Configuring Impala Virtual Warehouses to encrypt spilled data in Cloudera Data Warehouse on premises

If you have encrypted HDFS on the Cloudera Base on premises cluster, then Cloudera recommends that you configure an Impala Virtual Warehouse to write temporary data to disk during query processing in an encrypted format using the AES-256-CFB encryption for complete security.

In Cloudera on premises, the temporary data is spilled to the local storage, the location of which is hard coded by the system.

1. Log in to the Cloudera Data Warehouse service as an administrator.
2. Go to Impala Virtual Warehouse > > Edit > CONFIGURATIONS > Impala coordinator and select flagfile from the Configuration files drop-down list.
3. Set the value of the disk_spill_encryption property to true.
4. Click APPLY.
5. Go to the Impala executor tab and select flagfile from the Configuration files drop-down list.
6. Set the value of the disk_spill_encryption property to true.
7. Click APPLY.
8. Restart the Impala Virtual Warehouse.