If required by the security policy of your organization, you need to set up SSE KMS for the S3 bucket to be used.
Note: SSE KMS and bucket policy require EMR with KMS encryption. However, Kerberos is not mandatory
for EMR in this example.
About this task
This procedure explains only the
SSE KMS related operations for getting started with the security configuration for EMR.
If you need the complete information about all the available EMR security configurations
provided by AWS, see
Create a Security Configuration from the
Amazon documentation.
Results
Now your bucket policy is set up. When you need to use this bucket with a Job, enter
the following parameter about AWS signature versions to the JVM argument list of this Job:
-Dcom.amazonaws.services.s3.enableV4
For further information about AWS Signature Versions, see
Specifying the Signature Version in Request
Authentication.