AWS Amazon EMR Security Configuration
This page shows how to write Terraform and CloudFormation for Amazon EMR Security Configuration and write them securely.
aws_emr_security_configuration (Terraform)
The Security Configuration in Amazon EMR can be configured in Terraform with the resource name aws_emr_security_configuration
. The following sections describe 5 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_emr_security_configuration" "this" {
configuration = var.configuration
name = var.name
name_prefix = var.name_prefix
}
resource "aws_emr_security_configuration" "fail" {
name = "fail"
configuration = <<EOF
{
"EncryptionConfiguration": {
resource "aws_emr_security_configuration" "emr_security_configuration" {
count = var.enable_emr_security_configuration ? 1 : 0
configuration = var.emr_security_configuration_configuration
name = var.emr_security_configuration_name
resource "aws_emr_security_configuration" "emr_security_configuration" {
count = var.enable_emr_security_configuration ? 1 : 0
configuration = var.emr_security_configuration_configuration
name = var.emr_security_configuration_name
resource "aws_emr_security_configuration" "emr_security_configuration" {
count = var.enable_emr_security_configuration ? 1 : 0
configuration = var.emr_security_configuration_configuration
name = var.emr_security_configuration_name
Parameters
-
configuration
required - string -
creation_date
optional computed - string -
id
optional computed - string -
name
optional computed - string -
name_prefix
optional - string
Explanation in Terraform Registry
Provides a resource to manage AWS EMR Security Configurations
AWS::EMR::SecurityConfiguration (CloudFormation)
The SecurityConfiguration in EMR can be configured in CloudFormation with the resource name AWS::EMR::SecurityConfiguration
. The following sections describe 10 examples of how to use the resource and its parameters.
Example Usage from GitHub
Type: AWS::EMR::SecurityConfiguration
Properties:
SecurityConfiguration:
EncryptionConfiguration:
EnableAtRestEncryption: true
EnableInTransitEncryption: true
Type: AWS::EMR::SecurityConfiguration
Properties:
SecurityConfiguration:
EncryptionConfiguration:
EnableAtRestEncryption: true
EnableInTransitEncryption: true
Type: AWS::EMR::SecurityConfiguration
Properties:
SecurityConfiguration:
EncryptionConfiguration:
EnableAtRestEncryption: true
EnableInTransitEncryption: true
Type: AWS::EMR::SecurityConfiguration
Properties:
SecurityConfiguration:
EncryptionConfiguration:
EnableAtRestEncryption: false
EnableInTransitEncryption: true
Type: AWS::EMR::SecurityConfiguration
Properties:
SecurityConfiguration:
EncryptionConfiguration:
EnableAtRestEncryption: false
EnableInTransitEncryption: true
"Type": "AWS::EMR::SecurityConfiguration",
"Properties": {
"SecurityConfiguration": {
"EncryptionConfiguration": {
"EnableAtRestEncryption": false,
"EnableInTransitEncryption": true
"Type": "AWS::EMR::SecurityConfiguration",
"Properties": {
"SecurityConfiguration": {
"EncryptionConfiguration": {
"EnableAtRestEncryption": false,
"EnableInTransitEncryption": true
"Type": "AWS::EMR::SecurityConfiguration",
"Properties": {
"Name": "String",
"SecurityConfiguration": {}
}
}
"Type": "AWS::EMR::SecurityConfiguration",
"Properties": {
"Name": "String",
"SecurityConfiguration": {}
}
}
"Type": "AWS::EMR::SecurityConfiguration"
}
}
}
Parameters
-
Name
optional - String -
SecurityConfiguration
required - Json
Explanation in CloudFormation Registry
Use a
SecurityConfiguration
resource to configure data encryption, Kerberos authentication (available in Amazon EMR release version 5.0 and later), and Amazon S3 authorization for EMRFS (available in EMR 5.
0 and later). You can re-use a security configuration for any number of clusters in your account. For more information and example security configuration JSON objects, see Create a Security Configuration in the Amazon EMR Management Guide.
Frequently asked questions
What is AWS Amazon EMR Security Configuration?
AWS Amazon EMR Security Configuration is a resource for Amazon EMR of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.
Where can I find the example code for the AWS Amazon EMR Security Configuration?
For Terraform, the niveklabs/aws, bridgecrewio/checkov and SebastianUA/terraform-aws-emr source code examples are useful. See the Terraform Example section for further details.
For CloudFormation, the stelligent/cfn_nag, gustcol/Canivete and stelligent/cfn_nag source code examples are useful. See the CloudFormation Example section for further details.