EMRContainers / Client / describe_security_configuration

describe_security_configuration#

EMRContainers.Client.describe_security_configuration(**kwargs)#

Displays detailed information about a specified security configuration. Security configurations in Amazon EMR on EKS are templates for different security setups. You can use security configurations to configure the Lake Formation integration setup. You can also create a security configuration to re-use a security setup each time you create a virtual cluster.

See also: AWS API Documentation

Request Syntax

response = client.describe_security_configuration(
    id='string'
)
Parameters:

id (string) –

[REQUIRED]

The ID of the security configuration.

Return type:

dict

Returns:

Response Syntax

{
    'securityConfiguration': {
        'id': 'string',
        'name': 'string',
        'arn': 'string',
        'createdAt': datetime(2015, 1, 1),
        'createdBy': 'string',
        'securityConfigurationData': {
            'authorizationConfiguration': {
                'lakeFormationConfiguration': {
                    'authorizedSessionTagValue': 'string',
                    'secureNamespaceInfo': {
                        'clusterId': 'string',
                        'namespace': 'string'
                    },
                    'queryEngineRoleArn': 'string'
                },
                'encryptionConfiguration': {
                    'inTransitEncryptionConfiguration': {
                        'tlsCertificateConfiguration': {
                            'certificateProviderType': 'PEM',
                            'publicCertificateSecretArn': 'string',
                            'privateCertificateSecretArn': 'string'
                        }
                    }
                }
            }
        },
        'tags': {
            'string': 'string'
        }
    }
}

Response Structure

  • (dict) –

    • securityConfiguration (dict) –

      Details of the security configuration.

      • id (string) –

        The ID of the security configuration.

      • name (string) –

        The name of the security configuration.

      • arn (string) –

        The ARN (Amazon Resource Name) of the security configuration.

      • createdAt (datetime) –

        The date and time that the job run was created.

      • createdBy (string) –

        The user who created the job run.

      • securityConfigurationData (dict) –

        Security configuration inputs for the request.

        • authorizationConfiguration (dict) –

          Authorization-related configuration input for the security configuration.

          • lakeFormationConfiguration (dict) –

            Lake Formation related configuration inputs for the security configuration.

            • authorizedSessionTagValue (string) –

              The session tag to authorize Amazon EMR on EKS for API calls to Lake Formation.

            • secureNamespaceInfo (dict) –

              The namespace input of the system job.

              • clusterId (string) –

                The ID of the Amazon EKS cluster where Amazon EMR on EKS jobs run.

              • namespace (string) –

                The namespace of the Amazon EKS cluster where the system jobs run.

            • queryEngineRoleArn (string) –

              The query engine IAM role ARN that is tied to the secure Spark job. The QueryEngine role assumes the JobExecutionRole to execute all the Lake Formation calls.

          • encryptionConfiguration (dict) –

            Encryption-related configuration input for the security configuration.

            • inTransitEncryptionConfiguration (dict) –

              In-transit encryption-related input for the security configuration.

              • tlsCertificateConfiguration (dict) –

                TLS certificate-related configuration input for the security configuration.

                • certificateProviderType (string) –

                  The TLS certificate type. Acceptable values: PEM or Custom.

                • publicCertificateSecretArn (string) –

                  Secrets Manager ARN that contains the public TLS certificate contents, used for communication between the user job and the system job.

                • privateCertificateSecretArn (string) –

                  Secrets Manager ARN that contains the private TLS certificate contents, used for communication between the user job and the system job.

      • tags (dict) –

        The tags to assign to the security configuration.

        • (string) –

          • (string) –

Exceptions