Home
6.0 Platform
Provides a brief overview of what the MapR data platform is and how you can use it to solve enterprise business needs.
Security
Security Architecture
Describes how the design of the MapR security architecture takes into account the main threats to a secure cluster. By default, MapR provides basic authorization functionality and some authentication.
Authorization Architecture: ACLs and ACEs
Describes the authorization architecture in MapR.

MapR 6.0 Documentation

6.0 Platform
Provides a brief overview of what the MapR data platform is and how you can use it to solve enterprise business needs.
- MapR-XD
- MapR-DB
  MapR-DB is an enterprise-grade, high-performance, NoSQL database management system. You can use it for real-time, operational analytics capabilities.
- MapR-ES
  MapR-ES brings integrated publish and subscribe messaging to the MapR Converged Data Platform.
- Cluster Management
- Security
  - Security Capabilities
    Describes authentication, authorization, and encryption capabilities. A secure MapR environment is predicated on authentication, authorization, and encryption capabilities.
  - Security Architecture
    Describes how the design of the MapR security architecture takes into account the main threats to a secure cluster. By default, MapR provides basic authorization functionality and some authentication.
    - Authentication Architecture: The maprlogin Utility
      Describes the authentication architecture in MapR.
    - Authorization Architecture: ACLs and ACEs
      Describes the authorization architecture in MapR.
    - Encryption Architecture: Wire-Level Security
      Describes the encryption architecture in MapR.
    - Audit Architecture: Operations
      Describes auditing architecture in MapR.
  - Ports Used for Secure Services
    Lists the ports used by web interfaces for secure Hadoop 2 services
- YARN
- Client Connections

Authorization Architecture: ACLs and ACEs

Describes the authorization architecture in MapR.

An Access Control List (ACL) is a list of users or groups. Each user or group in the list is paired with a defined set of permissions that limit the actions that the user or group can perform on the object secured by the ACL. In MapR, the objects secured by ACLs are the job queue, volumes, and the cluster itself.

A job queue ACL controls who can submit jobs to a queue, kill jobs, or modify their priority. A volume-level ACL controls which users and groups have administrative access to that volume, and what actions they may perform, such as mirroring the volume, altering the volume properties, dumping or backing up the volume, or deleting the volume.

An Access Control Expression (ACE) is a combination of user, group, and role definitions. A role is a custom defined name that is determined and implemented by your custom authorization code. It can be a property of a user or group that defines a set of behaviors that the user or group performs regularly. ACEs are used to secure MapR-FS (files, directories, and volumes), MapR-DB, and MapR-Streams that use native storage (see Enabling Table and Stream Authorizations with ACEs).