interface KerberosAttributesProperty
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.EMR.CfnCluster.KerberosAttributesProperty |
 Java | software.amazon.awscdk.services.emr.CfnCluster.KerberosAttributesProperty |
 Python | aws_cdk.aws_emr.CfnCluster.KerberosAttributesProperty |
 TypeScript | @aws-cdk/aws-emr » CfnCluster » KerberosAttributesProperty |
KerberosAttributes is a property of the AWS::EMR::Cluster resource.
KerberosAttributes define the cluster-specific Kerberos configuration when Kerberos authentication is enabled using a security configuration. The cluster-specific configuration must be compatible with the security configuration. For more information see Use Kerberos Authentication in the EMR Management Guide .
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import * as emr from '@aws-cdk/aws-emr';
const kerberosAttributesProperty: emr.CfnCluster.KerberosAttributesProperty = {
kdcAdminPassword: 'kdcAdminPassword',
realm: 'realm',
// the properties below are optional
adDomainJoinPassword: 'adDomainJoinPassword',
adDomainJoinUser: 'adDomainJoinUser',
crossRealmTrustPrincipalPassword: 'crossRealmTrustPrincipalPassword',
};
Properties
| Name | Type | Description |
|---|---|---|
| kdc | string | The password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster. |
| realm | string | The name of the Kerberos realm to which all nodes in a cluster belong. |
| ad | string | The Active Directory password for ADDomainJoinUser . |
| ad | string | Required only when establishing a cross-realm trust with an Active Directory domain. |
| cross | string | Required only when establishing a cross-realm trust with a KDC in a different realm. |
kdcAdminPassword
Type:
string
The password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster.
realm
Type:
string
The name of the Kerberos realm to which all nodes in a cluster belong.
For example, EC2.INTERNAL .
adDomainJoinPassword?
Type:
string
(optional)
The Active Directory password for ADDomainJoinUser .
adDomainJoinUser?
Type:
string
(optional)
Required only when establishing a cross-realm trust with an Active Directory domain.
A user with sufficient privileges to join resources to the domain.
crossRealmTrustPrincipalPassword?
Type:
string
(optional)
Required only when establishing a cross-realm trust with a KDC in a different realm.
The cross-realm principal password, which must be identical across realms.