Understanding a Cloudera Observability On-Premises cluster policy

Describes the Cloudera Observability On-Premises Cluster Policy criteria that is used to assign Cloudera Observability On-Premises access roles to your users.

Access to your Workload jobs and queries is determined by a Cloudera Observability On-Premises Cluster Policy, which comprises two or more of the following conditions:
  • One or more LDAP Group identifier account names.
  • One or more user names. By default, Cloudera Observability On-Premises authenticates user access by checking that the user is a member of an LDAP group.
  • A Cloudera Observability On-Premises access role type. The access role is assigned to the users that you provide in the Users field and/or the users who are part of the groups you provide in the Groups field and is defined by the conditions in the Cluster Policy.
  • (Cluster User and Cluster Admin only) The cluster associated with the access role.
  • (Cluster User only) A custom policy whose criteria is defined from the provided user names and/or the provided pools. A custom policy enables the user or users defined in the Cluster Policy to view the jobs and queries executed by other users and/or the jobs and queries executed in a pool.
Cloudera Observability On-Premises Cluster Policies are created, managed, and maintained from the Access Management page. Only users who have been granted the System Admin access role type can view and manage your Cloudera Observability On-Premises cluster policies.