Our product based on CDP will be ship to our customers and install by customers.
But we want to limit the access for some HDFS directories(predefined) so that customers can't access the directories even they install the whole thing in their private data center(not allowed to connect any external server). In other words, we give customers the permission to install the CDP, but keep them away to access some hidden HDFS files/directories, is it possible and how to do it?
please use Ranger to create authorisation policies to allow a user or group to allow/deny access to resources (hdfs,hive, etc...)
you will firstly need to select a CDP environment to access its ranger console ...
login to the Ranger Console (a ranger admin account), choose the service HDFS an add a policy (allow/deny a specific user or group to read/write/x(list) inside a HDFS directory
also you may add a time range (to the policy) for your customer if you give temporary access
Hi @Yong ,
you can try setting ACLS on HDFS. Below is the doc which gives more details.