Want to understand how to secure the communication between HDFS Name node AND Ranger KMS for HDFS data-at-rest encryption
1) Is hadoop KMS REST API used between the two or something else?
2) Is basic authentication supported with the REST API call and how to configure if supported?
3) Is HTTPs supported and how to configure if supported?
1. The KMS rest API is used by other clients as well when reading data from hdfs.
2. AFAIK in non secured environment it uses basic auth by default. However you can use kerberos for authentication.
3. SSL documentation steps are here:
*** If you found this answer addressed your question, please take a moment to login and click the "accept" link on the answer.
If we want to have secure communication (i.e SSL enabled) b/w HDFS client and KMS,then does it require the whole cluster to be SSL enabled?