Managing Apache Phoenix security

Apache Ranger manages authorization and access control through a user interface that ensures consistent policy administration for both Apache Phoenix and Apache HBase.

Apache Phoenix namespaces, tables, column family, and columns use the same access control parameters set in Apache HBase. You must first enable Apache Phoenix ACLs support using Cloudera Manager before you can define permissions for your Apache HBase tables if you are using Apache HBase ACLs.

Shared Data Experience (SDX) Data Lake helps you configure and manage authorization and access control through the Apache Ranger user interface that ensures consistent policy administration for Apache HBase. Apache Phoenix security derives policies applied to the underlying Apache HBase tables in Ranger. You can grant read or write permissions to an Apache HBase table for a specific user using the Apache Ranger user interface.

Auto-TLS is enabled by default in CDP. But you can also manually configure TLS for Phoenix Query Server. See the related inforamtion section to learn more about security in CDP.