Sign In to the Console
AWS CloudFormation
User Guide (API Version 2010-05-15)

AWS Documentation » AWS CloudFormation » User Guide » Template Reference » AWS Resource and Property Types Reference » Amazon EMR Resource Types Reference » AWS::EMR::Cluster » Amazon EMR Cluster KerberosAttributes

Amazon EMR Cluster KerberosAttributes

The KerberosAttributes property type specifies attributes for Kerberos configuration when Kerberos authentication is enabled using a security configuration.

KerberosAttributes is a property of the AWS::EMR::Cluster resource.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{
  "ADDomainJoinPassword" : String,
  "ADDomainJoinUser" : String,
  "CrossRealmTrustPrincipalPassword" : String,
  "KdcAdminPassword" : String,
  "Realm" : String
}

Properties

ADDomainJoinPassword

The Active Directory password for ADDomainJoinUser.

Length Constraints: Minimum length of 0. Maximum length of 256.

Pattern: [\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\r\n\t]*

Required: No

Type: String

Update requires: No interruption

ADDomainJoinUser

Required only when establishing a cross-realm trust with an Active Directory domain. A user with sufficient privileges to join resources to the domain.

Length Constraints: Minimum length of 0. Maximum length of 256.

Pattern: [\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\r\n\t]*

Required: No

Type: String

Update requires: No interruption

CrossRealmTrustPrincipalPassword

Required only when establishing a cross-realm trust with a KDC in a different realm. The cross-realm principal password, which must be identical across realms.

Length Constraints: Minimum length of 0. Maximum length of 256.

Pattern: [\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\r\n\t]*

Required: No

Type: String

Update requires: No interruption

KdcAdminPassword

The password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster.

Length Constraints: Minimum length of 0. Maximum length of 256.

Pattern: [\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\r\n\t]*

Required: Yes

Type: String

Update requires: No interruption

Realm

The name of the Kerberos realm to which all nodes in a cluster belong. For example, EC2.INTERNAL.

Length Constraints: Minimum length of 0. Maximum length of 256.

Pattern: [\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\r\n\t]*

Required: Yes

Type: String

Update requires: No interruption

See Also

On this page: