Interface ICfnSecurityConfigurationProps

Properties for defining a CfnSecurityConfiguration.

Namespace: Amazon.CDK.AWS.EMR
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public interface ICfnSecurityConfigurationProps
Syntax (vb)
Public Interface ICfnSecurityConfigurationProps
Remarks

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-securityconfiguration.html

ExampleMetadata: infused

Examples
using Amazon.CDK.AWS.EMR;


var cfnSecurityConfiguration = new CfnSecurityConfiguration(this, "EmrSecurityConfiguration", new CfnSecurityConfigurationProps {
    Name = "AddStepRuntimeRoleSecConfig",
    SecurityConfiguration = JSON.Parse(@"
        {
          ""AuthorizationConfiguration"": {
              ""IAMConfiguration"": {
                  ""EnableApplicationScopedIAMRole"": true,
                  ""ApplicationScopedIAMRoleConfiguration"":
                      {
                          ""PropagateSourceIdentity"": true
                      }
              },
              ""LakeFormationConfiguration"": {
                  ""AuthorizedSessionTagValue"": ""Amazon EMR""
              }
          }
        }")
});

var task = new EmrCreateCluster(this, "Create Cluster", new EmrCreateClusterProps {
    Instances = new InstancesConfigProperty { },
    Name = TaskInput.FromJsonPathAt("$.ClusterName").Value,
    SecurityConfiguration = cfnSecurityConfiguration.Name
});

var executionRole = new Role(this, "Role", new RoleProps {
    AssumedBy = new ArnPrincipal(task.ClusterRole.RoleArn)
});

executionRole.AssumeRolePolicy.AddStatements(
new PolicyStatement(new PolicyStatementProps {
    Effect = Effect.ALLOW,
    Principals = new [] { task.ClusterRole },
    Actions = new [] { "sts:SetSourceIdentity" }
}),
new PolicyStatement(new PolicyStatementProps {
    Effect = Effect.ALLOW,
    Principals = new [] { task.ClusterRole },
    Actions = new [] { "sts:TagSession" },
    Conditions = new Dictionary<string, object> {
        { "StringEquals", new Dictionary<string, string> {
            { "aws:RequestTag/LakeFormationAuthorizedCaller", "Amazon EMR" }
        } }
    }
}));

new EmrAddStep(this, "Task", new EmrAddStepProps {
    ClusterId = "ClusterId",
    ExecutionRoleArn = executionRole.RoleArn,
    Name = "StepName",
    Jar = "Jar",
    ActionOnFailure = ActionOnFailure.CONTINUE
});

Synopsis

Properties

Name

The name of the security configuration.
SecurityConfiguration

The security configuration details in JSON format.

Properties

Name

The name of the security configuration.

virtual string Name { get; }
Property Value

System.String

Remarks

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-securityconfiguration.html#cfn-emr-securityconfiguration-name

SecurityConfiguration

The security configuration details in JSON format.

object SecurityConfiguration { get; }
Property Value

System.Object

Remarks

For JSON parameters and examples, see Use Security Configurations to Set Up Cluster Security in the Amazon EMR Management Guide .

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-securityconfiguration.html#cfn-emr-securityconfiguration-securityconfiguration