- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Float this Question for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
How can I prevent end-users from using Hadoop service accounts directly (e.g. Ambari,hive..etc)?
- Labels:
-
Apache Ambari
-
Apache Hadoop
-
Apache Hive
Created on ‎02-07-2016 12:10 AM - edited ‎09-16-2022 03:02 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Created ‎02-07-2016 12:13 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Created ‎02-07-2016 12:13 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Kerberos the envriroment and ambari server
Created ‎02-07-2016 12:15 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
need more elaboration on this, How will kerberos solve the problem?
Created ‎02-07-2016 12:17 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@Ned Shawa Please see this http://docs.hortonworks.com/HDPDocuments/Ambari-2.1.2.0/bk_Ambari_Security_Guide/content/_optional_s...
Also, Keep users in edge node only. No access to Master and worker nodes
You can leverage knox for the same purpose.
Once kerberos is in place then only authenticated users will be able to access the environment.
Restricted access to keytabs.
Created ‎02-07-2016 12:20 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@Ned Shawa See this slideshare
