Home > other >  Failed to create a cluster of EMR: security configuration using the S3 custom client encryption key
Failed to create a cluster of EMR: security configuration using the S3 custom client encryption key

Time:09-18

Hello, could you tell me some security configuration that is encrypted with the S3 client to create the EMR cluster?
We create cluster according to https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-gs.html, security configuration Settings for the custom key provider of S3 client encryption, create failure, error message: On the master instance a9d3744f2ae645 (I - 051), Failed to execute the custom EncryptionMaterialProvider: Algorithm AES is not supported.

Custom key provider of Java classes is simpler, as follows:
Public class MyEncryptionMaterialsProviders extends EncryptionMaterialsProvider {
Private EncryptionMaterials EncryptionMaterials;
Private byte [] keyBytes={
(byte) 0 x5d, xd1 (byte) 0, 0 xde (byte), (byte) x34 0, 0 x08 (byte), (byte) 0 x89, x7e (byte) 0, 0 xa9 (byte),
(byte) 0 x9a, (byte) 0 XBF, x61 (byte) 0, 0 xe7 (byte), x76 (byte) 0, 0 x32 (byte), (byte) 0 x2f, (byte) 0 xaa,
Xd7 (byte) 0, 0 x4f (byte), (byte) 0 x4d, (byte) 0 XBF, 0 x26 (byte), (byte) 0 x62, x95 (byte) 0, 0 xb9 (byte),
Xef (byte) 0, 0 x44 (byte), x8f (byte) 0, 0 x8e (byte), (byte) 0 xc9, x45 (byte) 0, 0 x91 (byte), (byte) 0 xf7};

@ Override
Public EncryptionMaterials getEncryptionMaterials (Map MaterialsDescription) {
Enclosing encryptionMaterials=new encryptionMaterials (new SecretKeySpec (keyBytes, AES, ""));
Return this. EncryptionMaterials;
}

@ Override
Public EncryptionMaterials getEncryptionMaterials (EncryptionContext arg0) {
Enclosing encryptionMaterials=new encryptionMaterials (new SecretKeySpec (keyBytes, AES, ""));
Return this. EncryptionMaterials;
}
}

EMR log information is as follows:
The log message in "elasticmapreduce bvhyt1n9bkjr/node/I/j - 1-051 a9d3744f2ae645/setup - devices/DiskEncryptor. The gz" :
2018-09-11 01:07:42, 457 INFO, main: Encrypted passphrase files does not exist.
The 2018-09-11 01:07:42, 462 ERROR main: Custom LUKS passphrase provider failed
Aws157. Instancecontroller. The encryptor. EMRDiskEncryptorException: Failed to execute the custom EncryptionMaterialProvider: Algorithm AES is not supported
The at aws157. Instancecontroller. The encryptor. Provider. CustomLUKSPassphraseProvider. FetchSecretKeyByEncryptionContext (CustomLUKSPassphraseProvider. Java: 193)
The at aws157. Instancecontroller. The encryptor. Provider. CustomLUKSPassphraseProvider. GetPassphrase (CustomLUKSPassphraseProvider. Java: 136)
The at aws157. Instancecontroller. The encryptor. LUKSDiskEncryptor. GetLUKSPassphrase (LUKSDiskEncryptor. Java: 74)
The at aws157. Instancecontroller. The encryptor. LUKSDiskEncryptor. EncryptOrOpen (LUKSDiskEncryptor. Java: 52)
The at aws157. Instancecontroller. The encryptor. DiskEncryptorMain. Main (43) DiskEncryptorMain. Java:
Under Caused by: aws157. Instancecontroller. The encryptor. EMRDiskEncryptorException: Algorithm AES is not supported
The at aws157. Instancecontroller. The encryptor. Provider. CustomLUKSPassphraseProvider. ValidateEncryptionMaterials (CustomLUKSPassphraseProvider. Java: 208)
The at aws157. Instancecontroller. The encryptor. Provider. CustomLUKSPassphraseProvider. FetchSecretKeyByEncryptionContext (CustomLUKSPassphraseProvider. Java: 188)
. 4 more

Page link:https//www.codepudding.com/other/9521.html

Prev:The Spark zero introductory online video training series entrance
Next:Docker pull nodejs and on the basis of the centos pile nodjs what's the difference
  •  Tags:  
    • AWS
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding