Support Questions

Find answers, ask questions, and share your expertise
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

Hierarchy of TDE encryption zones with Ranger-KMS

avatar
Expert Contributor

I was wondering is there any way to have a hierarchy of encryption zones managing by Ranger-KMS? Suppose we have the following directory structure:

/userA/userB/

/userA/userC/

I want to configure HDFS in a way that userB and userA use two different encryption zones, but I would like to be able to access userB and userC folders with userA and be able to encrypt/decrypt data owned by userB or userC. Is there any way to handle this situation with Ranger-KMS?

1 ACCEPTED SOLUTION

avatar
Master Guru
hide-solution

This problem has been solved!

Want to get a detailed solution you have to login/registered on the community

Register/Login
3 REPLIES 3

avatar
Master Guru
hide-solution

This problem has been solved!

Want to get a detailed solution you have to login/registered on the community

Register/Login

avatar
Expert Contributor

So can we virtually build a hierarchy of encryption zone in this way?

avatar
Master Guru

I don't consider this a hierarchy of encryption. more in tune of encryption and authorization on those zones.