Open Source, Fine-Grained Access Control for your Enterprise Data Hub

A key part of compliance-ready security is controlling access to data. Apache Sentry (incubating) is a unified authorization mechanism so you can store sensitive data in Hadoop. Sentry is a fully integrated component of CDH and provides fine-grained authorization and role-based access control all through a single system. Sentry currently integrates with the open source SQL query frameworks, Apache Hive and Cloudera Impala, and the open source search engine, Cloudera Search, and can also extend to other computing engines within the Hadoop ecosystem. Sentry is a crucial part of compliance-ready security and is available with CDH and Cloudera Enterprise out-of-the-box.

Download Sentry

Project Rhino is an open source initiative dedicated to enhancing security in Hadoop. In collaboration with Intel and the community, Cloudera is dedicated to furthering the efforts of Project Rhino. As part of the initiative, Cloudera has donated Apache Sentry as a common authorization framework. Learn more about Project Rhino at

Comprehensive Security for the Enterprise Data Hub

An enterprise data hub, powered by Hadoop, is a single, low-cost platform where organizations can efficiently and securely store, process, analyze, govern, archive, and serve any and all of their enterprise data. Sentry provides the granularity required to secure access to data within an enterprise data hub for the majority of SQL, BI, and search tools and use cases - all through a single system. Some key features of Sentry include:

  • Improved Regulatory Compliance – Business teams can leverage the power of Hadoop while aligning with regulatory mandates like HIPAA, SOX, and PCI.
  • Role-Based Administration – Database administrators can unlock key role-based access control (RBAC) requirements and define what users and applications can do with data within a server, database, table, view, and search indexes.
  • Data Classification – Content producers and owners can intersperse sensitive data with non-sensitive data in the same data set through fine-grained controls.
  • Expanded User Base – Operations staff can extend the power of Hadoop to more users through a central administration group - allowing different departments to access different datasets.
  • Simplified Policy Management – Easily and consistently manage policies for user roles via either SQL or the visual HUE (Hadoop User Experience) UI.

With Sentry:

  • Gain comprehensive control of user access to subsets of data
  • Simplify permissions management based on functional roles
  • Delegate security management to individual administrators
  • Benefit from open source innovation for Hive, Impala, Search, and more

Make Hadoop safer, more compliant, and ready for enterprise use, in even the most highly regulated industries, with Sentry.

Get Support for Sentry with Cloudera Enterprise

Cloudera Enterprise is a unified data management platform that provides compliance-ready security and governance. As a Cloudera Enterprise customer, you get access to the industry’s best support, automatic updates to crucial data security capabilities, and actively influence the future of the project.

Learn More about Cloudera Enterprise