Security#
In this section of our reference documentation, learn about the basic workflows for securing your Dell Data Analytics Engine, powered by Starburst Enterprise platform (SEP) cluster.
Security topic areas#
There are three main types of security measures for SEP clusters:
User authentication and client security
Security inside the cluster
Security between the cluster and data sources
Built-in access control offer the most convenient way to configure security for the connected data sources as well as the features in the Starburst Enterprise web UI .
This section provides reference material for each of these security types.
Built-in access control#
SEP provides a built-in, role-based access control system that is integrated with the Starburst Enterprise web UI. This system makes it easy to configure any user’s correct access rights to catalogs, schemas, and tables, as well as to elements of the UI itself.
User authentication and client security#
When setting up a new cluster, start with simple password file authentication. Once access to your cluster is secured, SEP provides a number of production-level options for authenticating users such as LDAP, Okta or OAuth 2.0.
SEP also offers several options for delegated authorization. These pass-through features guarantee that SEP uses the same token as a user directly accessing a data source.
Once authenticated, users are authorized by one of SEP’s available access control systems, including our comprehensive built-in access control.
Cluster security#
Cluster security topics cover both securing external client access to your SEP cluster, and internal communications between cluster resources. Secrets are available for use in any configuration file throughout SEP to provide a secure means of managing values such as usernames, passwords and other strings used in the cluster through your provisioning system.
Third-party access control#
If your organization uses Immuta, SEP integrates with it as an external access control system.
Miscellaneous security options#
Learn about other security options that may apply to your environment.