Amazon EMR

2022/12/29 - Amazon EMR - 1 new api methods

Changes  Added GetClusterSessionCredentials API to allow Amazon SageMaker Studio to connect to EMR on EC2 clusters with runtime roles and AWS Lake Formation-based access control for Apache Spark, Apache Hive, and Presto queries.

GetClusterSessionCredentials (new) Link ΒΆ

Provides Temporary, basic HTTP credentials that are associated with a given runtime IAM role and used by a cluster with fine-grained access control activated. You can use these credentials to connect to cluster endpoints that support username-based and password-based authentication.

See also: AWS API Documentation

Request Syntax

client.get_cluster_session_credentials(
    ClusterId='string',
    ExecutionRoleArn='string'
)
type ClusterId

string

param ClusterId

[REQUIRED]

The unique identifier of the cluster.

type ExecutionRoleArn

string

param ExecutionRoleArn

[REQUIRED]

The Amazon Resource Name (ARN) of the runtime role for interactive workload submission on the cluster. The runtime role can be a cross-account IAM role. The runtime role ARN is a combination of account ID, role name, and role type using the following format: arn:partition:service:region:account:resource .

rtype

dict

returns

Response Syntax

{
    'Credentials': {
        'UsernamePassword': {
            'Username': 'string',
            'Password': 'string'
        }
    },
    'ExpiresAt': datetime(2015, 1, 1)
}

Response Structure

  • (dict) --

    • Credentials (dict) --

      The credentials that you can use to connect to cluster endpoints that support username-based and password-based authentication.

      Note

      This is a Tagged Union structure. Only one of the following top level keys will be set: UsernamePassword. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:

      'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}

      • UsernamePassword (dict) --

        The username and password that you use to connect to cluster endpoints.

        • Username (string) --

          The username associated with the temporary credentials that you use to connect to cluster endpoints.

        • Password (string) --

          The password associated with the temporary credentials that you use to connect to cluster endpoints.

    • ExpiresAt (datetime) --

      The time when the credentials that are returned by the GetClusterSessionCredentials API expire.