Configure AWS EMR Cluster to use FIPS endpoint for AWS KMS Calls

0

Hello,

Is it possible to configure EMR service to use the AWS KMS FIPS endpoint (https://ksm-fips.us-gov-east-1.amazonaws.com ) instead of the non-FIPS endpoint (https://ksm.us-gov-east-1.amazonaw.com ) when making calls to KMS to retrieve encryption keys? As per EMR documentation [1], we can use FIPS endpoint via AWS CLI or SDK using --endpoint-url) but not sure if it can be set as a default at the cluster level. [1] https://docs.aws.amazon.com/emr/latest/ManagementGuide/data-protection.html

Thanks.

asked 4 months ago41 views