Drill does not allow impersonation chaining, and a user can only read data for which they have direct permission to access. An administrator may set the chain length to 0 to protect highly sensitive data.
Although V3 was created by joining two different views, the number of hops remains at 3 because Drill does not read the views at the same time. Drill reads V2 first and then reads V1.
When Bob queries Franks’s view, Drill returns an error stating that the query cannot complete because the number of hops required to access the data exceeds the maximum hop setting of 4.
If users encounter this error, the administrator can increase the maximum hop setting to accommodate users running queries on views.