Configure AWS EMR Cluster to use FIPS endpoint for AWS KMS Calls
0
Hello,
Is it possible to configure EMR service to use the AWS KMS FIPS endpoint (https://ksm-fips.us-gov-east-1.amazonaws.com ) instead of the non-FIPS endpoint (https://ksm.us-gov-east-1.amazonaw.com ) when making calls to KMS to retrieve encryption keys? As per EMR documentation [1], we can use FIPS endpoint via AWS CLI or SDK using --endpoint-url) but not sure if it can be set as a default at the cluster level. [1] https://docs.aws.amazon.com/emr/latest/ManagementGuide/data-protection.html
Thanks.
1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
0
In Amazon EMR, KMS is used in different features.
- Encrypting data on the EMR file system (EMRFS)
- Encrypting data on the storage volumes of cluster nodes(EBS)
- Encryption context As of today, none of these features support specifying your own FIPS KMS endpoint.
répondu il y a un an
Contenus pertinents
- demandé il y a un an
- demandé il y a un an
AWS OFFICIELA mis à jour il y a 2 ans- AWS OFFICIELA mis à jour il y a un an