3 Choose Block public access 4 Under Block public access settings complete the

3 choose block public access 4 under block public

This preview shows page 273 - 276 out of 395 pages.

3. Choose Block public access . 4. Under Block public access settings , complete the following steps. To... Do this... Turn block public access on or off Choose Change , choose On or Off as appropriate, and then choose the check mark to confirm. Edit ports in the list of exceptions 1. Under Exceptions , choose Edit . 2. To add ports to the list of exceptions, choose Add a port range and enter a new port or 267
Image of page 273
Amazon EMR Management Guide Using Block Public Access To... Do this... port range. Repeat for each port or port range to add. 3. To remove a port or port range, choose the x next to the entry in the Port ranges list. 4. Choose Save Changes . To configure block public access using the AWS CLI Use the aws emr put-block-public-access-configuration command to configure block public access as shown in the following examples. To... Do this... Turn block public access on Set BlockPublicSecurityGroupRules to true as shown in the following example. For the cluster to launch, no security group associated with a cluster can have an inbound rule that allows public access. aws emr put-block-public- access-configuration --block- public-access-configuration BlockPublicSecurityGroupRules=true Turn block public access off Set BlockPublicSecurityGroupRules to false as shown in the following example. Security groups associated with a cluster can have inbound rules that allow public access on any port. We do not recommend this configuration. aws emr put-block-public- access-configuration --block- public-access-configuration BlockPublicSecurityGroupRules=false Turn block public access on and specify ports as exceptions The following example turns on block public access, and specifies Port 22 and Ports 100-101 as exceptions. This allows clusters to be created if an associated security group has an inbound rule that allows public access on Port 22, Port 100, or Port 101. aws emr put-block-public- access-configuration --block- public-access-configuration '{ "BlockPublicSecurityGroupRules": true, "PermittedPublicSecurityGroupRuleRanges": [ { "MinRange": 22, "MaxRange": 22 }, { "MinRange": 100, "MaxRange": 101 } ] }' 268
Image of page 274
Amazon EMR Management Guide Compliance Validation Compliance Validation for Amazon EMR Third-party auditors assess the security and compliance of Amazon EMR as part of multiple AWS compliance programs. These include SOC, PCI, FedRAMP, HIPAA, and others. For a list of AWS services in scope of specific compliance programs, see AWS Services in Scope by Compliance Program . For general information, see AWS Compliance Programs . You can download third-party audit reports using AWS Artifact. For more information, see Downloading Reports in AWS Artifact . Your compliance responsibility when using Amazon EMR is determined by the sensitivity of your data, your company's compliance objectives, and applicable laws and regulations. If your use of Amazon EMR is subject to compliance with standards such as HIPAA, PCI, or FedRAMP, AWS provides resources to help: Security and Compliance Quick Start Guides – These deployment guides discuss architectural
Image of page 275
Image of page 276

You've reached the end of your free preview.

Want to read all 395 pages?

  • Spring '12
  • LauraParker
  • Amazon Web Services, Amazon Elastic Compute Cloud

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern

Stuck? We have tutors online 24/7 who can help you get unstuck.
A+ icon
Ask Expert Tutors You can ask You can ask ( soon) You can ask (will expire )
Answers in as fast as 15 minutes
A+ icon
Ask Expert Tutors