Apache Sentry
A key part of compliance-ready security is controlling access to data. Apache Sentry provides fine-grained authorization and role-based access control to Cloudera’s modern platform, providing unified authorization as part of Cloudera’s shared data experience (SDX). Sentry integrates with the open source SQL query frameworks, Apache Hive and Apache Impala; the open source search engine, Cloudera Search; as well as HDFS and Kafka. It can also extend to other computing engines within the Hadoop ecosystem. Sentry is available in CDH out-of-the-box and supported with Cloudera Enterprise.
Sentry key features
Unified role-based access control:
Uniformly enforce fine-grained authorization policies for users based on their role, regardless of how they’re accessing data. Create the policy once and then rest assured that your users can access only the data for which they have permissions, without unnecessary repetition or policy mirroring.
Ease of Use:
Easily and consistently manage policies for user roles via either SQL or the HUE GUI. Sentry also integrates with Active Directory group assignments for automatic synchronization.
Compliance-ready:
Authorization is a critical part of achieving regulatory compliance with regulations such as PCI, HIPAA, GDPR, and others.
Extend Hadoop to more users, securely:
Store sensitive data with non-sensitive data in our platform and share it with users across all departments through multi-tenant authorization and fine-grained access controls. No matter what the workload—batch ETL, interactive SQL, machine learning, and so on—users will maintain the same data permissions.
Integrated across the platform
As an integrated part of Cloudera’s platform, Sentry provides unified administration for shared data and metadata for access frameworks: HDFS, HCatalog, Apache Hive, Impala, Apache Solr, and Apache Spark™. It also benefits from shared resource management (through YARN), visual policy management (through HUE), simple configuration and administration (through Cloudera Manager), and automatic auditing (through Cloudera Navigator)—all critical for running in production.
Cloudera’s commitment to Sentry
As the original developer of Sentry along with Intel, Cloudera is actively involved with the Sentry community and developing integrations between Sentry and the rest of the ecosystem, with a special focus on adding more access paths and simplifying permissions. Cloudera also has the widest experience with Sentry—with production customers across industries—and has Sentry committers on-staff so we can directly access and influence the roadmap based on our customers’ needs and use cases.
Comprehensive Hadoop Security
Cloudera Enterprise has comprehensive security built into the core of the platform, with a multi-layered approach across the four pillars of security: Perimeter, Access, Visibility, and Data. Sentry addresses the security requirements for the Access pillar and is a critical part of meeting even the most stringent compliance regulations and ensuring that even your more sensitive data is secured.
Partnered with the ecosystem
Seamlessly integrate with the tools your business already uses by leveraging Cloudera’s ecosystem of thousands of partners. With a robust partner certification program, we are continuously working to build out production-hardened integrations between Sentry and the most popular third-party tools.
Expert support for Sentry
Trained by its creators, Cloudera has Sentry experts available across the globe ready to deliver world-class SCP-certified support 24/7. With more experience across more production customers, for more use cases, Cloudera is the leader in Sentry support so you can focus on results.