Configuring KMS ACLs Using Cloudera Manager

The KMS installation wizard includes an option to configure the recommended ACLs.

Minimum Required Role: Key Administrator (also provided by Full Administrator)
  1. Go to the KMS service.
  2. Click Configuration.
  3. In the Search field, type acl to show the Key Management Server Advanced Configuration Snippet (Safety Valve) for kms-acls.xml (in the Key Management Server Default Group category).
  4. Add or edit the ACL properties according to your cluster configuration.
  5. Click Save Changes.
  6. Return to the Home page by clicking the Cloudera Manager logo, and return to the KMS service.
  7. Click (Refresh Needed).
    Then click Refresh Cluster.
  8. Click Finish.