Skip to content

/AWS1/CL_EMRKERBEROSATTRIBUTES

Attributes for Kerberos configuration when Kerberos authentication is enabled using a security configuration. For more information see Use Kerberos Authentication in the Amazon EMR Management Guide.

CONSTRUCTOR

IMPORTING

Required arguments:

iv_realm TYPE /AWS1/EMRXMLSTRINGMAXLEN256 /AWS1/EMRXMLSTRINGMAXLEN256

The name of the Kerberos realm to which all nodes in a cluster belong. For example, EC2.INTERNAL.

iv_kdcadminpassword TYPE /AWS1/EMRXMLSTRINGMAXLEN256 /AWS1/EMRXMLSTRINGMAXLEN256

The password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster.

Optional arguments:

iv_crossrealmtrustprincpas00 TYPE /AWS1/EMRXMLSTRINGMAXLEN256 /AWS1/EMRXMLSTRINGMAXLEN256

Required only when establishing a cross-realm trust with a KDC in a different realm. The cross-realm principal password, which must be identical across realms.

iv_addomainjoinuser TYPE /AWS1/EMRXMLSTRINGMAXLEN256 /AWS1/EMRXMLSTRINGMAXLEN256

Required only when establishing a cross-realm trust with an Active Directory domain. A user with sufficient privileges to join resources to the domain.

iv_addomainjoinpassword TYPE /AWS1/EMRXMLSTRINGMAXLEN256 /AWS1/EMRXMLSTRINGMAXLEN256

The Active Directory password for ADDomainJoinUser.

Queryable Attributes

Realm

The name of the Kerberos realm to which all nodes in a cluster belong. For example, EC2.INTERNAL.

Accessible with the following methods

Method Description
GET_REALM() Getter for REALM, with configurable default
ASK_REALM() Getter for REALM w/ exceptions if field has no value
HAS_REALM() Determine if REALM has a value

KdcAdminPassword

The password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster.

Accessible with the following methods

Method Description
GET_KDCADMINPASSWORD() Getter for KDCADMINPASSWORD, with configurable default
ASK_KDCADMINPASSWORD() Getter for KDCADMINPASSWORD w/ exceptions if field has no va
HAS_KDCADMINPASSWORD() Determine if KDCADMINPASSWORD has a value

CrossRealmTrustPrincipalPassword

Required only when establishing a cross-realm trust with a KDC in a different realm. The cross-realm principal password, which must be identical across realms.

Accessible with the following methods

Method Description
GET_CROSSREALMTRUSTPRINCPA00() Getter for CROSSREALMTRUSTPRINCPASSWORD, with configurable d
ASK_CROSSREALMTRUSTPRINCPA00() Getter for CROSSREALMTRUSTPRINCPASSWORD w/ exceptions if fie
HAS_CROSSREALMTRUSTPRINCPA00() Determine if CROSSREALMTRUSTPRINCPASSWORD has a value

ADDomainJoinUser

Required only when establishing a cross-realm trust with an Active Directory domain. A user with sufficient privileges to join resources to the domain.

Accessible with the following methods

Method Description
GET_ADDOMAINJOINUSER() Getter for ADDOMAINJOINUSER, with configurable default
ASK_ADDOMAINJOINUSER() Getter for ADDOMAINJOINUSER w/ exceptions if field has no va
HAS_ADDOMAINJOINUSER() Determine if ADDOMAINJOINUSER has a value

ADDomainJoinPassword

The Active Directory password for ADDomainJoinUser.

Accessible with the following methods

Method Description
GET_ADDOMAINJOINPASSWORD() Getter for ADDOMAINJOINPASSWORD, with configurable default
ASK_ADDOMAINJOINPASSWORD() Getter for ADDOMAINJOINPASSWORD w/ exceptions if field has n
HAS_ADDOMAINJOINPASSWORD() Determine if ADDOMAINJOINPASSWORD has a value