Amazon EMR
Management Guide

Configure EMR Security Features

To ensure that Amazon EMR is securely integrated with AWS Lake Formation, configure the following EMR security features:

  • Enable Kerberos authentication using the cluster-dedicated KDC. For more information, see Use Kerberos Authentication.

  • Configure your Amazon EC2 security group or Amazon VPC network access control list (ACL) to allow access to the proxy agent (port 8442) from your user's desktops. For more information, see Control Network Traffic with Security Groups.

  • (Optional) Enable encryption in transit or at rest. For more information, see Encryption Options in the Amazon EMR Management Guide.

  • (Optional) Create a custom Transport Layer Security (TLS) key pair for the proxy agent. For more information, see Customize Proxy Agent Certificate.

For more information, see Security in Amazon EMR.