Procedure for Using Cloudera Manager to Configure Hadoop Security

  Important: Ensure you have secured communication between the Cloudera Manager Server and Agents before you enable Kerberos on your cluster. Kerberos keytabs are sent from the Cloudera Manager Server to the Agents, and must be encrypted to prevent potential misuse of leaked keytabs. To enable TLS communication, refer Configuring TLS Security for Cloudera Manager (Level 3).

Here are the general steps to using Cloudera Manager to configure Hadoop security on your cluster, each of which is described in more detail in the following sections: