Adding a role instance to IDBroker in Cloudera Manager

To use IDBroker to access the cloud credentials, you must add a role instance to IDBroker, and then you configure the required properties for it in Cloudera Manager.

You must have an AWS user account that has:

an IAM policy which allows you to access the S3 bucket to which you want to replicate the data.
an IAM role, which you can assume, that has the above policy attached to it.

If you have upgraded or installed the Cloudera Private Cloud Base cluster, ensure that IDBroker is available. IDBroker is automatically configured by Cloudera Manager in Cloudera deployments, where Knox is installed. For more information about IDBroker, see Configuring access to S3.

Go to the source Cloudera Manager > Clusters > Knox service > Instances page.

important
If you are replicating HDFS data from cloud to Cloudera Private Cloud Base cluster, add the role instance on the target Cloudera Manager.
Click Actions > Add Role Instances.
Select the required Knox IDBroker host on the Add Role Instance to Knox modal window to install it to the required host, and then click Continue.
Specify an IDBroker Master Secret, and click Finish.
The Instances tab shows the added role instance.

Configure the required properties for IDBroker to use in replication policies.