Security

Security in Cloudera Manager is composed of authentication, encryption, and authorization. Authentication, a process that requires users and services to prove their identity when trying to access a system resource, is provided by integration with MIT Kerberos and LDAP/AD. Encryption, for data in transit or data in motion, is provided by TLS, HDFS transparent encryption, Cloudera Navigator Encrypt, and Navigator Key Trustee Server. Authorization, concern for who or what has access or control over a given resource or service, is provided by access control via Apache Ranger, Apache HDFS ACLs, traditional POSIX-style permissions for directories and files, and Apache HBase ACLs.

Configure Kerberos authentication in Cloudera Manager.

Control access to Cloudera Manager resources using LDAP.

Configure TLS/SSL secure networking in Cloudera Manager clusters.

Secure data at rest using encryption mechanisms and key management.

How to configure the Key Trustee Server key storage and management system.

A collection of How-to guides covering a wide range of advanced Cloudera Manager security topics.

We want your opinion

How can we improve this page?

What kind of feedback do you have?