Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search

limit customer access to HDFS directories even they install the whole CDP by themselves

Yong
New Contributor

Created ‎05-12-2020 05:46 PM

Hi there,

Our product based on CDP will be ship to our customers and install by customers.
But we want to limit the access for some HDFS directories(predefined) so that customers can't access the directories even they install the whole thing in their private data center(not allowed to connect any external server). In other words, we give customers the permission to install the CDP, but keep them away to access some hidden HDFS files/directories, is it possible and how to do it?

 

Regards,
Yong

725 Views
0 Kudos
2 REPLIES 2

rachid-berkane
Explorer

Created ‎05-13-2020 12:03 AM

please use Ranger to create authorisation policies to allow a user or group to allow/deny access to resources (hdfs,hive, etc...)

 

you will firstly need to select a CDP environment to access its ranger console ...

login to the Ranger Console (a ranger admin account), choose the service HDFS an add a policy (allow/deny a specific user or group  to read/write/x(list)  inside a HDFS directory 

 

also you may add a time range (to the policy) for your customer if you give temporary access

 

https://docs.cloudera.com/runtime/7.0.3/security-ranger-authorization/topics/security-ranger-provide...

707 Views

Madhur
Moderator

Created ‎05-13-2020 12:47 PM

Hi @Yong ,

 

you can try setting ACLS on HDFS. Below is the doc which gives more details.

https://docs.cloudera.com/runtime/7.0.3/hdfs-acls/topics/hdfs-acls-features.html

 

 

Madhuri Adipudi, Technical Solutions Manager

Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.

Learn more about the Cloudera Community:

694 Views
0 Kudos
Take a Tour of the Community
Don't have an account?
Register
Your experience may be limited. Sign in to explore more.
Announcements
Community Announcements
March 2023 Community Highlights
What's New @ Cloudera
Cloudera DataFlow Designer for self-service data flow development is now generally available to all CDP Public Cloud customers
What's New @ Cloudera
Cloudera Operational Database (COD) UI provides the JWT configuration details to connect to your HBase client
What's New @ Cloudera
Cloudera Operational Database (COD) UI allows storage type selection when creating an operational database
What's New @ Cloudera
Release of Cloudera Streaming Analytics (CSA) 1.9.0 for CDP 7.1.7 SP2 & CDP 7.1.8
View More Announcements