Activating your environment in reduced permissions mode

If you cannot provide the standard set of IAM permissions required by Cloudera Data Warehouse (CDW) for environment activation, you can use reduced permissions mode.

You can activate an AWS environment for CDW with fewer than half the standard set of required IAM permissions on your AWS cross-account IAM role. You can choose reduced permissions mode in two ways:

In this task, you activate your environment from CDW in reduced permissions mode. In steps 6 and 7, you manually create the stack and then remove it:

  1. In the Data Warehouse service, expand the Environments column by clicking More….
  2. In Environments, click the search icon and locate the environment that you want to activate.
  3. Click the start icon to activate the environment.


  4. In Activation Settings, if you do not have the standard set of required IAM permissions or a restricted policy in place, select Use Reduced Permissions Mode.
    For example:
    Alternatively, if Environment Validations appears, select Check to activate environment with reduced permissions mode. Skip the next step and go to step 6.
  5. If you do not want to activate the environment in reduced permissions mode, uncheck the option, and click Activate. Skip the rest of the steps in this procedure. CDW automatically creates the cloud resources in your AWS account for you.
  6. Manually create the cloud resources in your AWS account and tag them appropriately, as described in topic, "Setting up cloud resources for reduced permissions mode" below.
    CDW pre-populates the required CloudFormation template for you within the AWS console, and you perform the manual steps to create the stack.
  7. When you are finished using the stack, manually delete it in the AWS console.