How to Check Security Settings on a Cluster

Quickly perform a high level check of your cluster’s security configuration by doing one of the following:

Check Security for Cloudera Manager Clusters

Use Cloudera Manager to verify security mechanisms for your cluster by simply examining the properties for the cluster.

For clusters not managed by Cloudera Manager Server, see Check Security for CDH Clusters.

To check Kerberos and HDFS encryption:
  1. Log into the Cloudera Manager Admin Console.
  2. Select Security from the Administration drop-down selector to display a list of managed clusters:

This shows at a glance that both Kerberos and HDFS transparent encryption have been configured for this cluster.

To check TLS settings:
  1. Select Settings from the Administration drop-down selector to open a search field.
  2. Enter TLS in the search field to display all TLS related configuration settings.
  3. Scroll through the displayed results, looking for “Use TLS...” for various services and processes. For example, the test system shown below is not using TLS for the Cloudera Manager Admin Console:

See How to Configure TLS Encryption for Cloudera Manager for complete information about configuring TLS for the cluster.

To find all TLS settings, cluster-wide, enter "TLS enabled" (or simply, "TLS") in the top-most search field on the Cloudera Manager Admin Console. Then you can easily select from among the display list to examine the actual setting.


Check Security for CDH Clusters

To check security settings for CDH components not managed by Cloudera Manager, open the configuration file (core-site.xml) in a text editor and examine the property values shown below:

Functionality Property Value
TLS hadoop.ssl.enabled true
Kerberos hadoop.security.authentication kerberos
hadoop.security.authorization true

See Configuring Authentication in CDH Using the Command Line and Configuring TLS/SSL Encryption for CDH Services for more information.