Cloudera DataFlow security
As a security administrator, understand the out-of-the box security features as well as the tasks that you need to perform to authorize Cloudera Public Cloud users.
Cloudera Public Cloud provides the following security features:
- User authentication
- Role-based user authorization
- Data encryption
User authentication
Users are automatically authenticated through the Cloudera Public Cloud identity provider. For more information, see Cloudera Public Cloud Security Overview.
Role-based user authorization
Cloudera DataFlow roles allow you to set user permissions. Through these permissions you can define actions a user or group is allowed to perform and you can also scope the resources a they can perform those actions on.
For more information on the Cloudera DataFlow roles, see Cloudera DataFlow Authorization.
Data encryption
Cloudera Public Cloud encrypts data at rest and in motion.
- Data at rest
- When you import a flow definition, the flow definition is encrypted and stored in the Cloudera DataFlow Catalog. Cloudera DataFlow Catalog is a service that enables you to manage flow definitions centrally.
- Data in transit
- When you deploy a flow, the encrypted flow definition is transferred to your cloud account where it is decrypted and deployed. During a flow deployment, data can be transferred between servers, systems, applications, and users. Every transfer is a secure and trusted exchange through TLS. Through cryptographic protocols, TLS encrypts and authenticates:
