Back

HDP2.4

  • Create new key in rangerkms (keyadmin)
  • Create path in hdfs with correct ownership etc
  • Create encryption zone
hdfs crypto -createZone -keyName hdp63-platfora-key -path /platfora

HDP2.2

Encrypt a directory

[create key]
hadoop key create <keyname>
[create zone]
hdfs crypto -createZone -keyName <keyname> -path <path to encrypt>]

Example ACL

 <property>
    <name>key.acl.mykey.ALL</name>
    <value>dn,nn,hdfs</value>
</property>
<property>
    <name>key.acl.mykey.GENERATE_EEK</name>
    <value>auser1</value>
</property>
<property>
    <name>key.acl.mykey.GENERATE_EEK</name>
    <value>auser2</value>
</property>