This Confluence has been LDAP enabled, if you are an ASF Committer, please use your LDAP Credentials to login. Any problems file an INFRA jira ticket please.

Skip to end of metadata
Go to start of metadata

This page lists design documents for key components of HAWQ.

HAWQ-Ranger Integration

Apache Ranger is a framework to enable, monitor and manage comprehensive data security across the Hadoop platform. The vision with Ranger is to provide comprehensive security across the Apache Hadoop ecosystem. With the advent of Apache YARN, the Hadoop platform can now support a true data lake architecture. Enterprises can potentially run multiple workloads, in a multi tenant environment. Data security within Hadoop needs to evolve to support multiple use cases for data access, while also providing a framework for central administration of security policies and monitoring of user access.

To keep align with Hadoop eco-system, HAWQ is supporting the integration with Ranger so that HAWQ privileges can be defined in a central Ranger UI. Below is the design documents and JIRA list for Ranger Integration.

HAWQ TDE Support

HDFS implements transparent, end-to-end encryption: 1) data read from and written to special HDFS directories is transparently encrypted and decrypted without requiring changes to user application code; 2) data can only be encrypted and decrypted by the client which enable at-rest encryption as well as in-transit encryption. Data encryption is required by a number of different government, financial, and regulatory entities.

The support of TDE in Apache HAWQ make sure user data, especially important data, can be secured during data access. Though there is performance penalty when it is enabled.

  • No labels