Dec 19 2017 02:55 PM - edited Dec 19 2017 02:58 PM
By default, when you provision a HDInsight cluster, you are required to create a local admin user and local SSH user that has full access to the cluster. The local admin user can access all the files, folders, tables, columns, etc. With a single local user, there is no need for role-based access control. However, as enterprise customers move to the cloud, they must enable strict security requirements in terms of authentication, authorization, auditing, and governance. This is especially important with larger or multiple teams that share the same cluster. Admins don’t want to create individual clusters for individual users. When we talked to customers, we received three main requests as part of enabling cluster access to multiple users:
Today, we are excited to announce that these features are available as part of the add-on (optional) Enterprise Security Package. As part of provisioning the HDInsight cluster, you can optionally select the Enterprise Security Package.
Read about it in the Azure blog.