Securing Drill Introduction

Before connecting to a data source, you can configure Drill security features and secure communication pathways to a secure Drill cluster. Security features include:

• Authentication - Drill supports user authentication to secure clusters with:
  • Kerberos. See Configuring Kerberos Security.
  • Username and password (with the Plain mechanism or a Custom Authenticator). See:
    • Configuring Plain Security
    • Creating Custom Authenticators
  • Digest
• Encryption - Drill supports client-to-drillbit encryption with Kerberos to ensure date confidentiality and integrity in Drill 1.11. See Configuring Kerberos Security.
• Authorization - Drill supports restricting an authenticated user’s capabilities. See Configuring User Impersonation with Hive Authorization.
• Impersonation - Drill executes queries on behalf of a client while performing the action requested by the client. See:
  • Configuring User Impersonation.
  • Configuring Inbound Impersonation
  • Configuring User Impersonation with Hive Authorization