Cloudera Manager Server Properties

Advanced

Command Eviction Age

Description: Length of time after which inactive commands are evicted from the database. Default is two years.
Related Name
Default Value: 730 day(s)
API Name: command_eviction_age_hours
Required: true

Cloudera Manager Server Local Data Storage Directory

Description: Local path used by Cloudera Manager for storing data, including command result files. Note that changes to this configuration will only apply to commands started after the change. It is highly recommended that existing data be migrated over to the new location for the data to be accessible via and managed by Cloudera Manager.
Related Name
Default Value: /var/lib/cloudera-scm-server
API Name: command_storage_path
Required: false

Enable Debugging of API

Description: When enabled, the server log will contain traces of all API calls.
Related Name
Default Value: false
API Name: enable_api_debug
Required: true

Extra JVM arguments for Java-based services

Description: A list of extra JVM arguments that Cloudera Manager will append to the command line for Java-based services.
Related Name
Default Value
API Name: extra_jvm_opts
Required: false

Agent Heartbeat Logging Directory

Description: Specifies the location where Agent heartbeat requests and responses should be logged, for debugging purposes. If empty, logging is disabled.
Related Name
Default Value
API Name: heartbeat_logging_dir
Required: false

Offline Command Timeout

Description: The amount of time (in seconds) to wait for all requested hosts to be offlined. If all requested hosts are not transitioned to offline in this interval, the command fails. If timeout occurs, hosts that transitioned to maintenance stay in maintenance, and those that failed to transition are returned to the normal state.
Related Name
Default Value: 10 minute(s)
API Name: offline_default_timeout
Required: false

Queue Manager Request Timeout

Description: Timeout for the Management console to fetch resources related to the YARN Queue Manager. This value may need to be increased for larger deployments where the Management console times out trying to fetch resources from the YARN Queue Manager.
Related Name: scm.server.qm_proxy.timeout
Default Value: 5 minute(s)
API Name: qm_proxy_timeout
Required: true

Cloudera Manager Descriptor Fetch Timeout

Description: Timeout for Cloudera Management Service roles to fetch deployment descriptor from Cloudera Manager service. This may need to be increased for larger deployments where Management roles are timing out trying to fetch the descriptor.
Related Name: scm.server.proxy.timeout
Default Value: 10 second(s)
API Name: scm_proxy_timeout
Required: true

Tags Limit

Description: The maximum number of tags that can be created globally. Note that creating more tags than are allowed by the default limit may lead to decreased performance of Cloudera Manager.
Related Name
Default Value: 100000
API Name: tags_limit
Required: false

Maximum Number of Time-Series Streams Returned Per Heatmap

Description: The maximum number of time-series streams returned by a single time-series heatmap query. The default is 10,000 streams. This value can be set higher, but increasing it may negatively impact chart performance and may require more resources be given to the Cloudera Manager Server, Host Monitor, and Service Monitor.
Related Name
Default Value: 10000
API Name: tsquery_heatmap_streams_limit
Required: true

Time-Series Request Timeout

Description: Timeout for requests to Service and Host Monitor.
Related Name
Default Value: 20 second(s)
API Name: tsquery_request_timeout
Required: true

Maximum Number of Time-Series Streams Returned Per Scatter Plot

Description: The maximum number of time-series streams returned by a single time-series scatter plot. The default is 1000 streams. This value can be set higher, but increasing it may negatively impact chart performance and may require more resources be given to the Cloudera Manager Server, Host Monitor, and Service Monitor.
Related Name
Default Value: 1000
API Name: tsquery_scatter_streams_limit
Required: true

Maximum Number Of Time-Series Streams Returned Per Line-Based Chart

Description: The maximum number of time-series streams that will be returned by a single time-series query. The default is 250 streams. This value can be set higher, but increasing it may negatively impact chart performance and may require more resources be given to the Cloudera Manager Server, Host Monitor, and Service Monitor.
Related Name
Default Value: 250
API Name: tsquery_streams_limit
Required: true

Maximum Number of Time-Series Streams Returned Per Table

Description: The maximum number of time-series streams returned in a single time-series table. The default is 2000 streams. This value can be set higher, but increasing it may negatively impact chart performance and may require more resources be given to the Cloudera Manager Server, Host Monitor, and Service Monitor.
Related Name
Default Value: 2000
API Name: tsquery_table_streams_limit
Required: true

Altus

Telemetry Altus Account

Description: The account to use for data collection to Altus. This by itself does not enable telemetry. Telemetry needs to be explicitly enabled for specific services.
Related Name
Default Value
API Name: telemetry_altus_account
Required: false

Custom Service Descriptors

Enable Local Descriptor Repository

Description: When enabled, the server will read custom service descriptors from the local filesystem.
Related Name
Default Value: true
API Name: csd_repo_enabled
Required: true

Local Descriptor Repository Path

Description: Path to the local repository where custom service descriptors are located.
Related Name
Default Value: /opt/cloudera/csd
API Name: csd_repo_path
Required: true

External Authentication

Authentication Backend Order

Description: The order in which authentication back ends are used for authenticating a user. Emergency Administrator Access allows Full and User Administrators in the local database to authenticate if external authentication is not functioning.
Related Name
Default Value: DB_ONLY
API Name: auth_backend_order
Required: true

External Authentication Program Path

Description: An external script (or binary) to use to authenticate users. Username is passed as the first command line argument. The password is passed over stdin. You can configure the return codes for the external script on the Roles page. A negative return value indicates a failure. A failure description can be printed to stderr.
Related Name
Default Value
API Name: auth_script
Required: false

Authorization Backend Order.

Description: The order in which authorization back ends are used for authorizing a user.This determines where a user's roles come from. If "Database and External" is chosen, then the union of all roles is used.
Related Name
Default Value: EXTERNAL_AND_DB
API Name: authorization_backend_order
Required: true

Enable SPNEGO/Kerberos Authentication for the Admin Console and API

Description: When enabled, you can authenticate to the Cloudera Manager Admin Console and API using Kerberos via the SPNEGO protocol. If you have not imported Kerberos admin credentials, you must also specify the Kerberos principal for SPNEGO authentication and Kerberos keytab file for SPNEGO authentication. This method of authentication is in addition to the configured external authentication methods.
Related Name
Default Value: false
API Name: krb_auth_enable
Required: true

Exclude Users for SPNEGO/Kerberos Authentication

Description: Users in this list will not be allowed to authenticate to Cloudera Manager using SPNEGO/Kerberos. They can still authenticate using other methods.
Related Name
Default Value: admin
API Name: krb_auth_exclude_users
Required: false

Keytab File for SPNEGO Authentication Override

Description: This is a path to the keytab file that Cloudera Manager will use for SPNEGO/Kerberos authentication. You can leave this blank to have Cloudera Manager automatically generate this keytab.
Related Name
Default Value
API Name: krb_auth_keytab
Required: false

Kerberos Principal for SPNEGO Authentication Override

Description: This is the full name of the service principal that Cloudera Manager will use for SPNEGO/Kerberos authentication. It is usually "HTTP/fqdn@REALM" where "fqdn" is the Cloudera Manager host and "REALM" is the Kerberos domain. The Kerberos keytab file for SPNEGO authentication must contain an entry for this principal. You can leave this blank to have Cloudera Manager automatically generate this principal.
Related Name
Default Value
API Name: krb_auth_principal
Required: false

LDAP Bind User Distinguished Name

Description: Distinguished name of the user to bind to AD as for user authentication search/bind and group lookup for role authorization. For openLDAP based directories this should be a DN string, for Active Directory this can be just a username, combined with the "Active Directory Domain" value for login. For example username in the field and example.com in the active directory domain will result in the User Principal Name value of username@example.com being used to bind. If you put a UPM value here, do not over-configure the "active directory domain" field otherwise you will end up presenting username@example.com@example.com for binds. AD will accept a UPN value or the DN value as a valid Bind DN; An example of a Distinguished Name (DN): CN=cdh admin,OU=svcaccount,DC=example,DC=com An example of a UPN value: cdhadmin@example.com
Related Name
Default Value
API Name: ldap_bind_dn
Required: false

LDAP Bind Password

Description: The password of the bind user.
Related Name
Default Value
API Name: ldap_bind_pw
Required: false

LDAP Distinguished Name Pattern

Description: This setting is deprecated and soon to be removed, do not use LDAP Distinguished Name Pattern for configuration moving forward. It is not necessary to use and deprecated as a configuration approach for LDAP and AD in general.
Related Name
Default Value
API Name: ldap_dn_pattern
Required: false

LDAP Group Search Base

Description: The distinguished name indicating the path within the directory information tree to begin user searches from. For example in AD it would be cn=groups,dc=example,dc=com. Or in an openLDAP compatible situation it would be something like ou=groups,dc=example,dc=com. Check with your directory administration team on the proper search base to configure for your environment.
Related Name
Default Value
API Name: ldap_group_search_base
Required: false

LDAP Group Search Filter

Description: The search filter to use for finding groups for authorization of authenticated users for their Cloudera Manager role. For Active Directory and openLDAP compatible directories this will usually be (member={0}), where {0} will be replaced by DN string for a successfully authenticated user through the search/bind process. This requires configuration of the LDAP Bind User Distinguished Name field.
Related Name
Default Value
API Name: ldap_group_search_filter
Required: false

External Authentication Type

Description: The type of external authentication to use.
Related Name
Default Value: ACTIVE_DIRECTORY
API Name: ldap_type
Required: true

LDAP URL

Description: The URL of the LDAP server. The URL must be prefixed with ldap:// or ldaps://. The URL can optionally specify a custom port, for example: ldaps://ldap_server.example.com:1636. Note that usernames and passwords will be transmitted in the clear unless either an ldaps:// URL is used, or "Enable LDAP TLS" is turned on (where available). Also note that encryption must be in use between the client and this service for the same reason.For more detail on the LDAP URL format, see RFC 2255
Related Name
Default Value
API Name: ldap_url
Required: false

LDAP User Search Base

Description: The distinguished name indicating the path within the directory information tree to begin user searches from. For example in AD it would be cn=users,dc=example,dc=com. Or in an openLDAP compatible situation it would be something like ou=people,dc=example,dc=com. Check with your directory administration team on the proper user search base to configure for your environment.
Related Name
Default Value
API Name: ldap_user_search_base
Required: false

LDAP User Search Filter

Description: The search filter to use for finding users. For AD configuration it will be (sAMAccountName={0}) and for openLDAP compatible directories it will usually be (uid={0}). Note that a custom attribute can also be used if the directory is configured differently for user names. The {0} expands the currently authenticating user''s name entered in the login form for the query.
Related Name
Default Value
API Name: ldap_user_search_filter
Required: false

Active Directory Domain

Description: Use this field for Active Directory configurations only, when combined with a simple username value in the "LDAP Bind User Distinguished Name" field, it will result in a UPM of user@example.com used for search/bind operations for authenticated user lookups.
Related Name
Default Value
API Name: nt_domain
Required: false

PAM Service Name

Description: The service name that identifies the PAM module used to verify the username and password. This is typically the name of a file under /etc/pam.d/ on the Cloudera Manager server host.
Related Name
Default Value: login
API Name: pam_service_name
Required: false

Allowed Groups for Knox Proxy

Description: When Apache Knox makes a proxy request to Cloudera Manager, the proxied user must belong to one of these LDAP groups. This configuration is only used if LDAP authentication is enabled and the Authorization Backend Order is not Database Only. A wildcard "*" entry allows any group.
Related Name
Default Value
API Name: proxyuser_knox_groups
Required: false

Allowed Hosts for Knox Proxy

Description: When Apache Knox makes a proxy request to Cloudera Manager, the request must come from one of these hosts. You can specify either an IP address or a fully-qualified domain name. If using multiple Knox gateways, make sure that all gateway hosts are listed here. A wildcard "*" entry allows any host.
Related Name
Default Value
API Name: proxyuser_knox_hosts
Required: false

Knox Proxy Principal

Description: This is the service name of the Kerberos principal that Apache Knox will use to authenticate to Cloudera Manager when making proxy requests. Usually, this should be set to "knox" when using Knox to proxy to Cloudera Manager. If empty, Cloudera Manager will not accept proxy requests from any principal. The service name does not have to be a valid user.
Related Name
Default Value: knox
API Name: proxyuser_knox_principal
Required: false

Allowed Users for Knox Proxy

Description: When Apache Knox makes a proxy request to Cloudera Manager, the proxied user must be one of these users. A wildcard "*" entry allows any user.
Related Name
Default Value
API Name: proxyuser_knox_users
Required: false

SAML Entity Alias

Description: Unique alias used to identify the selected instance of local service provider based on used URL.
Related Name
Default Value: clouderaManager
API Name: saml_entity_alias
Required: false

SAML Entity Base URL

Description: The Base URL used to construct redirect URLs reported in this server's SP metadata. Leave this blank to let the server calculate the base URL itself.
Related Name
Default Value
API Name: saml_entity_base_url
Required: false

SAML Entity ID

Description: The ID that Cloudera Manager will use to identify itself to the IDP. This value should be unique to this Cloudera Manager installation.
Related Name
Default Value: clouderaManager
API Name: saml_entity_id
Required: true

Alias of SAML Sign/Encrypt Private Key

Description: The alias used to identify the sign/encrypt private key in the SAML keystore.
Related Name
Default Value
API Name: saml_key_alias
Required: false

SAML Sign/Encrypt Private Key Password

Description: The password for the sign/encrypt private key in the SAML keystore.
Related Name
Default Value
API Name: saml_key_password
Required: false

SAML Keystore Password

Description: The password for the SAML keystore.
Related Name
Default Value
API Name: saml_keystore_password
Required: false

Path to SAML Keystore File

Description: The filesystem path to the keystore file containing the SP private key and any necessary public certificates to validate the IDP.
Related Name
Default Value
API Name: saml_keystore_path
Required: false

SAML Login URL

Description: If your IDP does not support SP-initiated SSO (very uncommon), you use a separate login URL, outside of Cloudera Manager. Provide that URL here so that Cloudera Manager can use it when a user needs to log in.
Related Name
Default Value
API Name: saml_login_url
Required: false

Path to SAML IDP Metadata File

Description: The filesystem path to the IDP metadata XML file.
Related Name
Default Value
API Name: saml_metadata_path
Required: false

SAML Attribute Identifier for User Role

Description: The URN OID that will identify the user's role in the SAML attributes. Only has an effect when 'Attribute' based role assignment is used.
Related Name
Default Value: urn:oid:2.5.4.11
API Name: saml_oid_role
Required: true

SAML Attribute Identifier for User ID

Description: The URN OID that will identify the user's ID in the SAML attributes.
Related Name
Default Value: urn:oid:0.9.2342.19200300.100.1.1
API Name: saml_oid_user
Required: true

SAML Response Binding

Description: The SAML Binding format that the IDP is asked to use when sending authentication responses.
Related Name
Default Value: ARTIFACT
API Name: saml_response_binding
Required: true

SAML Role Assignment Mechanism

Description: The mechanism to use for assigning roles to users. 'Attribute' assigns roles based on a SAML attribute. 'Script' assigns roles based on the result of an external script.
Related Name
Default Value: ATTRIBUTE
API Name: saml_role_mapper
Required: true

Path to SAML Role Assignment Script

Description: An external script (or binary) to use to assign roles to SAML users. The username is passed as the first command-line argument. You can configure the return codes for the external script on the Roles page. A negative return value indicates a failure.
Related Name
Default Value
API Name: saml_role_script
Required: false

SAML Message Signing Algorithm

Description: Sets the signing algorithm to use when signing the SAML messages.
Related Name
Default Value: RSA_SHA512
API Name: saml_signature_algo
Required: false

SAML Single Logout (SLO)

Description: When enabled, Cloudera Manager sends a Single Logout (SLO) request to the Identity Provider (IdP).
Related Name
Default Value: false
API Name: saml_slo
Required: true

Source of User ID in SAML Response

Description: Whether the user ID should be obtained from the SAML response's NameID field or from an attribute
Related Name
Default Value: ATTRIBUTE
API Name: saml_user_source
Required: true

Kerberos

Active Directory Account Prefix

Description: Prefix used in names while creating accounts in Active Directory. The prefix can be up to 15 characters long and can be set to identify accounts used for authentication by CDH processes. Used only if Active Directory KDC is used for authentication.
Related Name
Default Value
API Name: ad_account_prefix
Required: false

Active Directory Account Properties

Description: Active Directory account properties used in credential generation. Used only if Active Directory KDC is being used for authentication. Only accountExpires is supported.
Related Name
Default Value: accountExpires=0, objectClass=top, objectClass=person, objectClass=organizationalPerson, objectClass=user
API Name: ad_account_properties
Required: false

Active Directory Delete Accounts on Credential Regeneration

Description: Set this option to true if regeneration of credentials should automatically delete the associated Active Directory accounts. Used only if Active Directory KDC is used for authentication.
Related Name
Default Value: false
API Name: ad_delete_on_regenerate
Required: false

Active Directory Suffix

Description: Active Directory suffix where all the accounts used by CDH daemons will be created. Used only if Active Directory KDC is being used for authentication.
Related Name
Default Value: ou=hadoop, DC=hadoop, DC=com
API Name: ad_kdc_domain
Required: true

Active Directory LDAP Port

Description: Port to use for LDAP when using Active Directory for authentication. This port is going to transmit encrypted information protected by Kerberos SASL.
Related Name
Default Value: 389
API Name: ad_ldap_port
Required: true

Active Directory LDAPS Port

Description: Port to use for LDAP over TLS/SSL when using Active Directory for authentication.
Related Name
Default Value: 636
API Name: ad_ldaps_port
Required: true

Active Directory Password Properties

Description: Active Directory password properties used in password generation. Used only if Active Directory KDC is being used for authentication.
Related Name
Default Value: length=12, minLowerCaseLetters=2, minUpperCaseLetters=2, minDigits=2, minSpaces=0, minSpecialChars=0, specialChars=?.!$%^*()-_+=~
API Name: ad_password_properties
Required: false

Active Directory Set Encryption Types

Description: Set this option to true if creation of Active Directory accounts should automatically turn on the associated encryption types represented by the msDS-EncryptionTypes field. Used only if Active Directory KDC is used for authentication.
Related Name
Default Value: false
API Name: ad_set_encryption_types
Required: false

Custom Kerberos Keytab Retrieval Script

Description: Specify the path to a custom script (or executable) to retrieve a Kerberos keytab. The script should take two arguments: a destination file to write the keytab to, and the full principal name to retrieve the key for. If this property is specified, Cloudera Manager ignores all other properties specified for Kerberos setup.
Related Name
Default Value
API Name: gen_keytab_script
Required: false

Active Directory Domain Controller Override

Description: If multiple Active Directory Domain Controllers are behind a load-balancer, Cloudera Manager should be provided with the address of one of them. Cloudera Manager then sends commands to create accounts to that Domain Controller only. Note: This setting is used only while creating accounts. CDH services use the value entered in the KDC Server Host field only while authenticating.
Related Name
Default Value
API Name: kdc_account_creation_host_override
Required: false

KDC Admin Server Host

Description: Host where the KDC Admin server is located. Port number is optional and can be provided as hostname[:port]
Related Name: admin_server
Default Value
API Name: kdc_admin_host
Required: false

KDC Server Host

Description: Host where the KDC server is located. Port number is optional and can be provided as hostname[:port]
Related Name: kdc
Default Value
API Name: kdc_host
Required: false

KDC Type

Description: Type of KDC used for authentication in CDH clusters
Related Name
Default Value: MIT KDC
API Name: kdc_type
Required: true

DNS Lookup KDC

Description: Indicate whether DNS SRV records should be used to locate the KDCs and other servers for a realm, if they are not listed in the krb5.conf information for the realm.
Related Name: dns_lookup_kdc
Default Value: false
API Name: krb_dns_lookup_kdc
Required: true

Domain Name(s)

Description: Domain(s) which are mapped to this Kerberos Realm. This is used to generate [domain_realm] section. Also, the first domain is used as default_domain in [realms] section
Related Name
Default Value
API Name: krb_domain
Required: false

Kerberos Encryption Types

Description: Encryption types supported by KDC. Note: To use AES encryption, make sure you have deployed JCE Unlimited Strength Policy File by following the instructions here.
Related Name
Default Value: rc4-hmac
API Name: krb_enc_types
Required: false

Forwardable Tickets

Description: If this flag is true, initial tickets will be forwardable by default, if allowed by the KDC.
Related Name: forwardable
Default Value: true
API Name: krb_forwardable
Required: true

KDC Timeout

Description: The maximum time to wait for a reply from the KDC. A time of 0 seconds means "use the client's default".
Related Name: kdc_timeout
Default Value: 3 second(s)
API Name: krb_kdc_timeout
Required: false

krb5.conf file path

Description

Set the path to the krb5.conf file for all Cloudera processes. This is a required field with a default value of '/etc/krb5.conf'. If the option 'Manage krb5.conf through Cloudera Manager' is not selected, you must copy the /etc/krb5.conf file to all cluster hosts. Note: If you configure a non-default file path (default path is /etc/krb5.conf) the KDC services must be configured by your system administrator. Also, check the documentation to add the new krb5.conf path to Cloudera Manager Server to avoid KDC health check failures.

note

Without the default krb5.conf path, client applications on the hosts could fail to authenticate with Kerberos. If you are using a custom Kerberos path, it is imperative to configure the KRB5_CONFIG environment variable to point to the custom path. For example,

export KRB5_CONFIG=/etc/hadoop/test1/krb5.conf

See Defining a custom Kerberos configuration path for a cluster running with Kerberos for more information.

Related Name

Default Value

/etc/krb5.conf

API Name

krb_krb5_conf_path

Required

true

Advanced Configuration Snippet (Safety Valve) for [libdefaults] section of krb5.conf

Description: For advanced use only. Any text here will be emitted verbatim in the [libdefaults] section of krb5.conf.
Related Name
Default Value
API Name: krb_libdefaults_safety_valve
Required: false

Manage krb5.conf through Cloudera Manager

Description: Whether Cloudera Manager should configure and deploy krb5.conf on secure clusters. If this option is not selected, then you must ensure that krb5.conf is deployed on all hosts in a secure cluster, including the Cloudera Manager Server host. Note: If you configure a non-default file path (default path is /etc/krb5.conf) the KDC services must be configured by your system administrator. Also, check the documentation to add the new krb5.conf path to Cloudera Manager Server to avoid KDC health check failures.
Related Name
Default Value: false
API Name: krb_manage_krb5_conf
Required: false

Advanced Configuration Snippet (Safety Valve) for remaining krb5.conf

Description: For advanced use only. Cloudera Manager configures the [libdefaults], [realms] and [domain_realm] section of krb5.conf. Any text here will be emitted verbatim after them in krb5.conf.
Related Name
Default Value
API Name: krb_other_safety_valve
Required: false

Advanced Configuration Snippet (Safety Valve) for the Default Realm in krb5.conf

Description: For advanced use only. Any text here will be emitted verbatim in the [realms] section of krb5.conf for the specified security realm. If you want to add realms besides the default one, configure them using Advanced Configuration Snippet (Safety Valve) for remaining krb5.conf.
Related Name
Default Value
API Name: krb_realms_safety_valve
Required: false

Kerberos Renewable Lifetime

Description: Default renewable lifetime for initial ticket requests.
Related Name: renew_lifetime
Default Value: 7 day(s)
API Name: krb_renew_lifetime
Required: true

Kerberos Ticket Lifetime

Description: Default lifetime for initial ticket requests.
Related Name: ticket_lifetime
Default Value: 1 day(s)
API Name: krb_ticket_lifetime
Required: true

Maximum Renewable Life for Principals

Description: Maximum renewable lifetime for Kerberos principals generated by Cloudera Manager. This property is used only if MIT KDC is used. Set this property to zero if the KDC should provide the maximum renewable lifetime. Note: Principals with non-renewable tickets are not recommended because they can prevent Hadoop services from functioning.
Related Name
Default Value: 5 day(s)
API Name: max_renew_life
Required: true

Kerberos Security Realm

Description: The realm to use for Kerberos security. Note: Changing this setting would clear up all existing credentials and keytabs from Cloudera Manager.
Related Name: default_realm
Default Value: HADOOP.COM
API Name: security_realm
Required: true

Kerberos Trusted Realms

Description: List of Kerberos realms that all services on this Cloudera Manager should trust. This parameter is used to configure and verify krb5.conf file. The parameter is auto-configured while adding a peer, but it is recommended that users ensure the values are correct.
Related Name: trusted_realms
Default Value
API Name: trusted_realms
Required: false

Monitoring

Cross Entity Aggregate Generation Filters

Description

Specifies two filters, a blacklist and a whitelist, that impact cross-entity aggregates generated by the Cloudera Manager monitoring system. By default, cross-entity aggregates are generated for all types. The blacklist entries can be used to disable generation of cross-entity aggregates, and whitelist entries can be used to force their creation.The JSON structure of this field is as follows:

blacklist - A filter that when matched will prevent cross-entity aggregate creation. The structure of the filter is outlined below.
whitelist - A filter that when matched will force cross-entity aggregate creation. The structure of the filter is outlined below. This filter takes precedence over the blacklist filter, so if both are matched, an aggregate will be generated.

The JSON structure of either filter is as follows:

types - A list of entries in the following format sourceType::targetType::aggregateMetricType, e.g. DATANODE::RACK::STATISTICAL.
streams - A list of entries in the following format sourceType::targetType::metricName::aggregateMetricType, e.g. HOST::CLUSTER::fd_open::TOTAL.

In the above filters the source and target types are entity type strings used within the metric system. ROLE, SERVICE and ALL are wildcards that match all role types, service types and all types respectively. Metrics are referred to by their user facing names, so counter-based metrics will be in _rate form. The two types of aggregate metrics are TOTAL and STATISTICAL.After making changes to this field, both the Cloudera Manager Server and the Service and Host Monitors should be restarted.For advanced use only. You could break Cloudera Manager charting and health functionality by editing this field.

Related Name

Default Value

blacklist: streams : [ ], types : [ KUDU_REPLICA::KUDU_TABLET::STATISTICAL ] , whitelist: streams : [ ], types : [ ]

API Name

cross_entity_aggregate_filters

Required

false

Set health status to Bad if the Agent heartbeats fail

Description: If an Agent fails to send this number of expected consecutive heartbeats to the Server, a "Bad" health status is assigned to that Agent.
Related Name
Default Value: 10 time(s)
API Name: missed_hb_bad
Required: true

Set health status to Concerning if the Agent heartbeats fail

Description: If an Agent fails to send this number of expected consecutive heartbeats to the Server, a "Concerning" health status is assigned to that Agent.
Related Name
Default Value: 5 time(s)
API Name: missed_hb_concerning
Required: true

Network

No Proxy List

Description: The no proxy list setting to include comma separated list of Cloudera specific names or IP addresses to avoid internal traffic routing through the Internet, also supports wildcard values e.g. "*.cloudera.site, localhost, 172.0.0.1, 169.254.169.254, 170.254.169.254, 169.254.169.255".
Related Name
Default Value
API Name: parcel_no_proxy_list
Required: false

Proxy Password

Description: The basic authentication password for the proxy.
Related Name
Default Value
API Name: parcel_proxy_password
Required: false

Proxy Port

Description: The port for the proxy server to be used when the Cloudera Manager Server accesses the Internet, such as when downloading parcels and uploading diagnostic data.
Related Name
Default Value
API Name: parcel_proxy_port
Required: false

Proxy Protocol

Description: The protocol to use for the proxy server when the Cloudera Manager Server accesses the Internet, such as when downloading parcels and uploading diagnostic data.
Related Name
Default Value: HTTP
API Name: parcel_proxy_protocol
Required: true

Proxy Server

Description: The proxy server to be used when the Cloudera Manager Server accesses the Internet, such as when downloading parcels and uploading diagnostic data.
Related Name
Default Value
API Name: parcel_proxy_server
Required: false

Proxy User

Description: The basic authentication user name for the proxy.
Related Name
Default Value
API Name: parcel_proxy_user
Required: false

Enable Automatic Authentication for Cloudera Repositories

Description: You must enable this option if you are accessing Cloudera Repositories that require authentication. Cloudera Manager will use the configured HTTP authentication override username and password if configured, or the information from the installed license. You can disable this option if you are using local repository mirrors, if you have an internal alias or mirror to archive.cloudera.com, or if you are only using the public Cloudera Repositories that do not require authentication.
Related Name
Default Value: true
API Name: remote_repo_auth
Required: false

HTTP authentication password override for Cloudera Repositories

Description: Use this only in consultation with Cloudera Support. Specify an override password for HTTP authentication for Cloudera Repositories. You must also specify HTTP authentication override username.
Related Name
Default Value
API Name: remote_repo_override_password
Required: false

HTTP authentication username override for Cloudera Repositories

Description: Use this only in consultation with Cloudera Support. Specify an override username for HTTP authentication for Cloudera Repositories. You must also specify an HTTP authentication override password.
Related Name
Default Value
API Name: remote_repo_override_user
Required: false

Other

ECS App Domain Unique Regex

Description: The regex used to identify the unique portion of the App domain name that will be extracted and used as the default environment name generated during ECS installation. There can only be one unique portion of the regex and it must be enclosed in parentheses. The default regex will use the first layer of the App Domain name as the default environment name. e.g. With an App Domain name "cloudera-test.cloudera.com", "cloudera-test" will be used as the default environment name.
Related Name
Default Value: ^([^.]*)
API Name: app_domain_unique_regex
Required: false

CDP Private Cloud Repository URLs

Description: URLs of the remote repositories where Cloudera Manager can download the CDP Private Cloud installer. There should be a manifest.json under these URLs. If you are using local mirror repositories, do not delete these local mirrors until after the corresponding CDP Private Cloud deployment has been upgraded or uninstalled.
Related Name
Default Value: https://archive.cloudera.com/p/cdp-pvc-ds/latest
API Name: cdppc_repo_urls
Required: false

Custom Banner Text

Description: The custom banner is used to display customer specific text in the header area.
Related Name
Default Value
API Name: custom_banner_html
Required: false

Custom Header Color

Description: The custom header color is used to distinguish different instances of Cloudera Manager.
Related Name
Default Value: BLACK
API Name: custom_header_color
Required: true

Custom Information Assurance Policy Text

Description: An information assurance policy statement that must be agreed to in order for a user to login.
Related Name
Default Value
API Name: custom_ia_policy
Required: false

Delete idle host principals (FreeIPA only)

Description: Delete idle host principals when no service principals are running on the hosts. Only applies when FreeIPA is used as the Kerberos KDC.
Related Name
Default Value: false
API Name: delete_host_principal_ipa
Required: true

Enable Embedded Database Check

Description: When this option is unchecked, warnings about the embedded PostgreSQL database are suppressed.
Related Name
Default Value: true
API Name: enable_embedded_db_check
Required: false

Enable Events Widget Auto-Search

Description: When enabled, the Events widget at the bottom of many pages will auto-fire its default search on page load.
Related Name
Default Value: true
API Name: events_widget_search_on_load
Required: true

Maximum Cluster Count Shown In Full

Description: When the number of clusters exceeds this number, only the cluster summary information will be shown on the home page.
Related Name
Default Value: 2
API Name: home_page_full_limit
Required: true

System Identifier

Description: An identifier for this system, to be included with diagnostic data bundles.
Related Name
Default Value: default
API Name: system_identifier
Required: true

Parcels

Automatically Distribute Available Parcels

Description: Whether available parcels should be automatically distributed to any cluster that already has parcels of the same product.
Related Name
Default Value: false
API Name: distribute_parcels_automatically
Required: true

Automatically Download New Parcels

Description: Whether new parcels discovered on the remote parcel repository should be automatically downloaded.
Related Name
Default Value: false
API Name: download_parcels_automatically
Required: true

Cloudera Manager Manages Parcels

Description: Whether Cloudera Manager should manage which parcels should be present on all managed hosts.
Related Name
Default Value: true
API Name: manages_parcels
Required: true

Automatically Downloaded Products

Description: If automatic parcel downloading is enabled, the list of products that will be downloaded.
Related Name
Default Value: CDH
API Name: parcel_autodownload_products
Required: false

Automatically Remove Old Parcels

Description: Whether parcels for old versions of an activated product should be removed from a cluster when they are no longer in use.
Related Name
Default Value: false
API Name: parcel_cleanup_automatically
Required: true

Number of Old Parcel Versions to Retain

Description: If automatic removal of old parcels is enabled, this specifies the number of old parcels to keep. Any old parcels beyond this value will be removed. If this is set to zero, no old parcels will be retained.
Related Name
Default Value: 3
API Name: parcel_cleanup_threshold
Required: true

Parcel Distribution Rate Limit

Description: Per-second rate limit for parcel distribution. The default of 50MiB/second allows for parcel distribution to saturate about half of a Gigabit link.
Related Name
Default Value: 50 MiB
API Name: parcel_distribute_rate_limit_kbs_per_second
Required: true

Automatically Install CSD Repo URLs

Description: Each CSD may specify a parcel repo URL. If set to true, Cloudera Manager will automatically scan CSDs and add these URLs to the list of parcel repo URLs on every startup of Cloudera Manager. Uncheck this if you only want custom URLs to be present in the list.
Related Name
Default Value: true
API Name: parcel_install_csd_repo_urls
Required: false

Maximum Parcel Uploads

Description: Maximum number of concurrent uploads allowed to distribute parcels to individual hosts. The maximum allowed number of concurrent uploads is 50.
Related Name
Default Value: 10
API Name: parcel_max_upload
Required: true

Apply Permissions with respect to files installed by the parcels

Description: Apply Permissions for files installed by the parcels
Related Name
Default Value: true
API Name: parcel_permissions
Required: true

Validate Parcel Relations

Description: Enforce that parcel dependencies are satisfied and conflicts are prevented when activating parcels. Parcel relations (Depends, Conflicts, and Replaces) can be defined in the manifests of parcel repositories. Cloudera Manager can also enforce some default relations if none are defined in the manifest.
Related Name
Default Value: true
API Name: parcel_relation_validation
Required: true

Local Parcel Repository Path

Description: Path to the local package parcel repository from which binaries are served to the Agents.
Related Name
Default Value: /opt/cloudera/parcel-repo
API Name: parcel_repo_path
Required: true

Create System-Wide Symlinks for Active Parcels

Description: Whether system-wide symlinks should be created for the active parcels (for example, /usr/bin/hadoop).
Related Name
Default Value: true
API Name: parcel_symlinks
Required: true

Parcel Update Frequency

Description: How often to check local and remote parcel repositories for new parcels and if any old parcels should be cleaned up. Setting a value of 0 disables the parcel check.
Related Name
Default Value: 1 hour(s)
API Name: parcel_update_freq
Required: true

Create Users and Groups for Parcels

Description: Whether a parcel's specified users, groups created. This may not be desired if custom users and groups are being used, or if they have to be created externally.
Related Name
Default Value: true
API Name: parcel_users_groups
Required: true

Remote Parcel Repository URLs

Description: URLs of the remote parcel repositories where Cloudera Manager checks for new parcels. When checking for new parcels, Cloudera Manager sends the ID of the server and the server version to the repository host. The special variable {latest_supported} is replaced with the latest version of CDH that Cloudera Manager supports when checks are made.
Related Name
Default Value: https://archive.cloudera.com/p/cdh7/latest_supported/parcels/ https://archive.cloudera.com/cdh7/latest_supported/parcels/ https://parcels.repos.intel.com/mkl/latest
API Name: remote_parcel_repo_urls
Required: false

Retain Downloaded Parcel Files

Description: Whether downloaded parcel files be kept by Agents after they have been unpacked. Keeping the parcel files consumes additional disk space but allows downloads to be avoided if the parcel ever needs to be unpacked again.
Related Name
Default Value: true
API Name: retain_parcels_in_cache
Required: true

Performance

Send Agent heartbeat every

Description: The interval between each heartbeat that is sent from Agents to the server
Related Name
Default Value: 15 second(s)
API Name: heartbeat_interval
Required: true

Agent heartbeat requester

Description: Whether heartbeat request must be made on-demand instead of relying on the next periodic heartbeat. System property setting "cmf.heartbeat.enableExplicit=false" takes precedence over this configuration.
Related Name
Default Value: true
API Name: heartbeat_requester
Required: true

Ports and Addresses

Agent Port to connect to Server

Description: Specify the port for Agents to use to connect to the Server. Must be 1024 or higher.
Related Name
Default Value: 7182
API Name: agent_port
Required: true

Cloudera Manager Hostname Override

Description: Override to use for Cloudera Manager's hostname. Normally this is determined automatically, but this can be used if InetAddress.getLocalhost() is returning the loopback address.
Related Name
Default Value
API Name: cm_host_name
Required: false

Cloudera Manager Frontend URL

Description: If you are using a proxy such as Knox or a load balancer to access Cloudera Manager, specify the frontend URL of that proxy here. This will be used as a prefix for generating URLs and quick links. This should be in the form of https://server:port and should not contain any path information starting at /cmf. After making a change, restart the Event Server role to ensure all emails are generated using this url.
Related Name: frontend_url
Default Value
API Name: frontend_url
Required: false

HTTP Port for Admin Console

Description: Specify the HTTP port to use to access the Server via the Admin Console. Must be 1024 or higher.
Related Name
Default Value: 7180
API Name: http_port
Required: true

HTTPS Port for Admin Console

Description: Specify the HTTPS port to use to access the Server via the Admin Console. Must be 1024 or higher.
Related Name
Default Value: 7183
API Name: https_port
Required: true

Replication

The Replication page should be always visible

Description: The Replication page is by default not visible for non "Replication Administrator" users. Enable this to allow readonly access to the replication pages for non "Replication Administrator" users.
Related Name
Default Value: false
API Name: bdr_pages_always_visible
Required: true

Custom Kerberos Keytab Location (to be used for replication for secure clusters on this Cloudera Manager)

Description: Define a custom Kerberos keytab location on the Cloudera Manager host to use for replication. If this configuration is specified, the "Custom Kerberos Principal Name" must also be specified. The keytab should be owned by the user running the Cloudera Manager server process (typically "cloudera-scm") and should be configured with a filesystem access control of "0400".
Related Name
Default Value
API Name: bdr_replication_kerberos_keytab_location
Required: false

Custom Kerberos Principal Name (to be used for replication for secure clusters on this Cloudera Manager)

Description: Define a custom Kerberos principal name with an entry in the custom keytab defined in "Custom Kerberos Keytab Location". The principal should be a fully qualified name of an existing principal (eg. adminuser@MY.COMPANY.COM) and the principal must have an entry in the keytab specified in "Custom Kerberos Keytab Location". The principal should also be a superuser in all distributed file system services on secure clusters in this Cloudera Manager.
Related Name
Default Value
API Name: bdr_replication_kerberos_principal_name
Required: false

Reports

Report Configurations

Description: List of configurations for the Cluster Utilization Report.
Related Name
Default Value: [ name: Default, tenantType: POOL, daysOfWeek: [], isAllDay: true, startHourOfDay: 0, endHourOfDay: 23 , name: Weekdays, tenantType: POOL, daysOfWeek: [1, 2, 3, 4, 5], isAllDay: true, startHourOfDay: 0, endHourOfDay: 23 ]
API Name: report_configurations
Required: true

Security

Use TLS Encryption for Agents

Description: Select this option to enable TLS encryption between the Server and Agents.
Related Name
Default Value: false
API Name: agent_tls
Required: false

JKS Keystore File Password for Automatic TLS configuration

Description: The password for JKS keystore file used for automatic TLS configuration of Cloudera Manager server, agent and services.
Related Name
Default Value
API Name: auto_tls_keystore_password
Required: false

JKS Truststore File Password for Automatic TLS configuration

Description: The password for JKS truststore file used for automatic TLS configuration of Cloudera Manager server, agent and services.
Related Name
Default Value
API Name: auto_tls_truststore_password
Required: false

Automatic configuration of TLS for services

Description: Allows automatic configuration of TLS for services using Cloudera Manager's TLS configuration without specifying TLS related settings like keystore path, password etc. for each service.
Related Name
Default Value: NONE
API Name: auto_tls_type
Required: false

Redaction Parameters for Diagnostic Bundles

Description: Note: Do not edit this property in the classic layout. Switch to the new layout to edit and test your rules inline.Use this property to define a list of rules to be followed for redacting sensitive information from diagnostic bundles. Click + to add a new redaction rule. You can choose one of the preconfigured rules or add a custom rule. When specifying a custom rule, the Search field should contain a regular expression to be matched against the data. If a match is found, it is replaced by the contents of the Replace field.Trigger is an optional field. It can be used to specify a simple string to be searched in the data. If the string is found, the redactor attempts to find a match for the Search regex. If no trigger is specified, redaction occurs by matching the Search regular expression. Use the Trigger field to enhance performance: simple string matching is faster than regular expression matching.Test your rules by entering sample text into the Test Redaction Rules text box and clicking Test Redaction. If no rules match, the text you entered is returned unchanged.
Related Name
Default Value: version: 1, rules: [ description: Redact passwords from json files, caseSensitive: false, trigger: password, search: \password\[ ]*:[ ]*\[^\]+\, replace: \password\: \BUNDLE-REDACTED\ , description: Redact password= and password:, caseSensitive: false, trigger: password, search: password[:=][^ \\\\\]+, replace: password=BUNDLE-REDACTED , description: Redact passwd= and passwd:, caseSensitive: false, trigger: passwd, search: passwd[:=][^ \\\\\]+, replace: passwd=BUNDLE-REDACTED , description: Redact pass= and pass:, caseSensitive: false, trigger: pass, search: pass[:=][^ \\\\\]+, replace: pass=BUNDLE-REDACTED , description: Redact PASSWORD, , caseSensitive: false, trigger: PASSWORD, , search: PASSWORD, [^\\\\\]+, replace: PASSWORD, BUNDLE-REDACTED , description: Redact key= and key:, caseSensitive: false, trigger: key, search: key[:=][^ \\\\\]+, replace: key=BUNDLE-REDACTED , description: Redact secret= and secret:, caseSensitive: false, trigger: secret, search: secret[:=][^ \\\\\]+, replace: secret=BUNDLE-REDACTED , description: Redact credential= and credential:, caseSensitive: false, trigger: credential, search: credential[:=][^ \\\\\]+, replace: credential=BUNDLE-REDACTED , description: Redact token= and token:, caseSensitive: false, trigger: token, search: token[:=][^ \\\\\]+, replace: token=BUNDLE-REDACTED , description: Redact keyid= and keyid:, caseSensitive: false, trigger: keyid, search: keyid[:=][^ \\\\\]+, replace: keyid=BUNDLE-REDACTED ]
API Name: diag_bundle_redaction_policy
Required: false

Host certificate generator command.

Description: Utility to be executed on CM server host to generate certificates for a new host. Host name will be passed as the sole positional argument. The process is expected to write to stdout a zip file containing keys/certificates.
Related Name
Default Value
API Name: host_cert_generator
Required: false

Cloudera Manager TLS/SSL Server Keystore File Password

Description: The password for the Cloudera Manager keystore file.
Related Name
Default Value
API Name: keystore_password
Required: false

Cloudera Manager TLS/SSL Server Keystore File Location

Description: The path to the TLS/SSL keystore file containing the server certificate and private key used for TLS/SSL. Used when Cloudera Manager is acting as a TLS/SSL server. The keystore must be in the format specified in Administration > Settings > Java Keystore Type.
Related Name
Default Value
API Name: keystore_path
Required: false

Java Keystore Type

Description: Type of Java keystore used for all keystores and trust stores. Default value is set to JKS. Some types may require a crypto provider to be configured. Example values: JKS, JCEKS, PKCS12, BCFKS. Note: Default value for CM running in FIPS mode is BCFKS.
Related Name
Default Value: jks
API Name: keystore_type
Required: false

Show Last Login

Description: When enabled, shows the last login details for the current user in the user profile.
Related Name
Default Value: true
API Name: last_login_enabled
Required: false

Verify Agent Hostname Against Certificate

Description: Select this option to verify that agent hostnames must match their TLS client certificates.
Related Name
Default Value: true
API Name: need_agent_hostname_validation
Required: true

Use TLS Authentication of Agents to Server

Description: Select this option to enable TLS Authentication of Agents to the Server.
Related Name
Default Value: false
API Name: need_agent_validation
Required: true

Minimum password length

Description: Minimum number of characters, including letters, digits, and special characters required in the password for local Cloudera Manager users.
Related Name
Default Value: 0
API Name: password_min_length
Required: false

Minimum number of digits required in password

Description: Specifies the minimum number of digits required in the password.
Related Name
Default Value: 0
API Name: password_min_no_of_digits
Required: false

Minimum number of letters required in password

Description: Specifies the minimum number of letters required in the password.
Related Name
Default Value: 0
API Name: password_min_no_of_letters
Required: false

Minimum number of special characters required in password

Description: Specifies the minimum number of non-alphanumeric characters required in the password.
Related Name
Default Value: 0
API Name: password_min_no_of_special_chars
Required: false

HTTP Referer Check

Description: Whether to verify "Referer" in HTTP header for state changing requests. This protects against cross-site request forgery, but may need to be turned off if browsers or proxies in your environment do not specify the header.
Related Name
Default Value: true
API Name: referer_check
Required: true

Maximum Number of Active User Sessions

Description: Restrict users to a certain number of active sessions at a time. If set, a user is limited to the specified number of sessions, and the oldest session is terminiated if the user logs in somewhere else. If not set, users can be logged in from as many places as they choose. If the user has 'Remember Me' turned on, or SAML is used for authentication, the user is automatically logged back in each time the session is ended. '0' means no limit is applied.
Related Name
Default Value: 0
API Name: session_limit_concurrency
Required: true

Allow 'Remember Me' Option

Description: Whether to allow a user to select 'Remember Me' when logging in. If this is set, the user will not need to log in again for two weeks (unless the server is restarted during that time). If the user chooses 'Remember Me', then the session timeout is ignored.
Related Name
Default Value: true
API Name: session_remember_me
Required: true

Session Timeout

Description: The length of time a user's session can be idle for before the user must log in again.
Related Name
Default Value: 30 minute(s)
API Name: session_timeout
Required: true

Show Stacktraces On Error Pages

Description: Control whether stacktraces are shown on error pages. While stacktraces help with debugging, they can sometimes expose sensitive information to a potentially malicious user.
Related Name
Default Value: false
API Name: show_stacktraces
Required: true

Server SSL Certificate Host Name

Description: Host name associated with CM Server SSL certificate to be passed to configuration of newly added host as the host agents are to connect to.
Related Name
Default Value
API Name: ssl_certificate_hostname
Required: false

Supported SSL/TLS versions

Description: The SSL/TLS protocol versions to accept HTTPS connections from. Note that the available cipher suites also affect which protocol versions can be negotiated, and some cipher suites are only available in higher versions.
Related Name
Default Value: TLSv1.2
API Name: supported_tls_versions
Required: true

Cloudera Manager TLS/SSL Trust Store Password

Description: The password for the Cloudera Manager TLS/SSL Trust Store File. This password is not required to access the trust store; this field can be left blank. This password provides optional integrity checking of the file. The contents of trust stores are certificates, and certificates are public information.
Related Name
Default Value
API Name: truststore_password
Required: false

Cloudera Manager TLS/SSL Trust Store File

Description: The location on disk of the trust store, in .jks format, used to confirm the authenticity of TLS/SSL servers that Cloudera Manager might connect to. This trust store must contain the certificate(s) used to sign the service(s) connected to. If this parameter is not provided, the default list of well-known certificate authorities is used instead.
Related Name
Default Value
API Name: truststore_path
Required: false

Use TLS Encryption for Admin Console

Description: Enable TLS encryption (HTTPS) between the user and the Cloudera Manager Admin Console. When checked, the HTTPS port will be used.
Related Name
Default Value: false
API Name: web_tls
Required: false

Support

Audit Records Eviction Frequency

Description: Frequency (in hours) to remove records from Cloudera Manager Audit table. Setting it to 0 will disable this function.
Related Name
Default Value: 23 hour(s)
API Name: audit_records_evict_frequency
Required: false

Audit Records batch eviction size

Description: Audit records are removed in batches. This field configures the size of the batch.
Related Name
Default Value: 0
API Name: audit_records_evict_no_of_records
Required: false

Audit Records Eviction Control

Description: Enable removal of records from Cloudera Manager Audit table. None means stop removing audit records.
Related Name
Default Value: HOUR
API Name: audit_records_evit_schedule
Required: true

Audit Records Life Time

Description: Remove Audit Records older than the configured date
Related Name
Default Value
API Name: audit_records_life_time
Required: false

Number of Diagnostic Bundles to Keep

Description: The maximum number of command results to keep before deleting them from local storage. This property is used for the commands that generate large result files. A value of -1 indicates no limit.
Related Name
Default Value: 10
API Name: cluster_stats_count
Required: false

Scheduled Diagnostic Data Size (MB)

Description: Approximate size in MB of scheduled diagnostic data bundle
Related Name
Default Value: 100
API Name: cluster_stats_default_size_mb
Required: false

Use HTTPS to Upload Diagnostic Data

Description: Whether to use HTTPS to upload diagnostic data bundles instead of the now-deprecated SFTP. Uses proxy settings from the network setting.
Related Name
Default Value: true
API Name: cluster_stats_http
Required: true

Diagnostic Data Bundle Directory

Description: Local directory to store diagnostic data bundles. Leave blank to store bundles for 24 hours. This directory must be writable by the cloudera-scm user.
Related Name
Default Value
API Name: cluster_stats_path
Required: false

Scheduled Diagnostic Data Collection Frequency

Description: Frequency of automatically collecting diagnostic data and sending to Cloudera support.
Related Name
Default Value: WEEKLY
API Name: cluster_stats_schedule
Required: true

Scheduled Diagnostic Data Collection Time

Description: Time of day to collect and send diagnostic data to Cloudera
Related Name
Default Value
API Name: cluster_stats_start
Required: false

Diagnostic Data Temp Directory

Description: Local path to assemble diagnostic data bundles. Leave blank to assemble these bundles in your JVM temp directory. Set this value if you run out of disk space while collecting diagnostic data.
Related Name
Default Value
API Name: cluster_stats_tmp_path
Required: false

Collect Cloudera Manager database copy with Diagnostic Data Bundle

Description: Allows the Server to create Cloudera Manager database copy and ship it with diagnostic data bundle for debugging purposes.
Related Name
Default Value: false
API Name: cm_db_dump
Required: true

Cloudera Manager Database Table Names to skip

Description: List of tables to ignore while collecting Cloudera Manager Database dump
Related Name
Default Value
API Name: cm_db_dump_list_to_ignore_tables
Required: false

Cloudera Manager Database bundle size (MB)

Description: The maximum size of the Cloudera Manager database copy to be included with the Diagnostic Bundle
Related Name
Default Value: 1024
API Name: cm_db_dump_size_mb
Required: false

Diagnostic Bundle Collection Thread Pool Size

Description: Maximum limit of threads used by Cloudera Manager during diagnostic bundle
Related Name
Default Value: 128
API Name: diag_bundle_max_threads
Required: false

Diagnostic Bundle Scale Factor

Description: Scaling factor is directly proportional to the time taken to collect diagnostic bundle. Increase this value to reduce the timeouts during data collection
Related Name
Default Value: 0.133
API Name: diag_bundle_scale_out_factor
Required: false

Send Diagnostic Data to Cloudera Automatically

Description: Allows the Server to automatically send diagnostic data when a collection is triggered.
Related Name
Default Value: true
API Name: phone_home
Required: true

Stale Process Threshold Days

Description: Stale processes are ones that have been stopped. Cloudera Manager removes information about these stale processes from the Cloudera Manager Database after a configurable number of days. This field allows changing that number of days.
Related Name
Default Value: 1 day(s)
API Name: stale_process_threshold
Required: false

Suppressions

Suppress Parameter Validation: Active Directory Account Prefix

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Active Directory Account Prefix parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_ad_account_prefix
Required: true

Suppress Parameter Validation: Active Directory Suffix

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Active Directory Suffix parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_ad_kdc_domain
Required: true

Suppress Parameter Validation: Active Directory LDAP Port

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Active Directory LDAP Port parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_ad_ldap_port
Required: true

Suppress Parameter Validation: Active Directory LDAPS Port

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Active Directory LDAPS Port parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_ad_ldaps_port
Required: true

Suppress Parameter Validation: Agent Port to connect to Server

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Agent Port to connect to Server parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_agent_port
Required: true

Suppress Parameter Validation: ECS App Domain Unique Regex

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the ECS App Domain Unique Regex parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_app_domain_unique_regex
Required: true

Suppress Parameter Validation: External Authentication Program Path

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the External Authentication Program Path parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_auth_script
Required: true

Suppress Parameter Validation: JKS Keystore File Password for Automatic TLS configuration

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the JKS Keystore File Password for Automatic TLS configuration parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_auto_tls_keystore_password
Required: true

Suppress Parameter Validation: JKS Truststore File Password for Automatic TLS configuration

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the JKS Truststore File Password for Automatic TLS configuration parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_auto_tls_truststore_password
Required: true

Suppress Parameter Validation: Custom Kerberos Keytab Location (to be used for replication for secure clusters on this Cloudera Manager)

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Custom Kerberos Keytab Location (to be used for replication for secure clusters on this Cloudera Manager) parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_bdr_replication_kerberos_keytab_location
Required: true

Suppress Parameter Validation: Custom Kerberos Principal Name (to be used for replication for secure clusters on this Cloudera Manager)

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Custom Kerberos Principal Name (to be used for replication for secure clusters on this Cloudera Manager) parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_bdr_replication_kerberos_principal_name
Required: true

Suppress Parameter Validation: CDP Private Cloud Repository URLs

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the CDP Private Cloud Repository URLs parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_cdppc_repo_urls
Required: true

Suppress Parameter Validation: Diagnostic Data Bundle Directory

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Diagnostic Data Bundle Directory parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_cluster_stats_path
Required: true

Suppress Parameter Validation: Diagnostic Data Temp Directory

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Diagnostic Data Temp Directory parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_cluster_stats_tmp_path
Required: true

Suppress Parameter Validation: Cloudera Manager Database Table Names to skip

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Cloudera Manager Database Table Names to skip parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_cm_db_dump_list_to_ignore_tables
Required: true

Suppress Parameter Validation: Cloudera Manager Hostname Override

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Cloudera Manager Hostname Override parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_cm_host_name
Required: true

Suppress Parameter Validation: Cloudera Manager Server Local Data Storage Directory

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Cloudera Manager Server Local Data Storage Directory parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_command_storage_path
Required: true

Suppress Parameter Validation: Cross Entity Aggregate Generation Filters

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Cross Entity Aggregate Generation Filters parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_cross_entity_aggregate_filters
Required: true

Suppress Parameter Validation: Local Descriptor Repository Path

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Local Descriptor Repository Path parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_csd_repo_path
Required: true

Suppress Parameter Validation: Custom Banner Text

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Custom Banner Text parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_custom_banner_html
Required: true

Suppress Parameter Validation: Custom Information Assurance Policy Text

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Custom Information Assurance Policy Text parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_custom_ia_policy
Required: true

Suppress Parameter Validation: Redaction Parameters for Diagnostic Bundles

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Redaction Parameters for Diagnostic Bundles parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_diag_bundle_redaction_policy
Required: true

Suppress Parameter Validation: Extra JVM arguments for Java-based services

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Extra JVM arguments for Java-based services parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_extra_jvm_opts
Required: true

Suppress Parameter Validation: Cloudera Manager Frontend URL

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Cloudera Manager Frontend URL parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_frontend_url
Required: true

Suppress Parameter Validation: Custom Kerberos Keytab Retrieval Script

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Custom Kerberos Keytab Retrieval Script parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_gen_keytab_script
Required: true

Suppress Parameter Validation: Agent Heartbeat Logging Directory

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Agent Heartbeat Logging Directory parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_heartbeat_logging_dir
Required: true

Suppress Parameter Validation: Host certificate generator command.

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Host certificate generator command. parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_host_cert_generator
Required: true

Suppress Parameter Validation: HTTP Port for Admin Console

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the HTTP Port for Admin Console parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_http_port
Required: true

Suppress Parameter Validation: HTTPS Port for Admin Console

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the HTTPS Port for Admin Console parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_https_port
Required: true

Suppress Parameter Validation: Active Directory Domain Controller Override

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Active Directory Domain Controller Override parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_kdc_account_creation_host_override
Required: true

Suppress Parameter Validation: KDC Admin Server Host

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the KDC Admin Server Host parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_kdc_admin_host
Required: true

Suppress Parameter Validation: KDC Server Host

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the KDC Server Host parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_kdc_host
Required: true

Suppress Parameter Validation: Cloudera Manager TLS/SSL Server Keystore File Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Cloudera Manager TLS/SSL Server Keystore File Password parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_keystore_password
Required: true

Suppress Parameter Validation: Cloudera Manager TLS/SSL Server Keystore File Location

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Cloudera Manager TLS/SSL Server Keystore File Location parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_keystore_path
Required: true

Suppress Parameter Validation: Exclude Users for SPNEGO/Kerberos Authentication

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Exclude Users for SPNEGO/Kerberos Authentication parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_krb_auth_exclude_users
Required: true

Suppress Parameter Validation: Keytab File for SPNEGO Authentication Override

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Keytab File for SPNEGO Authentication Override parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_krb_auth_keytab
Required: true

Suppress Parameter Validation: Kerberos Principal for SPNEGO Authentication Override

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kerberos Principal for SPNEGO Authentication Override parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_krb_auth_principal
Required: true

Suppress Parameter Validation: Domain Name(s)

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Domain Name(s) parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_krb_domain
Required: true

Suppress Configuration Validator: Validator for Advanced Configuration Snippet (Safety Valve) for remaining krb5.conf

Description: Whether to suppress configuration warnings produced by the Validator for Advanced Configuration Snippet (Safety Valve) for remaining krb5.conf configuration validator.
Related Name
Default Value: false
API Name: scm_config_suppression_krb_domain_realm
Required: true

Suppress Parameter Validation: Kerberos Encryption Types

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kerberos Encryption Types parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_krb_enc_types
Required: true

Suppress Parameter Validation: KDC Timeout

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the KDC Timeout parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_krb_kdc_timeout
Required: true

Suppress Parameter Validation: krb5.conf file path

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the krb5.conf file path parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_krb_krb5_conf_path
Required: true

Suppress Parameter Validation: Advanced Configuration Snippet (Safety Valve) for [libdefaults] section of krb5.conf

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Advanced Configuration Snippet (Safety Valve) for [libdefaults] section of krb5.conf parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_krb_libdefaults_safety_valve
Required: true

Suppress Parameter Validation: Advanced Configuration Snippet (Safety Valve) for remaining krb5.conf

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Advanced Configuration Snippet (Safety Valve) for remaining krb5.conf parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_krb_other_safety_valve
Required: true

Suppress Parameter Validation: Advanced Configuration Snippet (Safety Valve) for the Default Realm in krb5.conf

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Advanced Configuration Snippet (Safety Valve) for the Default Realm in krb5.conf parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_krb_realms_safety_valve
Required: true

Suppress Parameter Validation: Kerberos Renewable Lifetime

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kerberos Renewable Lifetime parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_krb_renew_lifetime
Required: true

Suppress Parameter Validation: Kerberos Ticket Lifetime

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kerberos Ticket Lifetime parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_krb_ticket_lifetime
Required: true

Suppress Parameter Validation: LDAP Bind User Distinguished Name

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the LDAP Bind User Distinguished Name parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_ldap_bind_dn
Required: true

Suppress Parameter Validation: LDAP Bind Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the LDAP Bind Password parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_ldap_bind_pw
Required: true

Suppress Parameter Validation: LDAP Distinguished Name Pattern

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the LDAP Distinguished Name Pattern parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_ldap_dn_pattern
Required: true

Suppress Parameter Validation: LDAP Group Search Base

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the LDAP Group Search Base parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_ldap_group_search_base
Required: true

Suppress Parameter Validation: LDAP Group Search Filter

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the LDAP Group Search Filter parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_ldap_group_search_filter
Required: true

Suppress Parameter Validation: LDAP URL

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the LDAP URL parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_ldap_url
Required: true

Suppress Parameter Validation: LDAP User Search Base

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the LDAP User Search Base parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_ldap_user_search_base
Required: true

Suppress Parameter Validation: LDAP User Search Filter

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the LDAP User Search Filter parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_ldap_user_search_filter
Required: true

Suppress Configuration Validator: Mixed Packages And Parcels

Description: Whether to suppress configuration warnings produced by the Mixed Packages And Parcels configuration validator.
Related Name
Default Value: false
API Name: scm_config_suppression_mixed_packages_and_parcels
Required: true

Suppress Parameter Validation: Active Directory Domain

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Active Directory Domain parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_nt_domain
Required: true

Suppress Parameter Validation: PAM Service Name

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the PAM Service Name parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_pam_service_name
Required: true

Suppress Parameter Validation: Automatically Downloaded Products

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Automatically Downloaded Products parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_parcel_autodownload_products
Required: true

Suppress Parameter Validation: No Proxy List

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the No Proxy List parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_parcel_no_proxy_list
Required: true

Suppress Parameter Validation: Proxy Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Proxy Password parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_parcel_proxy_password
Required: true

Suppress Parameter Validation: Proxy Port

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Proxy Port parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_parcel_proxy_port
Required: true

Suppress Parameter Validation: Proxy Server

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Proxy Server parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_parcel_proxy_server
Required: true

Suppress Parameter Validation: Proxy User

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Proxy User parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_parcel_proxy_user
Required: true

Suppress Parameter Validation: Local Parcel Repository Path

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Local Parcel Repository Path parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_parcel_repo_path
Required: true

Suppress Parameter Validation: Allowed Groups for Knox Proxy

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Allowed Groups for Knox Proxy parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_proxyuser_knox_groups
Required: true

Suppress Parameter Validation: Allowed Hosts for Knox Proxy

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Allowed Hosts for Knox Proxy parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_proxyuser_knox_hosts
Required: true

Suppress Parameter Validation: Knox Proxy Principal

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Knox Proxy Principal parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_proxyuser_knox_principal
Required: true

Suppress Parameter Validation: Allowed Users for Knox Proxy

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Allowed Users for Knox Proxy parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_proxyuser_knox_users
Required: true

Suppress Parameter Validation: Remote Parcel Repository URLs

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Remote Parcel Repository URLs parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_remote_parcel_repo_urls
Required: true

Suppress Parameter Validation: HTTP authentication password override for Cloudera Repositories

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the HTTP authentication password override for Cloudera Repositories parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_remote_repo_override_password
Required: true

Suppress Parameter Validation: HTTP authentication username override for Cloudera Repositories

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the HTTP authentication username override for Cloudera Repositories parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_remote_repo_override_user
Required: true

Suppress Parameter Validation: Report Configurations

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Report Configurations parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_report_configurations
Required: true

Suppress Parameter Validation: SAML Entity Alias

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the SAML Entity Alias parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_saml_entity_alias
Required: true

Suppress Parameter Validation: SAML Entity Base URL

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the SAML Entity Base URL parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_saml_entity_base_url
Required: true

Suppress Parameter Validation: SAML Entity ID

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the SAML Entity ID parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_saml_entity_id
Required: true

Suppress Parameter Validation: Alias of SAML Sign/Encrypt Private Key

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Alias of SAML Sign/Encrypt Private Key parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_saml_key_alias
Required: true

Suppress Parameter Validation: SAML Sign/Encrypt Private Key Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the SAML Sign/Encrypt Private Key Password parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_saml_key_password
Required: true

Suppress Parameter Validation: SAML Keystore Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the SAML Keystore Password parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_saml_keystore_password
Required: true

Suppress Parameter Validation: Path to SAML Keystore File

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Path to SAML Keystore File parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_saml_keystore_path
Required: true

Suppress Parameter Validation: SAML Login URL

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the SAML Login URL parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_saml_login_url
Required: true

Suppress Parameter Validation: Path to SAML IDP Metadata File

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Path to SAML IDP Metadata File parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_saml_metadata_path
Required: true

Suppress Parameter Validation: SAML Attribute Identifier for User Role

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the SAML Attribute Identifier for User Role parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_saml_oid_role
Required: true

Suppress Parameter Validation: SAML Attribute Identifier for User ID

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the SAML Attribute Identifier for User ID parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_saml_oid_user
Required: true

Suppress Parameter Validation: Path to SAML Role Assignment Script

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Path to SAML Role Assignment Script parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_saml_role_script
Required: true

Suppress Configuration Validator: Cloudera Manager Server Restart

Description: Whether to suppress configuration warnings produced by the Cloudera Manager Server Restart configuration validator.
Related Name
Default Value: false
API Name: scm_config_suppression_scm_server_restart
Required: true

Suppress Parameter Validation: Kerberos Security Realm

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kerberos Security Realm parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_security_realm
Required: true

Suppress Parameter Validation: Server SSL Certificate Host Name

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Server SSL Certificate Host Name parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_ssl_certificate_hostname
Required: true

Suppress Parameter Validation: System Identifier

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the System Identifier parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_system_identifier
Required: true

Suppress Configuration Validator: Tags Limit Validator

Description: Whether to suppress configuration warnings produced by the Tags Limit Validator configuration validator.
Related Name
Default Value: false
API Name: scm_config_suppression_tags_limit
Required: true

Suppress Configuration Validator: TLS With Kerberos Validator

Description: Whether to suppress configuration warnings produced by the TLS With Kerberos Validator configuration validator.
Related Name
Default Value: false
API Name: scm_config_suppression_tls_with_kerberos_validator
Required: true

Suppress Parameter Validation: Kerberos Trusted Realms

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kerberos Trusted Realms parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_trusted_realms
Required: true

Suppress Parameter Validation: Cloudera Manager TLS/SSL Trust Store Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Cloudera Manager TLS/SSL Trust Store Password parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_truststore_password
Required: true

Suppress Parameter Validation: Cloudera Manager TLS/SSL Trust Store File

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Cloudera Manager TLS/SSL Trust Store File parameter.
Related Name
Default Value: false
API Name: scm_config_suppression_truststore_path
Required: true