aws-cdk-lib.aws_stepfunctions_tasks.EmrCreateCluster.KerberosAttributesProperty

interface KerberosAttributesProperty

LanguageType name
.NETAmazon.CDK.AWS.StepFunctions.Tasks.EmrCreateCluster.KerberosAttributesProperty
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsstepfunctionstasks#EmrCreateCluster_KerberosAttributesProperty
Javasoftware.amazon.awscdk.services.stepfunctions.tasks.EmrCreateCluster.KerberosAttributesProperty
Pythonaws_cdk.aws_stepfunctions_tasks.EmrCreateCluster.KerberosAttributesProperty
TypeScript (source)aws-cdk-lib » aws_stepfunctions_tasks » EmrCreateCluster » KerberosAttributesProperty

Attributes for Kerberos configuration when Kerberos authentication is enabled using a security configuration.

See the RunJobFlow API for complete documentation on input parameters

See also: https://docs.aws.amazon.com/emr/latest/APIReference/API_KerberosAttributes.html

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_stepfunctions_tasks as stepfunctions_tasks } from 'aws-cdk-lib';
const kerberosAttributesProperty: stepfunctions_tasks.EmrCreateCluster.KerberosAttributesProperty = {
  realm: 'realm',

  // the properties below are optional
  adDomainJoinPassword: 'adDomainJoinPassword',
  adDomainJoinUser: 'adDomainJoinUser',
  crossRealmTrustPrincipalPassword: 'crossRealmTrustPrincipalPassword',
  kdcAdminPassword: 'kdcAdminPassword',
};

Properties

NameTypeDescription
realmstringThe name of the Kerberos realm to which all nodes in a cluster belong.
adDomainJoinPassword?stringThe Active Directory password for ADDomainJoinUser.
adDomainJoinUser?stringRequired only when establishing a cross-realm trust with an Active Directory domain.
crossRealmTrustPrincipalPassword?stringRequired only when establishing a cross-realm trust with a KDC in a different realm.
kdcAdminPassword?stringThe password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster.

realm

Type: string

The name of the Kerberos realm to which all nodes in a cluster belong.

For example, EC2.INTERNAL.


adDomainJoinPassword?

Type: string (optional, default: No adDomainJoinPassword)

The Active Directory password for ADDomainJoinUser.


adDomainJoinUser?

Type: string (optional, default: No adDomainJoinUser)

Required only when establishing a cross-realm trust with an Active Directory domain.

A user with sufficient privileges to join resources to the domain.


crossRealmTrustPrincipalPassword?

Type: string (optional, default: No crossRealmTrustPrincipalPassword)

Required only when establishing a cross-realm trust with a KDC in a different realm.

The cross-realm principal password, which must be identical across realms.


kdcAdminPassword?

Type: string (optional, default: No kdcAdminPassword)

The password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster.