Cloudera Community
Nae2Ju7w
user rank
New Contributor
My Accepted Solutions
Show All

Re: Key Trustee KMS Proxy ACLs confusion

by New Contributor in Support Questions
‎08-30-2017 11:16 PM
‎08-30-2017 11:16 PM
The username and/or group should be a user present in Linux and Kerberos that you have designated as the user responsible for managing keys on your cluster, and you can use an existing user/group or create a new one as makes sense in your environment. Typically this would be a group of administrators who you would entrust to configure security for you, so that only one user or a handful of users can grant access. ... View more

Key Trustee KMS Proxy ACLs confusion

by New Contributor in Support Questions
‎08-30-2017 11:31 AM
‎08-30-2017 11:31 AM
In the Cloudera Security Guide, step 6 on page 303 for adding a Key Trusteee KMS Service says "To generate the recommended ACLS, enter the username and group responsible for managing cryptographic keys and click Generate ACLs."   Are the username and group mentioned in this step arbitrary or is it referencing a username and group that should have been created as part of some previous configuration? ... View more
Contact Me
Online
Offline
Last Visited
‎10-13-2017 01:37 PM
Community Statistics
Member Since ‎08-30-2017 10:23 AM
Last Visited ‎10-13-2017 01:37 PM
Posts 2