Security Architecture

Hortonworks Data Cloud utilizes AWS security resources such as VPC, security groups, and IAM roles to ensure maximum security for your clusters. In addition, HDCloud imposes network restrictions through a protected gateway and provides authenticated endpoints for cluster services and UIs.

The following diagram illustrates general HDCloud security architecture:

As the diagram illustrates, HDCLoud security architecture ensures:

  1. Network isolation via user-configured VPCs and subnets. Read more about Virtual Private Cloud.

  2. Network security, achieved via out-of-the-box security group settings and traffic restrictions via a protected gateway, through which all traffic is routed, avoiding the need to open multiple ports and protocols for each individual service. Read more about Network Security.

  3. Authenticated endpoints for all services and UIs that are supported. Read more about Authentication.

  4. Controlled use of AWS resources using IAM roles. Read more about IAM Roles.

Security Best Practices and Checklist

Security Best Practices

Follow these best practices to ensure security of your AWS environment:

Checklist for Vulnerabilities

The following checklists will help you optimize your AWS environment for security: