When we initially installed SAS and Hadoop we used simple Kerberos Hive2 connections to connect to our Hadoop environments.
Nowadays we need to revisit this and add SSL security to our connections, so Kerberos principle and Hive2 does not seem to support that.
We liked it because we did not need to pass userid and passw in the libname statements.
We now need to find a suitable way to add SSL. Knox gateway seems to do this, but it requires adding the userid and passw to the connection in the Libname statement. Which is a downer.
Is there a way to connect to Hadoop (Cloudera) to add SSL encryption to our connection in the Libname statement or config files?
If we use Knox we want to do so without adding a username and passw, so it should be integrated with IWA or LDAP.
If we can we would like to have the benefit of BOTH SSL encryption and omit pesky userid and passw in the Libname statements, which is useful for service accounts running batch jobs.
How did you approach this on your platforms? What solutions were you able to find?
BTW - It looks like Knox Gateway will always require userid and passw.... As it is Perimeter based security.
The SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment.
Learn how to install the SAS Viya CLI and a few commands you may find useful in this video by SAS’ Darrell Barton.
Find more tutorials on the SAS Users YouTube channel.