Recommendations
Flow management users are authenticated automatically when they log into CDP. Other aspects of security such as enabling Auto-TLS, Kerberos, and managing access policies depend on the way the SDX and compute clusters are created.
Cloudera recommends the following security options:
- Enable Auto-TLS.
- Enable Kerberos.
- Use Apache Atlas for dataset level lineage graphs.
- Use Apache Ranger to authorize NiFi and NiFi Registry users.
- Use Knox as a single entry point to securely access all NiFi and NiFi Registry nodes, and switch nodes if one fails.
