197 Kerberos You can set up Kerberos to provide strong authentication through

197 kerberos you can set up kerberos to provide

This preview shows page 152 - 154 out of 395 pages.

Configure IAM Roles for EMRFS Requests to Amazon S3 (p. 197) . Kerberos You can set up Kerberos to provide strong authentication through secret-key cryptography. For more information, see Use Kerberos Authentication (p. 215) . Lake Formation You can use Lake Formation permissions together with the AWS Glue Data Catalog to provide fine- grained, column-level access to databases and tables in the AWS Glue Data Catalog. Lake Formation enables federated single sign-on to EMR Notebooks or Apache Zeppelin from an enterprise identity system. For more information, see Integrating Amazon EMR with AWS Lake Formation (Beta) (p. 240) . Secure Socket Shell (SSH) SSH helps provide a secure way for users to connect to the command line on cluster instances. It also provides tunneling to view web interfaces that applications host on the master node. Clients can authenticate using Kerberos or an Amazon EC2 key pair. For more information, see Use an Amazon EC2 Key Pair for SSH Credentials (p. 214) and Connect to the Cluster (p. 313) . Amazon EC2 Security Groups Security groups act as a virtual firewall for EMR cluster instances, limiting inbound and outbound network traffic. For more information, see Control Network Traffic with Security Groups (p. 258) . Updates to the default Amazon Linux AMI for Amazon EMR When an Amazon EC2 instance in a cluster that is based on the default Amazon Linux AMI for Amazon EMR boots for the first time, critical security updates are installed by default. Other updates are not installed. Depending on the security posture of your application and the length of time that a cluster runs, you may choose to periodically reboot your cluster to apply security updates, or create a bootstrap action to customize package installation and updates. You may also choose to test and then install select security updates on running cluster instances. For more information, see Using the Default Amazon Linux AMI for Amazon EMR (p. 92) . 146
Image of page 152
Amazon EMR Management Guide Use Security Configurations to Set Up Cluster Security Use Security Configurations to Set Up Cluster Security With Amazon EMR release version 4.8.0 or later, you can use security configurations to configure data encryption, Kerberos authentication (available in release version 5.10.0 and later), and Amazon S3 authorization for EMRFS (available in release version 5.10.0 or later). After you create a security configuration, you specify it when you create a cluster, and you can re-use it for any number of clusters. You can use the console, the AWS Command Line Interface (AWS CLI), or the AWS SDKs to create security configurations. You can also use an AWS CloudFormation template to create a security configuration. For more information, see AWS CloudFormation User Guide and the template reference for AWS::EMR::SecurityConfiguration . Topics Create a Security Configuration (p. 147) Specify a Security Configuration for a Cluster (p. 163) Create a Security Configuration This topic covers general procedures for creating a security configuration using the EMR console and the
Image of page 153
Image of page 154

You've reached the end of your free preview.

Want to read all 395 pages?

  • Spring '12
  • LauraParker
  • Amazon Web Services, Amazon Elastic Compute Cloud

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern

Stuck? We have tutors online 24/7 who can help you get unstuck.
A+ icon
Ask Expert Tutors You can ask You can ask ( soon) You can ask (will expire )
Answers in as fast as 15 minutes
A+ icon
Ask Expert Tutors