Community Articles
Find and share helpful community-sourced technical articles
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.
Labels (1)
Super Guru

I had setup Transparent data encryption some time back for HDP2.2 by referring steps mentioned at

I tested my setup, everything worked perfectly except one thing, superuser was able to access the contents from encrypted zone transparently which I think should not work that way, so to restrict your encrypted zone you need to modify below property in /usr/kms-demo/hadoop/etc/hadoop/kms-acls.xml

<description> ACL for decryptEncryptedKey CryptoExtension operations.

Add list of users for whom you want to give access to your encrypted zone.

Hope this is useful :-)

Don't have an account?
Coming from Hortonworks? Activate your account here
Version history
Revision #:
1 of 1
Last update:
‎10-28-2015 05:24 AM
Updated by:
Top Kudoed Authors