Add IDBroker to use temporary AWS session credentials

You can use temporary AWS session credentials through IDBroker to provide just-in-time, minimum required access to replicate data using replication policies. You must complete a few prerequisites before you configure IDBroker to use in replication policies. You can then add the credentials in CDP Public Cloud Replication Manager. Alternatively, you can add an external account for the IDBroker topology in Cloudera Manager.

Before you use temporary AWS session credentials in a replication policy, you must:
  1. have an AWS account with an IAM role that has the required permissions to access the target S3 bucket and has the necessary trust relationships set up.
  2. install a role instance for IDBroker
  3. configure non-HA IDBroker on the CDP Private Cloud Base cluster.
  4. add the cloud credential in CDP Public Cloud Replication Manager.

    Alternatively, you can add an external account for the IDBroker topology in Cloudera Manager.