Secure in-bound communication

CDP uses Vault to encrypt sensitive data (such as tokens, passwords, certificates, and encryption keys). The CDP Private Cloud installer can install Vault, but typically this is a pre-existing customer-managed Vault deployment.

Data Warehouse communication endpoints

The Data Warehouse service runs on top of a Kubernetes cluster and does not include a Cloudera Manager instance.

Primary command and control communication goes to the Kubernetes API server. This endpoint is specific to a particular Kubernetes cluster. The Data Warehouse service does not make connections to endpoints in the cluster.

Machine Learning communication endpoints

In terms of communication, a Machine Learning Workspace looks very similar to a Data Warehouse workspace in that it is also a Kubernetes cluster, although the contents differ.

Primary command and control communication goes to the Kubernetes API server. This endpoint is specific to a particular Kubernetes cluster. The Machine Learning service does not make connections to endpoints in the cluster.