Specifying a security configuration using the console Specifying a security configuration using the CLI

Specify a security configuration for a cluster

You can specify encryption settings when you create a cluster by specifying the security configuration. You can use the AWS Management Console or the AWS CLI.

Specifying a security configuration using the console

When using the AWS console to create an EMR cluster, you choose the security configuration during Step 4: Security of the advanced options creation process.

Open the Amazon EMR console at https://console.aws.amazon.com/emr.
Choose Create cluster, Go to advanced options.
On the Step 1: Software and Steps screen, from the Release list, choose emr-4.8.0 or a more recent release. Choose the settings you want and choose Next.
On the Step 2: Hardware screen, choose the settings you want and choose Next. Do the same for Step 3: General Cluster Settings.
On the Step 4: Security screen, under Encryption Options, choose a value for Security configuration.
Configure other security options as desired and choose Create cluster.

Specifying a security configuration using the CLI

When you use aws emr create-cluster, you can optionally apply a security configuration using --security-configuration MySecConfig, where MySecConfig is the name of the security configuration, as shown in the following example. The --release-label specified must be 4.8.0 or later and the --instance-type can be any available.



aws emr create-cluster --instance-type m5.xlarge --release-label emr-5.0.0 --security-configuration mySecConfig

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Create a security configuration

Data protection