Cloudera Docs

Create IDBroker mapping

As an administrator, you must create IDBroker mapping for a user or group to access cloud storage. As a part of Knox, the IDBroker allows a user to exchange cluster authentication for temporary cloud credentials.

  1. Navigate to Management Console > Environments and select your environment.
  2. Click Actions > Manage Access.
  3. Click on the IDBroker Mappings tab.
  4. Click Edit to add a new user or group and assign roles to have writing access for the cloud storage.
  5. Search for the user or group you need to map.
  6. Go to the IAM Summary page where you can find information about your cloud storage account.
  7. Copy the Role ARN.
  8. Go back to the IDBroker Mapping interface on the Cloudera Management Console page.
  9. Paste the Role ARN to your selected user or group.
  10. Click Save and Sync.

    The following short video shows how you can create the IDBroker mapping: