Support Questions

Find answers, ask questions, and share your expertise

limit customer access to HDFS directories even they install the whole CDP by themselves

New Contributor

Hi there,

Our product based on CDP will be ship to our customers and install by customers.
But we want to limit the access for some HDFS directories(predefined) so that customers can't access the directories even they install the whole thing in their private data center(not allowed to connect any external server). In other words, we give customers the permission to install the CDP, but keep them away to access some hidden HDFS files/directories, is it possible and how to do it?




please use Ranger to create authorisation policies to allow a user or group to allow/deny access to resources (hdfs,hive, etc...)


you will firstly need to select a CDP environment to access its ranger console ...

login to the Ranger Console (a ranger admin account), choose the service HDFS an add a policy (allow/deny a specific user or group  to read/write/x(list)  inside a HDFS directory 


also you may add a time range (to the policy) for your customer if you give temporary access


Hi @Yong ,


you can try setting ACLS on HDFS. Below is the doc which gives more details.



Madhuri Adipudi, Technical Solutions Manager

Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.

Learn more about the Cloudera Community: