Specify a security configuration for a cluster
You can specify encryption settings when you create a cluster by specifying the security configuration. You can use the AWS Management Console or the AWS CLI.
Specifying a security configuration using the console
When using the AWS console to create an EMR cluster, you choose the security configuration during Step 4: Security of the advanced options creation process.
Open the Amazon EMR console at https://console.aws.amazon.com/elasticmapreduce/
. -
Choose Create cluster, Go to advanced options.
-
On the Step 1: Software and Steps screen, from the Release list, choose emr-4.8.0 or a more recent release. Choose the settings you want and choose Next.
-
On the Step 2: Hardware screen, choose the settings you want and choose Next. Do the same for Step 3: General Cluster Settings.
-
On the Step 4: Security screen, under Encryption Options, choose a value for Security configuration.
-
Configure other security options as desired and choose Create cluster.
Specifying a security configuration using the CLI
When you use aws emr create-cluster
, you can optionally
apply a security configuration using --security-configuration
, where
MySecConfig
is the
name of the security configuration, as shown in the following example. The
MySecConfig
--release-label
specified must be 4.8.0 or later and
the --instance-type
can be any available.
aws emr create-cluster --instance-type
m5.xlarge
--release-label emr-5.0.0 --security-configurationmySecConfig