问题
I am new to aws emr services. I am trying to add security configuration to already created emr cluster using boto3. Please reply if it is possible to do so or is there any alternative solution to achive the same
回答1:
The Specifying Amazon EMR Encryption Options Using a Security Configuration documentation page says:
Using a security configuration to specify cluster encryption settings is a two-step process. First, you create a security configuration, which you can use for any number of clusters. Then you specify the security configuration to use when you create a cluster.
Therefore, you will need to create the Security Configuration before launching the EMR cluster. It is not possible to add the Security Configuration to an existing cluster.
At the time of writing (April 2017), there is no Security Configuration available in AWS CloudFormation therefore the template should:
- Call a Lambda function (via an AWS Lambda-backed Custom Resource) that calls create_security_configuration() to create a Security Configuration
- Create the EMR cluster using the Security Configuration, with a
DependsOnattribute that waits for the Lambda function to complete before creating the cluster
Update: It is not currently (April 2017) possible to specify a Security Configuration when launching a cluster via CloudFormation. So, this method is not currently supported.
来源:https://stackoverflow.com/questions/43579746/how-do-i-apply-security-configuration-on-existing-emr-cluster-using-boto3