Restricting Collaborator and Administrator Access to Active Sessions

By default, the following Cloudera Data Science Workbench users have the ability to execute commands within any active sessions you have created.

Required Role: Site Administrator

  • All Site Administrators
  • Users who have been assigned Admin or Contributor privileges for the project where the session is created.
  • For team projects, Team Admins have complete access to all team projects and any active sessions running within these projects. Additionally, any team members who have been assigned the Admin or Contributor roles for your projects will also have the ability to execute commands within your active sessions.

Starting with Cloudera Data Science Workbench 1.4.3, site administrators can now restrict this ability by allowing only the user who launched the session to execute commands within their own active sessions. To enable this restriction:

  1. Log into Cloudera Data Science Workbench with site administrator privileges.
  2. Click Admin > Security.
  3. Under the General section, select the checkbox to enable the Only session creators can execute commands on active sessions property.
    When this property is enabled, only the user that creates a session will be able to execute commands in that session. No other users, regardless of their permissions in the team or as project collaborators, will be able to execute commands on active sessions that are not created by them. Even site administrators will not be able to execute commands in other users' active sessions. However, keep in mind that all site administrators still have access to the Site Administrator dashboard and can reverse this change at any time.