Amazon Web Services support in Cloudera Data Warehouse Public Cloud
This topic provides an overview of Amazon Web Services (AWS) support in Cloudera Data Warehouse (CDW) Public Cloud.
The "environment" concept in Cloudera Data Platform (CDP) is closely related to the virtual private network in your AWS account. Registering an environment provides CDP with access to your AWS account and identifies the resources there that CDP services can access or provision. A single environment is contained within a single AWS region, so all resources deployed by CDP are deployed within that region within one specific virtual network. Once you've registered an environment with Management Console, you can start provisioning resources such as clusters, which run on the physical infrastructure in an AWS data center.
The following diagram shows the components of a CDP environment on AWS:
The diagram includes all major user-created and CDP-created components of an AWS environment:
- Items in dark blue boxes with orange outlines can be automatically provisioned by CDP in your AWS account. Or you can optionally pre-create them in your AWS account and then provide them when registering an environment in CDP.
- Items in dark blue boxes must be pre-created by your CDP administrator prior to environment registration and then provided during environment registration in CDP.
- Items in orange boxes are automatically provisioned on AWS by CDP as part of environment registration.
Information that describes how to register an AWS environment with CDP is linked to at the end of this page.
Data Warehouse service features for AWS environments
CDP Data Warehouse service offers the following additional features for AWS environments that are used for Database Catalogs and Virtual Warehouses:
- Restrict access to Kubernetes endpoints and to service endpoints of the Kubernetes cluster at the load balancer lever by specifying a list of IP CIDRs that are allowed access. For more information, see "Restricting endpoint access in AWS," which is linked to at the end of this page.
- Set up private networking in AWS environments, which uses AWS private subnets. Private subnets receive no direct inbound connections from the internet, providing private network connectivity for workload endpoints in Data Warehouse service. For more information, see "Set up private networking in AWS," which is linked to at the end of this page.
These features require additional configuration in the Data Warehouse service UI to use them.