Network and security
Data Hub clusters run within the network that is part of your environment and inherit many environment’s security configurations:
Item | Description |
---|---|
Network and subnet | Data Hub clusters use the network and subnet specified or created on the environment level. |
Security groups | Data Hub clusters use security group settings specified or created on the environment level. |
Security and governance | Each Data Hub cluster is attached to a data lake running in the same environment. The data lake provides a way for you to centrally apply and enforce authentication, authorization, and audit policies across multiple ephemeral Data Hub clusters. Furthermore, it provides a protective ring around the data wherever that’s stored, be that in cloud object storage or HDFS. |
Kerberos | All Data Hub clusters are Kerberized. The IPA server running within the environment provides Kerberos to all Data Hub clusters. |
Secure gateway for access to cluster UIs and endpoints | Data Hub users can access cluster UIs and endpoints via a secure gateway with a proxy and web UI SSO powered by Apache Knox. |
SSH access | SSH access to Data Hub clusters is available to an admin user (root access) and
additional users (basic level of access):
|