404

[ Avaa Bypassed ]




Upload:

Command:

botdev@3.16.139.76: ~ $
**1. To create a security configuration with in-transit encryption enabled with PEM for certificate provider, and at-rest encryption enabled with SSE-S3 for S3 encryption and AWS-KMS for local disk key provider**

- Command::

	 aws emr create-security-configuration --name MySecurityConfig --security-configuration '{
		"EncryptionConfiguration": {
			"EnableInTransitEncryption" : true,
			"EnableAtRestEncryption" : true,
			"InTransitEncryptionConfiguration" : {
				"TLSCertificateConfiguration" : {
					"CertificateProviderType" : "PEM",
					"S3Object" : "s3://mycertstore/artifacts/MyCerts.zip"
				}
			},
			"AtRestEncryptionConfiguration" : {
				"S3EncryptionConfiguration" : {
					"EncryptionMode" : "SSE-S3"
				},
				"LocalDiskEncryptionConfiguration" : {
					"EncryptionKeyProviderType" : "AwsKms",
					"AwsKmsKey" : "arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012"
				}
			}
		}
	}'

- Output::

    {
    "CreationDateTime": 1474070889.129,
    "Name": "MySecurityConfig"
    }

- JSON equivalent (contents of security_configuration.json)::

    {
        "EncryptionConfiguration": {
            "EnableInTransitEncryption": true,
            "EnableAtRestEncryption": true,
            "InTransitEncryptionConfiguration": {
                "TLSCertificateConfiguration": {
                    "CertificateProviderType": "PEM",
                    "S3Object": "s3://mycertstore/artifacts/MyCerts.zip"
                }
            },
            "AtRestEncryptionConfiguration": {
                "S3EncryptionConfiguration": {
                    "EncryptionMode": "SSE-S3"
                },
                "LocalDiskEncryptionConfiguration": {
                    "EncryptionKeyProviderType": "AwsKms",
                    "AwsKmsKey": "arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012"
                }
            }
        }
    }

- Command (using security_configuration.json)::

   aws emr create-security-configuration --name "MySecurityConfig" --security-configuration file://./security_configuration.json

- Output::

    {
    "CreationDateTime": 1474070889.129,
    "Name": "MySecurityConfig"
    }

**2. To create a security configuration with Kerberos enabled using cluster-dedicated KDC and cross-realm trust**

- Command::

     aws emr create-security-configuration --name MySecurityConfig --security-configuration '{
         "AuthenticationConfiguration": {
             "KerberosConfiguration": {
                 "Provider": "ClusterDedicatedKdc",
                 "ClusterDedicatedKdcConfiguration": {
                     "TicketLifetimeInHours": 24,
                     "CrossRealmTrustConfiguration": {
                       "Realm": "AD.DOMAIN.COM",
                       "Domain": "ad.domain.com",
                       "AdminServer": "ad.domain.com",
                       "KdcServer": "ad.domain.com"
                     }
                 }
             }
         }
    }'

- Output::

    {
    "CreationDateTime": 1490225558.982,
    "Name": "MySecurityConfig"
    }

- JSON equivalent (contents of security_configuration.json)::

    {
        "AuthenticationConfiguration": {
            "KerberosConfiguration": {
                "Provider": "ClusterDedicatedKdc",
                "ClusterDedicatedKdcConfiguration": {
                    "TicketLifetimeInHours": 24,
                    "CrossRealmTrustConfiguration": {
                        "Realm": "AD.DOMAIN.COM",
                        "Domain": "ad.domain.com",
                        "AdminServer": "ad.domain.com",
                        "KdcServer": "ad.domain.com"
                    }
                }
            }
        }
    }

- Command (using security_configuration.json)::

   aws emr create-security-configuration --name "MySecurityConfig" --security-configuration file://./security_configuration.json

- Output::

    {
    "CreationDateTime": 1490225558.982,
    "Name": "MySecurityConfig"
    }

Filemanager

Name Type Size Permission Actions
add-instance-fleet.rst File 521 B 0644
add-steps.rst File 4.37 KB 0644
add-tags.rst File 648 B 0644
create-cluster-examples.rst File 29.94 KB 0644
create-cluster-synopsis.txt File 1.17 KB 0644
create-default-roles.rst File 5.55 KB 0644
create-security-configuration.rst File 3.91 KB 0644
delete-security-configuration.rst File 173 B 0644
describe-cluster.rst File 9.37 KB 0644
describe-step.rst File 1.12 KB 0644
get.rst File 258 B 0644
list-clusters.rst File 670 B 0644
list-instance-fleets.rst File 1.98 KB 0644
list-instances.rst File 3.19 KB 0644
list-security-configurations.rst File 437 B 0644
list-steps.rst File 151 B 0644
modify-cluster-attributes.rst File 196 B 0644
modify-instance-fleet.rst File 333 B 0644
put.rst File 287 B 0644
remove-tags.rst File 184 B 0644
schedule-hbase-backup.rst File 678 B 0644
socks.rst File 273 B 0644
ssh.rst File 1.43 KB 0644
wait.rst File 165 B 0644