question Enforcing specific cloud parameters for cloubreak template in Support Questions https://community.cloudera.com/t5/Support-Questions/Enforcing-specific-cloud-parameters-for-cloubreak-template/m-p/242711#M204510 <P>Hello,</P><P>I'm looking for ways of enforcing specific cloud configurations for CB template to limit and simplify user experience. We'd like to pre-configure regions, VPCs, subnets, encryption configuration and so on. We are using rc-2.9 branch of Cloudbreak.</P><P>Thanks!</P> Tue, 22 Jan 2019 16:56:49 GMT anton_zadorozhn 2019-01-22T16:56:49Z Enforcing specific cloud parameters for cloubreak template https://community.cloudera.com/t5/Support-Questions/Enforcing-specific-cloud-parameters-for-cloubreak-template/m-p/242711#M204510 <P>Hello,</P><P>I'm looking for ways of enforcing specific cloud configurations for CB template to limit and simplify user experience. We'd like to pre-configure regions, VPCs, subnets, encryption configuration and so on. We are using rc-2.9 branch of Cloudbreak.</P><P>Thanks!</P> Tue, 22 Jan 2019 16:56:49 GMT https://community.cloudera.com/t5/Support-Questions/Enforcing-specific-cloud-parameters-for-cloubreak-template/m-p/242711#M204510 anton_zadorozhn 2019-01-22T16:56:49Z Re: Enforcing specific cloud parameters for cloubreak template https://community.cloudera.com/t5/Support-Questions/Enforcing-specific-cloud-parameters-for-cloubreak-template/m-p/242712#M204511 <P>Hi <A rel="user" href="https://community.cloudera.com/users/103484/antonzadorozhniy.html" nodeid="103484">@Anton Zadorozhniy</A></P><P>Currently there is no such fine grained authorization implemented in Cloudbreak and regions, VPC-s and subnets are fetched on the fly from the cloud provider.</P><P>What you can do is to<A href="https://docs.hortonworks.com/HDPDocuments/Cloudbreak/Cloudbreak-2.8.0/create-credential-aws/content/cb_create-credentialrole.html"> create role based credential</A> with a specific AWS role constrained to only <A href="https://docs.aws.amazon.com/vpc/latest/userguide/VPC_IAM.html">specific resources</A> (instead of "Resource": [ "*" ])</P><P>You can specify resource type level authorization permissions in Cloudbreak with the help of <A href="https://docs.hortonworks.com/HDPDocuments/Cloudbreak/Cloudbreak-2.8.0/manage-monitor/content/cb_user-authorization.html">workspaces</A>, resources will be shared inside a workspace.</P><P>Hope this helps! </P> Tue, 22 Jan 2019 22:37:08 GMT https://community.cloudera.com/t5/Support-Questions/Enforcing-specific-cloud-parameters-for-cloubreak-template/m-p/242712#M204511 darvasip 2019-01-22T22:37:08Z