You must be logged in to view saved presets
EMR Cluster Kerberos Enabled Check
A config rule that checks that Amazon EMR clusters have Kerberos enabled. The rule is NON_COMPLIANT if a security configuration is not attached to the cluster or the security configuration does not satisfy the specified rule parameters.
This config rule supports the following parameters:
- TicketLifetimeInHours
- Required: No
- Type: int
- Description:Period for which Kerberos ticket issued by cluster's KDC is valid.
- Realm
- Required: No
- Type: String
- Description:Kereberos realm name of the other realm in the trust relationship.
- Domain
- Required: No
- Type: String
- Description:Domain name of the other realm in the trust relationship.
- AdminServer
- Required: No
- Type: String
- Description:Fully qualified domain of the admin server in the other realm of the trust relationship.
- KdcServer
- Required: No
- Type: String
- Description:Fully qualified domain of the KDC server in the other realm of the trust relationship.
CloudFormation Template
© 2024 asecurecloud. All rights reserved.