Support Questions
Find answers, ask questions, and share your expertise
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

KMS contents

KMS contents

What information is stored in KMS? Is it only the keys for the encryption zones (and their versions in case of rolled-keys)?

Will KMS also contain the DEK for each file stored under the encryption zone?


Re: KMS contents


@Greenhorn Techie @Greenhorn Techie

Full details on Ranger KMS are found here:

The information stored in the KMS is summarized in the UI:


The version is incremented each time a key is rolled over.

Regarding DEK, an encrypted DEK for each encrypted file is stored in the namenode metadata and not in Ranger.

Don't have an account?
Coming from Hortonworks? Activate your account here