Activating an AWS environment from CDW

You need to know how to start your environment and activate it from Cloudera Data Warehouse (CDW) to use many warehouse features. When you start an environment from CDW, activation options appear. You learn about these options, and how to set them for your use case.

After you go to Cloudera Data Warehouse, as described in the numbered steps below, select an environment tile, and click Start . Activate Environment appears:
Deployment Mode options are as follows:
Option Brief Description Requirements and Recommendations
Private Load Balancer, Private Executors CDW nginix based load balancer runs on private subnets and all workload pods that also run on private subnets. Requires a jump host or AWS direct connect to access CDW. Cloudera recommends that you use the Private Load Balancer, Private Executors deployment mode if possible for security reasons.
Public Load Balancer, Private Executors

CDW nginix based load balancer runs on public subnets and all workload pods that also run on private subnets.

Select this option to connect to CDW from anywhere as long as the source CIDR filters allow the connection.
Public Load Balancer, Public Executors

CDW nginix based load balancer runs on public subnets and all workload pods that also run on public subnets.

Select this option to connect to CDW from anywhere as long as the source CIDR filters allow the connection. Cloudera does not recommend selecting this option for security reasons.
In Advanced Settings, you can set the following options:
Option Brief Description Requirements and Recommendations
Private Subnets Accept the selected subnets you configured during AWS environment registration for load balancer and workload pods, or deselect subnets.

Cloudera recommends three subnets for each load balancer to enable high availability (HA).

Enable IP CIDR for Kubernetes cluster Enter the IP Classless Inter-Domain Routing (CIDRs) from which the Kubernetes cluster should accept incoming connections. Connections from other IP ranges are dropped. Obtain your internal network's IP CIDR ranges of IP addresses that need access to endpoints on the Kubernetes cluster. For more information, see Restricting access to endpoints in AWS.
Enable IP CIDRs for the load balancer Enter the IP CIDR(s) from which the load balancer should accept incoming connections. Connections from other IP ranges are dropped. Obtain your internal network's IP CIDR ranges of IP addresses that need access to endpoints that are load balanced. For more information, see Restricting access to endpoints in AWS.
Use Overlay Network

Overlay Networks for AWS environments can increase the number of available IP addresses for your deployments of CDW if you have an existing Virtual Private Cloud (VPC).

Use this feature if your VPC subnet has fewer than 1,024 IP addresses. Cloudera recommends that you do not configure more than 200 executor nodes for an overlay network to operate.
Attach Managed Policy ARN to Node Role If you do not want to provide PutRolePolicy permission in your cross account role, you can attach a managed policy ARN to a node role to provide the cross account role permissions. You must create a new NodeInstanceRole manually, and provide the ARN during activation of the environment from CDW.
Use Reduced Permissoins Mode If you cannot provide the standard set of IAM permissions required by CDW for environment activation, you can use reduced permissions mode to activate an AWS environment with fewer than half of these permissions. To use this feature, a minimum set of IAM permissions are required.
Enable CloudWatch Logs Enable CloudWatch logs if you use Amazon CloudWatch. In your AWS account, you can then find the logs in /aws/eks/<cluster name>/cluster. Before enabling CloudWatch, you must add required permissions to your IAM policy to access CloudWatch logs; otherwise, you cannot activate the environment.
  1. In the Data Warehouse service, expand the Environments column by clicking More….
    You must perform this step from the Data Warehouse Service, not the Management Console. For more information see "Setting up your first Database Catalog".
  2. In Environments, search for and click your environment tile.
  3. Click Start to activate the environment in CDW.


  4. In Activate Enviornment, configure options as described in the tables above.
  5. Click Activate.