AWS::EMR::Cluster KerberosAttributes - AWS CloudFormation

AWS::EMR::Cluster KerberosAttributes

KerberosAttributes is a property of the AWS::EMR::Cluster resource. KerberosAttributes define the cluster-specific Kerberos configuration when Kerberos authentication is enabled using a security configuration. The cluster-specific configuration must be compatible with the security configuration. For more information see Use Kerberos Authentication in the EMR Management Guide.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "ADDomainJoinPassword" : String, "ADDomainJoinUser" : String, "CrossRealmTrustPrincipalPassword" : String, "KdcAdminPassword" : String, "Realm" : String }

Properties

ADDomainJoinPassword

The Active Directory password for ADDomainJoinUser.

Required: No

Type: String

Minimum: 0

Maximum: 256

Pattern: [\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\r\n\t]*

Update requires: No interruption

ADDomainJoinUser

Required only when establishing a cross-realm trust with an Active Directory domain. A user with sufficient privileges to join resources to the domain.

Required: No

Type: String

Minimum: 0

Maximum: 256

Pattern: [\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\r\n\t]*

Update requires: No interruption

CrossRealmTrustPrincipalPassword

Required only when establishing a cross-realm trust with a KDC in a different realm. The cross-realm principal password, which must be identical across realms.

Required: No

Type: String

Minimum: 0

Maximum: 256

Pattern: [\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\r\n\t]*

Update requires: No interruption

KdcAdminPassword

The password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster.

Required: Yes

Type: String

Minimum: 0

Maximum: 256

Pattern: [\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\r\n\t]*

Update requires: No interruption

Realm

The name of the Kerberos realm to which all nodes in a cluster belong. For example, EC2.INTERNAL.

Required: Yes

Type: String

Minimum: 0

Maximum: 256

Pattern: [\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\r\n\t]*

Update requires: No interruption