Secure in-bound communication

Cloudera uses Vault to encrypt sensitive data (such as tokens, passwords, certificates, and encryption keys). The Cloudera on premises installer can install Vault, but typically this is a pre-existing customer-managed Vault deployment.

Cloudera Data Warehouse communication endpoints

The Cloudera Data Warehouse service runs on top of a Kubernetes cluster and does not include a Cloudera Manager instance.

Primary command and control communication goes to the Kubernetes API server. This endpoint is specific to a particular Kubernetes cluster. The Cloudera Data Warehouse service does not make connections to endpoints in the cluster.

Cloudera AI communication endpoints

In terms of communication, a Cloudera AI Workbench looks very similar to a Cloudera Data Warehouse workspace in that it is also a Kubernetes cluster, although the contents differ.

Primary command and control communication goes to the Kubernetes API server. This endpoint is specific to a particular Kubernetes cluster. The Cloudera AI service does not make connections to endpoints in the cluster.