A company is planning on using the EMR service for their Big data processing needs.
The database administrator needs to have the ability to login into the nodes.
Which of the following needs to be place for this requirement to be fulfilled.
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - C.
The AWS Documentation mentions the following.
Security groups act as virtual firewalls to control inbound and outbound traffic to your cluster.
The default Amazon EMR-managed security groups associated with cluster instances do not allow inbound SSH connections as a security precaution.
To connect to cluster nodes using SSH so that you can use the command line and view web interfaces that are hosted on the cluster, you need to add inbound rules that allow SSH traffic from trusted clients.
Options A and B are incorrect since the roles and users don't have an impact on the SSH inbound connections.
Option D is incorrect since IAM Policies would not determine the underlying SSH connections.
For more information on using SSH for cluster nodes, please refer to the below URL.
https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-gs-ssh.htmlThe correct answer to this question is B. An IAM User which has access to the underlying servers.
EMR (Elastic MapReduce) is a managed Hadoop framework that enables businesses to process large data sets on cloud-based infrastructure. It provides a distributed computing environment for big data processing using open-source tools like Apache Spark, Hive, and HBase.
EMR manages the underlying EC2 instances, including launching, scaling, and terminating them, so users don't have to manage the infrastructure themselves. The database administrator needs access to the EMR nodes to configure and manage the cluster, troubleshoot issues, and perform other tasks.
IAM (Identity and Access Management) is used to manage access to AWS services and resources securely. To fulfill the requirement of allowing the database administrator to log in to the nodes, we need to provide them with IAM user credentials with SSH access to the nodes.
Option A is incorrect because it refers to an IAM role that allows access to the underlying servers. IAM roles are intended to be assumed by AWS services, EC2 instances, or other entities, not by humans.
Option C is incorrect because Security Groups are used to control inbound and outbound traffic to the instances, not to provide access to the instances themselves.
Option D is incorrect because IAM policies are used to grant permissions to AWS services and resources, not to allow SSH access to EC2 instances.
In summary, the correct approach is to create an IAM user with SSH access to the EMR nodes to fulfill the requirement of allowing the database administrator to log in to the nodes.