Table of Contents

Search

  1. Preface
  2. Part 1: Hadoop Integration
  3. Part 2: Databricks Integration
  4. Appendix A: Connections

Configure Access to Secure Hadoop Clusters

Configure Access to Secure Hadoop Clusters

If the Hadoop cluster uses Kerberos authentication or SSL/TLS, you must configure the Informatica domain to access the cluster. If the cluster uses transparent encryption, you must configure the Key Management Server (KMS) for Informatica user access.
Depending on the security implementation on the cluster, you must perform the following tasks:
Cluster uses Kerberos authentication.
You must configure the Kerberos configuration file on the Data Integration Service machine to match the Kerberos realm properties of the Hadoop cluster. Verify that the Hadoop Kerberos properties are configured in the Data Integration Service and the Metadata Access Service.
If the cluster uses Kerberos and does not use the Enterprise Security Package, you can configure Ranger authorization separately to grant permissions to Informatica users.
Cluster uses SSL/TLS.
You must import security certificates to the Data Integration Service and the Metadata Access Service machines. See Configuring Access to an SSL/TLS-Enabled Cluster.
Cluster uses transparent encryption.
If the transparent encryption uses Cloudera Java KMS, Cloudera Navigator KMS, or Apache Ranger KMS, you must configure the KMS for Informatica user access.
Cluster uses Enterprise Security Package.
If the cluster uses Enterprise Security Package and ADLS Gen1 or Gen2 storage, perform the following tasks:
Cluster uses WASB Storage
If the cluster uses WASB storage, configure the storage account access key in core-site.xml. Populate the following property:
  • fs.azure.account.key.<your account>.blob.core.windows.net
For more information, see Configure *-site Files for Azure HDInsight.