Create IDBroker mapping
To enable your CDP user to utilize the central authentication features CDP provides and to exchange credentials for AWS or Azure access tokens, you have to map this CDP user to the correct IAM role or Azure Managed Service Identity (MSI). The option to add/modify these mappings is available from the Management Console in your CDP environment.
- Go to the environment in which your Flow Management and Data Engineering clusters are running.
- To access IDBroker Mappings, click Actions | Manage Access and select the IDBroker Mapping tab in the next screen, where you can provide mappings for users or groups.
- Click Edit.
Add a new mapping for your service user, mapping the user to an existing IAM
role or Azure Managed Identity Resource ID that has access to the underlying
storage which is used by the target Hive table.
Add your CDP user and the corresponding AWS or Azure role that provides write
access to your folder in your S3 bucket or ADLS folder to the Current
- Click Save and Sync.
- Ensure that your IDBroker mapping change is synchronized to the environment successfully.