Before creating your cluster
Before you start creating your Streaming Analytics Data Hub cluster, you need to ensure that you have set up the environment properly and have all the necessary accesses to use CDP Public Cloud.
- You have CDP login credentials.
- You have an available CDP environment.
- You have a running Data Lake.
- You have a CDP username and the predefined resource role of this user is EnvironmentAdmin.
- Your CDP user is synchronized to the CDP Public Cloud environment.
Assigning resource roles
As an administrator, you need to give permissions to users or groups to be able to access and perform tasks in your Data Hub environment.
Creating IDBroker mapping
As an administrator, you must create IDBroker mapping for a user or group to access cloud storage. As a part of Knox, the IDBroker allows a user to exchange cluster authentication for temporary cloud credentials.
idbroker-role
: granting permissions to IDBroker instances associated with the CDP environmentdatalake-admin-role
: granting access to CDP cloud resourceslogs-role
: granting access to the logs storage location
datalake-admin-role
as it grants access to the cloud resources
required to run the Flink service.- Navigate to and select your environment.
- Click .
- Click on the IDBroker Mappings tab.
- Click Edit to add a new user or group and assign roles to have writing access for the cloud storage.
- Search for the user or group you need to map.
- Go to the IAM Summary page where you can find information about your cloud storage account.
- Copy the Role ARN.
- Go back to the IDBroker Mapping interface on the Cloudera Management Console page.
- Paste the Role ARN to your selected user or group.
- Click Save and Sync.
Setting workload password
As a user, you need to set a workload password for your EnvironmentUser account to be able to access the SQL Stream Builder nodes through SSH connection.
- Navigate to and select your environment.
- Click .
- Click Workload Password.
- Give a chosen workload password for your user.
- Confirm the given password by typing it again.
- Click Set Workload Password.