Amazon S3 encryption is enabled with SSE S3 and local disk encryption is

Amazon s3 encryption is enabled with sse s3 and local

This preview shows page 159 - 161 out of 395 pages.

Amazon S3 encryption is enabled with SSE-S3 and local disk encryption is disabled. aws emr create-security-configuration --name "MyS3EncryptionConfig" --security- configuration '{ "EncryptionConfiguration": { "EnableInTransitEncryption" : false, "EnableAtRestEncryption" : true, "AtRestEncryptionConfiguration" : { "S3EncryptionConfiguration" : { "EncryptionMode" : "SSE-S3" } } } }' The example below illustrates the following scenario: In-transit data encryption is disabled and at-rest data encryption is enabled. Local disk encryption is enabled with AWS KMS as the key provider and Amazon S3 encryption is disabled. aws emr create-security-configuration --name "MyLocalDiskEncryptionConfig" --security- configuration '{ "EncryptionConfiguration": { "EnableInTransitEncryption" : false, "EnableAtRestEncryption" : true, "AtRestEncryptionConfiguration" : { "LocalDiskEncryptionConfiguration" : { "EncryptionKeyProviderType" : "AwsKms", "AwsKmsKey" : "arn:aws:kms:us- east-1:123456789012:key/12345678-1234-1234-1234-123456789012" } } } }' The example below illustrates the following scenario: In-transit data encryption is disabled and at-rest data encryption is enabled. Local disk encryption is enabled with AWS KMS as the key provider and Amazon S3 encryption is disabled. EBS encryption is enabled. aws emr create-security-configuration --name "MyLocalDiskEncryptionConfig" --security- configuration '{ "EncryptionConfiguration": { "EnableInTransitEncryption" : false, "EnableAtRestEncryption" : true, "AtRestEncryptionConfiguration" : { "LocalDiskEncryptionConfiguration" : { "EnableEbsEncryption" : true, "EncryptionKeyProviderType" : "AwsKms", "AwsKmsKey" : "arn:aws:kms:us- east-1:123456789012:key/12345678-1234-1234-1234-123456789012" } } 153
Image of page 159
Amazon EMR Management Guide Create a Security Configuration } }' JSON Reference for Encryption Settings The following table lists the JSON parameters for encryption settings and provides a description of acceptable values for each parameter. Parameter Description "EnableInTransitEncryption" : true | false Specify true to enable in-transit encryption and false to disable it. If omitted, false is assumed, and in-transit encryption is disabled. "EnableAtRestEncryption" : true | false Specify true to enable at-rest encryption and false to disable it. If omitted, false is assumed and at-rest encryption is disabled. In-transit encryption parameters "InTransitEncryptionConfiguration" : Specifies a collection of values used to configure in-transit encryption when EnableInTransitEncryption is true . "CertificateProviderType" : "PEM" | "Custom" Specifies whether to use PEM certificates referenced with a zipped file, or a Custom certificate provider. If PEM is specified, S3Object must be a reference to the location in Amazon S3 of a zip file containing the certificates. If Custom is specified, S3Object must be a reference to the location in Amazon S3 of a JAR file, followed by a CertificateProviderClass entry. "S3Object" : " ZipLocation " | " JarLocation " Provides the location in Amazon S3 to a zip file when PEM is specified, or to a JAR file when Custom is specified. The format can be a path (for example, s3://MyConfig/artifacts/ CertFiles.zip ) or an ARN (for example, arn:aws:s3:::Code/MyCertProvider.jar) .
Image of page 160
Image of page 161

You've reached the end of your free preview.

Want to read all 395 pages?

  • Spring '12
  • LauraParker
  • Amazon Web Services, Amazon Elastic Compute Cloud

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern

Ask Expert Tutors You can ask You can ask ( soon) You can ask (will expire )
Answers in as fast as 15 minutes