Handling of sensitive data in CDP

CDP uses Vault to encrypt sensitive data (such as tokens, passwords, certificates, and encryption keys) .

Classic cluster credentials

During HDP, CDH, or CDP PvC Base "classic cluster" registration in the Management Console, CDP asks you to enter cluster credentials. This is required for authenticating requests on the cluster side. CDP uses these credentials to access cluster APIs during and after cluster registration. During registration CDP stores these credentials securely in the vault and later whenever CDP makes an API call to the cluster,CDP reads these credentials from the vault and inject them inside the request.