Class CfnSecurityConfiguration

Use a SecurityConfiguration resource to configure data encryption, Kerberos authentication (available in Amazon EMR release version 5.10.0 and later), and Amazon S3 authorization for EMRFS (available in EMR 5.10.0 and later). You can re-use a security configuration for any number of clusters in your account. For more information and example security configuration JSON objects, see Create a Security Configuration in the Amazon EMR Management Guide .

Inheritance
object
CfnElement
CfnRefElement
CfnResource
CfnSecurityConfiguration
Implements
IConstruct
IDependable
Inherited Members
Namespace: Amazon.CDK.AWS.EMR
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class CfnSecurityConfiguration : CfnResource, IInspectable, ISecurityConfigurationRef, IConstruct, IDependable, IEnvironmentAware
Syntax (vb)
Public Class CfnSecurityConfiguration Inherits CfnResource Implements IInspectable, ISecurityConfigurationRef, IConstruct, IDependable, IEnvironmentAware
Remarks

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-securityconfiguration.html

CloudformationResource: AWS::EMR::SecurityConfiguration

ExampleMetadata: infused

Examples
using Amazon.CDK.AWS.EMR;


             var cfnSecurityConfiguration = new CfnSecurityConfiguration(this, "EmrSecurityConfiguration", new CfnSecurityConfigurationProps {
                 Name = "AddStepRuntimeRoleSecConfig",
                 SecurityConfiguration = JSON.Parse(@"
                     {
                       ""AuthorizationConfiguration"": {
                           ""IAMConfiguration"": {
                               ""EnableApplicationScopedIAMRole"": true,
                               ""ApplicationScopedIAMRoleConfiguration"":
                                   {
                                       ""PropagateSourceIdentity"": true
                                   }
                           },
                           ""LakeFormationConfiguration"": {
                               ""AuthorizedSessionTagValue"": ""Amazon EMR""
                           }
                       }
                     }")
             });

             var task = new EmrCreateCluster(this, "Create Cluster", new EmrCreateClusterProps {
                 Instances = new InstancesConfigProperty { },
                 Name = TaskInput.FromJsonPathAt("$.ClusterName").Value,
                 SecurityConfiguration = cfnSecurityConfiguration.Name
             });

             var executionRole = new Role(this, "Role", new RoleProps {
                 AssumedBy = new ArnPrincipal(task.ClusterRole.RoleArn)
             });

             executionRole.AssumeRolePolicy.AddStatements(
             new PolicyStatement(new PolicyStatementProps {
                 Effect = Effect.ALLOW,
                 Principals = new [] { task.ClusterRole },
                 Actions = new [] { "sts:SetSourceIdentity" }
             }),
             new PolicyStatement(new PolicyStatementProps {
                 Effect = Effect.ALLOW,
                 Principals = new [] { task.ClusterRole },
                 Actions = new [] { "sts:TagSession" },
                 Conditions = new Dictionary<string, object> {
                     { "StringEquals", new Dictionary<string, string> {
                         { "aws:RequestTag/LakeFormationAuthorizedCaller", "Amazon EMR" }
                     } }
                 }
             }));

             new EmrAddStep(this, "Task", new EmrAddStepProps {
                 ClusterId = "ClusterId",
                 ExecutionRoleArn = executionRole.RoleArn,
                 Name = "StepName",
                 Jar = "Jar",
                 ActionOnFailure = ActionOnFailure.CONTINUE
             });

Synopsis

Constructors

CfnSecurityConfiguration(Construct, string, ICfnSecurityConfigurationProps)

Create a new AWS::EMR::SecurityConfiguration.

Properties

CFN_RESOURCE_TYPE_NAME

The CloudFormation resource type name for this resource class.
CfnProperties

Use a SecurityConfiguration resource to configure data encryption, Kerberos authentication (available in Amazon EMR release version 5.10.0 and later), and Amazon S3 authorization for EMRFS (available in EMR 5.10.0 and later). You can re-use a security configuration for any number of clusters in your account. For more information and example security configuration JSON objects, see Create a Security Configuration in the Amazon EMR Management Guide .
Name

The name of the security configuration.
SecurityConfiguration

The security configuration details in JSON format.
SecurityConfigurationRef

A reference to a SecurityConfiguration resource.

Methods

Inspect(TreeInspector)

Examines the CloudFormation resource and discloses attributes.
IsCfnSecurityConfiguration(object)

Checks whether the given object is a CfnSecurityConfiguration.
RenderProperties(IDictionary<string, object>)

Use a SecurityConfiguration resource to configure data encryption, Kerberos authentication (available in Amazon EMR release version 5.10.0 and later), and Amazon S3 authorization for EMRFS (available in EMR 5.10.0 and later). You can re-use a security configuration for any number of clusters in your account. For more information and example security configuration JSON objects, see Create a Security Configuration in the Amazon EMR Management Guide .

Constructors

CfnSecurityConfiguration(Construct, string, ICfnSecurityConfigurationProps)

Create a new AWS::EMR::SecurityConfiguration.

public CfnSecurityConfiguration(Construct scope, string id, ICfnSecurityConfigurationProps props)
Parameters
scope Construct

Scope in which this resource is defined.

id string

Construct identifier for this resource (unique in its scope).

props ICfnSecurityConfigurationProps

Resource properties.

Remarks

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-securityconfiguration.html

CloudformationResource: AWS::EMR::SecurityConfiguration

ExampleMetadata: infused

Properties

CFN_RESOURCE_TYPE_NAME

The CloudFormation resource type name for this resource class.

public static string CFN_RESOURCE_TYPE_NAME { get; }
Property Value

string

Remarks

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-securityconfiguration.html

CloudformationResource: AWS::EMR::SecurityConfiguration

ExampleMetadata: infused

CfnProperties

Use a SecurityConfiguration resource to configure data encryption, Kerberos authentication (available in Amazon EMR release version 5.10.0 and later), and Amazon S3 authorization for EMRFS (available in EMR 5.10.0 and later). You can re-use a security configuration for any number of clusters in your account. For more information and example security configuration JSON objects, see Create a Security Configuration in the Amazon EMR Management Guide .

protected override IDictionary<string, object> CfnProperties { get; }
Property Value

IDictionary<string, object>

Overrides
Remarks

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-securityconfiguration.html

CloudformationResource: AWS::EMR::SecurityConfiguration

ExampleMetadata: infused

Name

The name of the security configuration.

public virtual string? Name { get; set; }
Property Value

string

Remarks

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-securityconfiguration.html

CloudformationResource: AWS::EMR::SecurityConfiguration

ExampleMetadata: infused

SecurityConfiguration

The security configuration details in JSON format.

public virtual object SecurityConfiguration { get; set; }
Property Value

object

Remarks

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-securityconfiguration.html

CloudformationResource: AWS::EMR::SecurityConfiguration

ExampleMetadata: infused

SecurityConfigurationRef

A reference to a SecurityConfiguration resource.

public virtual ISecurityConfigurationReference SecurityConfigurationRef { get; }
Property Value

ISecurityConfigurationReference

Remarks

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-securityconfiguration.html

CloudformationResource: AWS::EMR::SecurityConfiguration

ExampleMetadata: infused

Methods

Inspect(TreeInspector)

Examines the CloudFormation resource and discloses attributes.

public virtual void Inspect(TreeInspector inspector)
Parameters
inspector TreeInspector

tree inspector to collect and process attributes.

Remarks

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-securityconfiguration.html

CloudformationResource: AWS::EMR::SecurityConfiguration

ExampleMetadata: infused

IsCfnSecurityConfiguration(object)

Checks whether the given object is a CfnSecurityConfiguration.

public static bool IsCfnSecurityConfiguration(object x)
Parameters
x object
Returns

bool

Remarks

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-securityconfiguration.html

CloudformationResource: AWS::EMR::SecurityConfiguration

ExampleMetadata: infused

RenderProperties(IDictionary<string, object>)

Use a SecurityConfiguration resource to configure data encryption, Kerberos authentication (available in Amazon EMR release version 5.10.0 and later), and Amazon S3 authorization for EMRFS (available in EMR 5.10.0 and later). You can re-use a security configuration for any number of clusters in your account. For more information and example security configuration JSON objects, see Create a Security Configuration in the Amazon EMR Management Guide .

protected override IDictionary<string, object> RenderProperties(IDictionary<string, object> props)
Parameters
props IDictionary<string, object>
Returns

IDictionary<string, object>

Overrides
Remarks

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-securityconfiguration.html

CloudformationResource: AWS::EMR::SecurityConfiguration

ExampleMetadata: infused

Implements

Constructs.IConstruct
Constructs.IDependable