Ensure that AWS EMR clusters have Kerberos enabled

Error: AWS EMR cluster is not configured with Kerberos authentication

Bridgecrew Policy ID: BC_AWS_GENERAL_62
Checkov Check ID: CKV_AWS_114
Severity: LOW

AWS EMR cluster is not configured with Kerberos authentication

Description

This checks ensure that for EMR cluster using Kerberos, that the kerberos attributes are used and that the realm is set.

Fix - Buildtime

Terraform

Resource: aws_emr_cluster
Argument: kerberos_attributes.realm

resource "aws_emr_cluster" "test" {
...
  kerberos_attributes {
    kdc_admin_password                = "somePassword"
+   realm                             = "EC2.INTERNAL"
    }
}

Updated about 1 year ago

Did this page help you?