AWS::EMR::Cluster KerberosAttributes
KerberosAttributes
is a property of the AWS::EMR::Cluster
resource. KerberosAttributes
define the cluster-specific Kerberos configuration when Kerberos authentication is enabled using a security configuration. The cluster-specific configuration must be compatible with the security configuration. For more information see Use Kerberos Authentication in the EMR Management Guide.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "ADDomainJoinPassword" :
String
, "ADDomainJoinUser" :String
, "CrossRealmTrustPrincipalPassword" :String
, "KdcAdminPassword" :String
, "Realm" :String
}
YAML
ADDomainJoinPassword:
String
ADDomainJoinUser:String
CrossRealmTrustPrincipalPassword:String
KdcAdminPassword:String
Realm:String
Properties
ADDomainJoinPassword
-
The Active Directory password for
ADDomainJoinUser
.Required: No
Type: String
Minimum:
0
Maximum:
256
Pattern:
[\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\r\n\t]*
Update requires: No interruption
ADDomainJoinUser
-
Required only when establishing a cross-realm trust with an Active Directory domain. A user with sufficient privileges to join resources to the domain.
Required: No
Type: String
Minimum:
0
Maximum:
256
Pattern:
[\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\r\n\t]*
Update requires: No interruption
CrossRealmTrustPrincipalPassword
-
Required only when establishing a cross-realm trust with a KDC in a different realm. The cross-realm principal password, which must be identical across realms.
Required: No
Type: String
Minimum:
0
Maximum:
256
Pattern:
[\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\r\n\t]*
Update requires: No interruption
KdcAdminPassword
-
The password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster.
Required: Yes
Type: String
Minimum:
0
Maximum:
256
Pattern:
[\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\r\n\t]*
Update requires: No interruption
Realm
-
The name of the Kerberos realm to which all nodes in a cluster belong. For example,
EC2.INTERNAL
.Required: Yes
Type: String
Minimum:
0
Maximum:
256
Pattern:
[\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\r\n\t]*
Update requires: No interruption