GetClusterSessionCredentials - Amazon EMR

GetClusterSessionCredentials

Provides temporary, HTTP basic credentials that are associated with a given runtime IAM role and used by a cluster with fine-grained access control activated. You can use these credentials to connect to cluster endpoints that support username and password authentication.

Request Syntax

{ "ClusterId": "string", "ExecutionRoleArn": "string" }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

ClusterId

The unique identifier of the cluster.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 256.

Pattern: [\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\r\n\t]*

Required: Yes

ExecutionRoleArn

The Amazon Resource Name (ARN) of the runtime role for interactive workload submission on the cluster. The runtime role can be a cross-account IAM role. The runtime role ARN is a combination of account ID, role name, and role type using the following format: arn:partition:service:region:account:resource.

Type: String

Length Constraints: Minimum length of 20. Maximum length of 2048.

Required: No

Response Syntax

{ "Credentials": { ... }, "ExpiresAt": number }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

Credentials

The credentials that you can use to connect to cluster endpoints that support username and password authentication.

Type: Credentials object

Note: This object is a Union. Only one member of this object can be specified or returned.

ExpiresAt

The time when the credentials that are returned by the GetClusterSessionCredentials API expire.

Type: Timestamp

Errors

For information about the errors that are common to all actions, see Common Errors.

InternalServerError

Indicates that an error occurred while processing the request and that the request was not completed.

HTTP Status Code: 400

InvalidRequestException

This exception occurs when there is something wrong with user input.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: