then create additional security groups that allow inbound SSH access from

Then create additional security groups that allow

This preview shows page 270 - 272 out of 395 pages.

then create additional security groups that allow inbound SSH access from trusted clients, and specify the additional security groups for the master instance to each cluster in the subset. You can apply up to four additional security groups for the master instance, four for core and task instances, and four for service access (in private subnets). If necessary, you can specify the same additional security group for master instances, core and task instances, and service access. The maximum number of security groups and rules in your account is subject to account limits. For more information, see Security Group Limits in the Amazon VPC User Guide . Specifying Amazon EMR-Managed and Additional Security Groups You can specify security groups using the AWS Management Console, the AWS CLI, or the EMR API. If you don't specify security groups, Amazon EMR creates default security groups. Specifying additional security groups is optional. You can assign additional security groups for master instances, core and task instances, and service access (private subnets only). To specify security groups using the console 1. Open the Amazon EMR console at . 2. Choose Create cluster , Go to advanced options . 3. Choose options for your cluster until you reach Step 4: Security . 4. Choose EC2 Security Groups to expand the section. Under EMR managed security groups , the default managed security groups are selected by default. If a default doesn't exist in the VPC for Master , Core & Task , or Service Access (private subnet only), Create appears before the associated security group name. 5. If you use custom managed security groups, select them from the EMR managed security groups lists. If you select a custom managed security group, a message notifies you to select a custom security group for other instances. You can use only custom or only default managed security groups for a cluster. 6. Optionally, under Additional security groups , choose the pencil icon, select up to four security groups from the list, and then choose Assign security groups . Repeat for each of Master , Core & Task , and Service Access as desired. 7. Choose Create Cluster . Specifying Security Groups Using the AWS CLI To specify security groups using the AWS CLI you use the create-cluster command with the following parameters of the --ec2-attributes option: 264
Image of page 270
Amazon EMR Management Guide Specifying Security Groups Parameter Description EmrManagedMasterSecurityGroup Use this parameter to specify a custom managed security group for the master instance. If this parameter is specified, EmrManagedSlaveSecurityGroup you must also be specified. For clusters in private subnets, ServiceAccessSecurityGroup must also be specified. EmrManagedSlaveSecurityGroup Use this parameter to specify a custom managed security group for core and task instances. If this parameter is specified, EmrManagedMasterSecurityGroup you must also be specified. For clusters in private subnets, ServiceAccessSecurityGroup must also be specified.
Image of page 271
Image of page 272

You've reached the end of your free preview.

Want to read all 395 pages?

  • Spring '12
  • LauraParker
  • Amazon Web Services, Amazon Elastic Compute Cloud

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern

Stuck? We have tutors online 24/7 who can help you get unstuck.
A+ icon
Ask Expert Tutors You can ask You can ask ( soon) You can ask (will expire )
Answers in as fast as 15 minutes
A+ icon
Ask Expert Tutors