AWS Data Pipeline 不再提供給新客戶。現有客戶 AWS Data Pipeline 可繼續正常使用此服務。進一步了解
本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
配置 Hadoop KMS ACLs 並在中創建加密區域 HDFS
下列物件會ACLs針對 Hadoop 建立,KMS並在HDFS中建立加密區域和對應的加密金鑰:
{ "name": "kmsAcls", "id": "kmsAcls", "type": "EmrConfiguration", "classification": "hadoop-kms-acls", "property": [ {"ref":"kmsBlacklist"}, {"ref":"kmsAcl"} ] }, { "name": "hdfsEncryptionZone", "id": "hdfsEncryptionZone", "type": "EmrConfiguration", "classification": "hdfs-encryption-zones", "property": [ {"ref":"hdfsPath1"}, {"ref":"hdfsPath2"} ] }, { "name": "kmsBlacklist", "id": "kmsBlacklist", "type": "Property", "key": "hadoop.kms.blacklist.CREATE", "value": "foo,myBannedUser" }, { "name": "kmsAcl", "id": "kmsAcl", "type": "Property", "key": "hadoop.kms.acl.ROLLOVER", "value": "myAllowedUser" }, { "name": "hdfsPath1", "id": "hdfsPath1", "type": "Property", "key": "/myHDFSPath1", "value": "path1_key" }, { "name": "hdfsPath2", "id": "hdfsPath2", "type": "Property", "key": "/myHDFSPath2", "value": "path2_key" }