Cloudera Docs

Prepare your environment

Before you start querying your data using SQL Stream Builder (SSB) in CDP Public Cloud, you need to register and prepare your environment so that a chosen user or group can use the clusters and services in the environment securely.

As a first step, an admin needs to register an AWS, Azure or GCP environment. In CDP Public Cloud, this environment is based on the virtual private network in your cloud provider account. This means that CDP can access and identify the resources in your cloud provider account which is used for CDP services, and shared between clusters in the environment. After registering your AWS, Azure or GCP environment, you can provision clusters, and set users or groups to access your environment and services.

For more information about registering an AWS, Azure or GCP environment, see the Management Console documentation.

In CDP Public Cloud, the Streaming Analytics clusters use Apache Knox to authenticate users. Knox is automatically set up for your environment. To access the Streaming SQL Console, you need to upload your keytab to your cluster, and unlock the keytab in Streaming SQL Console. You also need to set Ranger policies for the SSB user when using Schema Registry, Kudu or Hive. You can further authorize the users using Team Management feature of SSB in the Streaming SQL Console

Make sure that you have completed the following prerequisites:
  • You have a CDP Public Cloud environment.
  • You have a CDP username (it can be your own CDP user or a CDP machine user) and a workload password set to access Data Hub clusters.

    The predefined resource role of this user is at least EnvironmentUser. This resource role provides the ability to view Data Hub clusters and set the FreeIPA password for the environment.

  • Your user is synchronized to the CDP Public Cloud environment.
  • You have a Streaming Analytics cluster.
  • You have uploaded your keytab file to the Streaming Analytics cluster.
  • You have unlock your keytab in the Streaming SQL Console.
  • Your CDP user has the correct permissions set up in Ranger allowing access to SQL Stream Builder.