Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Controlling Cloudera Admin Access to underlying data

Controlling Cloudera Admin Access to underlying data

New Contributor

Need to ask the following questions asap around Cloudera Admin access - documentation here https://www.cloudera.com/documentation/enterprise/5-10-x/topics/cm_sg_user_roles.html

  1. Does any Cloudera Admin roles have full data access – current assumption is Cluster Admin and Full Admin have it.
  2. If any Admin role has full data access – can we do without those roles. (e.g. - The documentation says that Full Admin can be deleted once Cloudera set is done.
  3. Can we add any restrictions/build privileges such that data set (which is highly sensitive) in a particular node is accessible only to users given access to that node and not accessible by any admins.
1 REPLY 1
Highlighted

Re: Controlling Cloudera Admin Access to underlying data

Master Collaborator
I am not a security expert, but I think the answer to your last question is data-at-rest encryption.

One comment to the first point: I dont think the admin has a direct full access to the data directly, but as he is able to change any propoerty of HDFS, he is able to configure for himself an access very likely.
Don't have an account?
Coming from Hortonworks? Activate your account here