![]() ![]() If you don’t want to set up each component individually, you can use the single-step AWS CloudFormation template. They are not intended for production use without modification. IMPORTANT: The AWS CloudFormation templates used in this post are designed to work only in the us-east-1 (N. Note: If you want to manually create and configure the components for this solution without using AWS CloudFormation, refer to the Amazon EMR cross-realm documentation. To set up each component individually, go to the Deploying each component individually.To skip the basics and deploy the entire solution through the single-step AWS CloudFormation template, go to the Single-step solution deployment. ![]() ![]() You can use the AWS CloudFormation templates to complete each step individually, or you can deploy the entire solution through a single step. Launch an Amazon EMR cluster with Kerberos enabled and a cross-realm trust configuration.Create an Amazon EMR security configuration for Kerberos and cross-realm trust.Launch an Amazon EC2 Windows instance (Active Directory domain controller).Create and configure an Amazon Virtual Private Cloud (Amazon VPC).The following steps and resources are involved in setting up the solution: To make it easier for you to get started, I created AWS CloudFormation templates that automatically configure and deploy the solution for you. See the AWS Service Limits documentation if you encounter a limit error while building the solution.) A possible limit increase for your account ( Note: Usually a limit increase will not be necessary.Here’s what you need before setting up this solution: In this example, you build a solution that allows Active Directory users to seamlessly access Amazon EMR clusters and run big data jobs. By establishing a cross-realm trust, Active Directory users can use their Active Directory credentials to access an Amazon EMR cluster and run jobs as themselves. This post walks you through the process of using AWS CloudFormation to set up a cross-realm trust and extend authentication from an Active Directory network into an Amazon EMR cluster with Kerberos enabled. And a question is asked frequently: How can Active Directory users access big data workloads running on Amazon EMR with the same single sign-on (SSO) experience they have when accessing resources in the Active Directory network? Many enterprises use Microsoft Active Directory to manage users, groups, and computers in a network. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |