Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Zeppelin notebook encryption for local file system

Solved Go to solution
Highlighted

Zeppelin notebook encryption for local file system

New Contributor

Hi,

I use 0.7.3 version of Zeppelin and I noticed it stores notebooks at predefined folder *without* encryption. I use current installation on my PoC cluster, but I still have several users. These users are, for example, using Zeppelin to access some of the databases available in our environment. If user creates a notebook where he sets a db connection using his user/pass, then some other user can see that password using

/opt/hadoop/zeppelin-server/notebook/some_notebook/note.json

I see that users can set encryption when S3 is used, but I'm wondering if same is true for Git repo or Local Filesystem (VFSNotebookRepo or GitNotebookRepo).

Is there a way to set security on this level and prevent shell users from reading each others notebooks. My temporary fix was to remove r and x permissions from "others", but I don't find this to be a real solution.

Thank you

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Zeppelin notebook encryption for local file system

Rising Star

There is no supported local filesystem encryption for notebooks in Zeppelin 0.7.3, so the external options, such as S3 as you mention, are likely your best bet if you need encryption.

However, Zeppelin 0.8.0 (supported in HDP 3.0 and above, offers an option to store notebooks in an HDFS filesystem, which can be encrypted transparently. https://zeppelin.apache.org/docs/0.8.0/setup/storage/storage.html

2 REPLIES 2

Re: Zeppelin notebook encryption for local file system

Rising Star

There is no supported local filesystem encryption for notebooks in Zeppelin 0.7.3, so the external options, such as S3 as you mention, are likely your best bet if you need encryption.

However, Zeppelin 0.8.0 (supported in HDP 3.0 and above, offers an option to store notebooks in an HDFS filesystem, which can be encrypted transparently. https://zeppelin.apache.org/docs/0.8.0/setup/storage/storage.html

Re: Zeppelin notebook encryption for local file system

New Contributor

Thank you. Not the answer I was hoping for, but at least I know Zeppelin upgrade is something I can look for. My only question now is IF zeppelin can be upgraded without upgrading the rest of the platform?

Don't have an account?
Coming from Hortonworks? Activate your account here