We are trying to restrict users from sending a job to data proc cluster through livy server.
By default livy submits job as user 'livy' when impersonation is disabled. Even after using impersonation, it says livy is not allowed to impersonate user 'xxxx'.
Here, IAM policy of GCP is not useful either. Is there any way we can achieve this without kerberos?