- Please read the security guide:
- You can setup Encryption Zones, which will encrypt data stored in these pre-defined zones
- Ranger enables RBAC, ABAC, Column level access. Also enables Data Masking (e.g. PII, Financial, Sensitive data). You often have scenarios where the sensitive data is a subset of fields in a Hive Table. These Fields can be masked, or access blocked. Atlas enables defining Tags (i.e. PII Tag) which can be passed automatically to Ranger to define and enforce policies.
- HDFS is the under-lying filesystem. You will need to understand what components (Spark, Hive, HBase, Solr, etc.) you will be using, where the sensitive data exists, and how to manage.
- HWX has a number of Partners, with sophisticated capabilities, should there be a requirement beyond what HDP provides out of the box (though check the documentation first).