Apache Hadoop clusters with secure transfer storage accounts in Azure HDInsight
The Secure transfer required feature enhances the security of your Azure Storage account by enforcing all requests to your account through a secure connection. This feature and the wasbs scheme are only supported by HDInsight cluster version 3.6 or newer.
Enabling secure storage transfer after creating a cluster can result in errors using your storage account and is not recommended. It is better to create a new cluster using a storage account with secure transfer already enabled.
By default, the secure transfer required property is enabled when you create a storage account in Azure portal.
To update an existing storage account with Azure portal, see Require secure transfer with Azure portal.
For the PowerShell cmdlet New-AzStorageAccount, ensure parameter
-EnableHttpsTrafficOnly is set to
To update an existing storage account with PowerShell, see Require secure transfer with PowerShell.
For the Azure CLI command az storage account create, ensure parameter
--https-only is set to
To update an existing storage account with Azure CLI, see Require secure transfer with Azure CLI.
Add additional storage accounts
There are several options to add additional secure transfer enabled storage accounts:
- Modify the Azure Resource Manager template in the last section.
- Create a cluster using the Azure portal and specify linked storage account.
- Use script action to add additional secure transfer enabled storage accounts to an existing HDInsight cluster. For more information, see Add additional storage accounts to HDInsight.