authentication error with SAML + EMR + Lake formation

0

I have an errror when I try to login with an IDP (Auth0) and EMR integrated with Lake formation. I'm following the workshop Lake formation & EMR integration I have configured an Auth0 account, aws IDP, EMR cluster (aws service) and data lake permissions with (idp users). But I have an error when I do the login with [EMR Zeppelin] (https://EMRMasterNodeDNS:8442/gateway/default/zeppelin/). I do the login with Auth0 and EMR but I can't do it with lakeformation. This is the error that I had on EMR proxy agent: Caused by: java.lang.NullPointerException at org.apache.knox.gateway.util.SamlUtils.getSamlAwsRoleAttributeValues(SamlUtils.java:149) at org.apache.knox.gateway.pac4j.aws.AwsLakeFormationSamlImpl.getAwsCredentials(AwsLakeFormationSamlImpl.java:106) at org.apache.knox.gateway.pac4j.aws.AwsSamlHandler.processSamlResponse(AwsSamlHandler.java:78) at org.apache.knox.gateway.pac4j.filter.Pac4jDispatcherFilter.doFilter(Pac4jDispatcherFilter.java:234) at org.apache.knox.gateway.GatewayFilter$Holder.doFilter(GatewayFilter.java:372) at org.apache.knox.gateway.GatewayFilter$Chain.doFilter(GatewayFilter.java:272) at org.apache.knox.gateway.filter.XForwardedHeaderFilter.doFilter(XForwardedHeaderFilter.java:30) at org.apache.knox.gateway.filter.AbstractGatewayFilter.doFilter(AbstractGatewayFilter.java:61)

I think that I need to do the step 6 on the documentation amazon EMR. But I don't know were I have to do this configuration.

Any help? Thank you

1 Answer
0

Based on the use case , I would recommend you to explore the following options for fine grain data authorization with Amazon EMR.

Amazon EMR recently released a new feature to support Job Runtime roles with EMR Steps for batch jobs. Take a look the following blogs post on how to implement.

https://aws.amazon.com/blogs/big-data/introducing-runtime-roles-for-amazon-emr-steps-use-iam-roles-and-aws-lake-formation-for-access-control-with-amazon-emr/

Also for interactive workloads, currently Amazon SageMake Studio supports AWS Lake Formation integration with EMR for fine-grain data authorization and following blog has more details on how this works.

https://aws.amazon.com/blogs/machine-learning/apply-fine-grained-data-access-controls-with-aws-lake-formation-and-amazon-emr-from-amazon-sagemaker-studio/

AWS
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions