Reply
New Contributor
Posts: 3
Registered: ‎10-02-2018

Controlling Cloudera Admin Access to underlying data

[ Edited ]

Need to ask the following questions asap around Cloudera Admin access - documentation here https://www.cloudera.com/documentation/enterprise/5-10-x/topics/cm_sg_user_roles.html

  1. Does any Cloudera Admin roles have full data access – current assumption is Cluster Admin and Full Admin have it.
  2. If any Admin role has full data access – can we do without those roles. (e.g. - The documentation says that Full Admin can be deleted once Cloudera set is done.
  3. Can we add any restrictions/build privileges such that data set (which is highly sensitive) in a particular node is accessible only to users given access to that node and not accessible by any admins.
Posts: 910
Topics: 1
Kudos: 208
Solutions: 111
Registered: ‎04-22-2014

Re: Controlling Cloudera Admin Access to underlying data

@Abhigreen,

 

Answers are in-line:

 

1. Does any Cloudera Admin roles have full data access – current assumption is Cluster Admin and Full Admin have it.

Answer:

 

It depends what you mean by "full data access".  CM does not have a feature that allows reading or writing files, but if a user has access to the File Browser in HDFS, they do have the ability to view file names, enable snapshots and set quotas.  Note that there is no "download" ability in CM to actually get files... only view the files/directories.  Only users with Full Admininstrator, Cluster Administrator, and BDR Administrator roles can view the File Browser.

 

2. If any Admin role has full data access – can we do without those roles. (e.g. - The documentation says that Full Admin can be deleted once Cloudera set is done.

 

It really depends on your needs and use cases, but you will probably need a Cluster Administrator at some point.  It may be possible to devide up the privileges, but I'm not sure if all will be covered by other roles.

 

3. Can we add any restrictions/build privileges such that data set (which is highly sensitive) in a particular node is accessible only to users given access to that node and not accessible by any admins.

 

I'm not sure how to answer this since I am not sure what you mean by "node" and what service/access is being discussed.

I think what you are looking for is HDFS file encryption since that allows you to restrict access to data in the way you seem to imply.  The Cloudera Manager file browser uses the "hdfs" user so, with file encryption, you could encrypt sensitive files and not allow the "hdfs" user to decrypt.

 

Please see these pages:

 

Encrypting Data at Rest

 

This is probably most relevant for your question:

 

HDFS Transparent Encryption

 

 

Transparent Encryption will allow you to prevent access to your data by administrators.

New Contributor
Posts: 3
Registered: ‎10-02-2018

Re: Controlling Cloudera Admin Access to underlying data

Hi @bgooleybgooley

Thanks so much for your reply.


Re: full data access - meant ability to see all data inside files (not just file names). Based on https://www.cloudera.com/documentation/enterprise/5-10-x/topics/cm_sg_user_roles.html

Cluster Admin and Full Admin have an ability to see ALL data. Is that correct?

 

Warm regards

Highlighted
Posts: 910
Topics: 1
Kudos: 208
Solutions: 111
Registered: ‎04-22-2014

Re: Controlling Cloudera Admin Access to underlying data

@Abhigreen,

 

No, Cluster and full Admins can only see file metadata, snapshots, quota, file size... metadata. 

They cannot see file contents as Cloudera Manager does not read file contents for display.

If you wanted to do that, you could do that in Hue.

 

I have opened an internal Jira, OPSAPS-48080, so we can consider clarifying what we mean by "view all data"

Announcements