Security terminology

The following terminology is key to understanding CDP security:

Table 1. Management Console terminology
Term Description
Credential A credential allows CDP to authenticate with your cloud provider account and obtain authorization to provision cloud provider resources on your behalf.
Environment In CDP, an environment is a logical subset of your cloud provider account including a specific virtual network. A credential provides CDP with access to an environment.
Data Lake Data Lake is a service for creating safe, secure, and governed Data Lake which provides a protective ring around the data stored in a cloud object store.
Virtual network An environment corresponds to a single private virtual network (for example VPC on AWS) into which all your CDP resources are deployed.
Security access settings Security access settings refer to security groups that are created on your cloud provider account to allow communication via specific ports.
Table 2. Knox terminology
Term Description
FreeIPA FreeIPA is an open-source product that combines four identity management capabilities: LDAP directory, Kerberos KDC, DNS server, and Certificate Authority (CA).
IDBroker An identity federation solution that exchanges cluster authentication for temporary cloud credentials.
Knox Gateway A reverse proxy that authenticates proxy for web UIs and HTTP APIs.
Trusted Proxy Propagates the authenticated end user to the backend service.