Access control for Amazon S3-compatible object stores
Introduction to Ranger RAZ in Cloudera Base on premises clusters
Prerequisites for RAZ
Storage prerequisites
Distributing certificates to access S3 endpoint
Adding Knox IDBroker role
Adding RAZ service
Configuring Knox IDBroker role for S3 object stores
Configuring cloud credentials using Knox Alias
Configuring cloud credentials using HashiCorp Vault
Configuring RAZ service for S3 object stores
Configuring the endpoint for an S3 bucket in the HDFS cluster-wide configuration
Restarting all services
Post-installation tasks
Ranger Hive authorizer for S3 cloud storage
Accessing multiple buckets managed by the same cloud account credential
Limitations