Support Questions

Eran · ‎02-28-2017

tmccuch · ‎03-02-2017

To protect the S3A access/secret keys, it is recommended that you use either:

IAM role-based authentication (such as EC2 instance profile), or
the Hadoop Credential Provider Framework - securely storing them and accessing them through configuration.

The Hadoop Credential Provider Framework allows secure "Credential Providers" to keep secrets outside Hadoop configuration files, storing them in encrypted files in local or Hadoop filesystems, and including them in requests. The Hadoop-AWS Module documentation describes how to configure this properly.

View solution in original post

tmccuch · ‎03-02-2017

@eorgad

To protect the S3A access/secret keys, it is recommended that you use either:

IAM role-based authentication (such as EC2 instance profile), or
the Hadoop Credential Provider Framework - securely storing them and accessing them through configuration.

The Hadoop Credential Provider Framework allows secure "Credential Providers" to keep secrets outside Hadoop configuration files, storing them in encrypted files in local or Hadoop filesystems, and including them in requests. The Hadoop-AWS Module documentation describes how to configure this properly.

Cloudera Community

Support Questions

What is the best way to secure S3A objects on HDP 2.5?

Spark + S3A filesystem client from HDP to access S...

Flume with Secured Kafka Channel in HDP 2.5

HDP 2.6/Ambari 2.5 GA!

Create Phoenix Schemas in HDP 2.5

How do I login to Zeppelin when Security is enable...

Using Jupyter with Sparkmagic and Livy Server on H...

How to add ports to the HDP 2.5 VirtualBox Sandbox

How to install and run Spark 2.0 on HDP 2.5 Sandbo...

Partner Demo Kit for HDP 2.5

Fix problems with HDP 2.5 Sandbox image