def __init__(self, scope: core.Construct, id: str, *,
profile_name: str,
namespace: str = 'default',
vpc: Optional[ec2.Vpc] = None,
artifacts_bucket: Optional[s3.Bucket] = None,
artifacts_path: Optional[str] = None,
logs_bucket: Optional[s3.Bucket] = None,
logs_path: Optional[str] = 'elasticmapreduce/',
mutable_instance_role: bool = True,
mutable_security_groups: bool = True,
description: Optional[str] = None) -> None:
super().__init__(scope, id)
if not profile_name:
return
self._profile_name = profile_name
self._namespace = namespace
self._mutable_instance_role = mutable_instance_role
self._mutable_security_groups = mutable_security_groups
self._vpc = vpc
self._security_groups = EMRSecurityGroups(self, 'SecurityGroups', vpc=vpc)
self._roles = EMRRoles(
self, 'Roles',
role_name_prefix=f'{namespace}_{profile_name}',
artifacts_bucket=artifacts_bucket,
artifacts_path=artifacts_path,
logs_bucket=logs_bucket,
logs_path=logs_path)
self._artifacts_bucket = artifacts_bucket
self._artifacts_path = artifacts_path
self._logs_bucket = logs_bucket
self._logs_path = logs_path
self._description = description
self._s3_encryption_configuration = {
'EncryptionMode': S3EncryptionMode.SSE_S3.value
}
self._local_disk_encryption_configuration = None
self._tls_certificate_configuration = None
self._kerberos_configuration = None
self._kerberos_attributes_secret = None
self._emrfs_configuration = None
self._lake_formation_configuration = None
self._security_configuration = None
self._security_configuration_name = None
self._ssm_parameter = ssm.CfnParameter(
self, 'SSMParameter',
type='String',
value=json.dumps(self.to_json()),
tier='Intelligent-Tiering',
name=f'{SSM_PARAMETER_PREFIX}/{namespace}/{profile_name}')
self._construct_security_configuration()
self._rehydrated = False
def from_json(self, property_values):
self._profile_name = property_values['ProfileName']
self._namespace = property_values['Namespace']
self._mutable_instance_role = property_values['MutableInstanceRole']
self._mutable_security_groups = property_values['MutableSecurityGroups']
vpc_id = property_values.get('Vpc', None)
self._vpc = ec2.Vpc.from_lookup(self, 'Vpc', vpc_id=vpc_id) \
if vpc_id \
else None
security_groups_ids = property_values['SecurityGroups']
self._security_groups = EMRSecurityGroups.from_security_group_ids(
self, 'SecurityGroups', security_groups_ids['MasterGroup'],
security_groups_ids['WorkersGroup'], security_groups_ids['ServiceGroup'],
mutable=self._mutable_security_groups
)
role_arns = property_values['Roles']
self._roles = EMRRoles.from_role_arns(
self, 'Roles', role_arns['ServiceRole'], role_arns['InstanceRole'],
role_arns['AutoScalingRole'], mutable=self._mutable_instance_role)
artifacts_bucket = property_values.get('ArtifactsBucket', None)
self._artifacts_bucket = s3.Bucket.from_bucket_name(self, 'ArtifactsBucket', artifacts_bucket)\
if artifacts_bucket \
else None
self._artifacts_path = property_values.get('ArtifactsPath', None)
logs_bucket = property_values.get('LogsBucket', None)
self._logs_bucket = s3.Bucket.from_bucket_name(self, 'LogsBucket', logs_bucket) \
if logs_bucket \
else None
self._logs_path = property_values.get('LogsPath', None)
self._s3_encryption_configuration = property_values.get('S3EncryptionConfiguration', None)
self._local_disk_encryption_configuration = property_values.get('LocalDiskEncryptionConfiguration', None)
self._tls_certificate_configuration = property_values.get('TLSCertificateConfiguration', None)
self._kerberos_configuration = property_values.get('KerberosConfiguration', None)
kerberos_attributes_secret = property_values.get('KerberosAttributesSecret', None)
self._kerberos_attributes_secret = \
secretsmanager.Secret.from_secret_arn(self, 'KerberosAttributesSecret', kerberos_attributes_secret) \
if kerberos_attributes_secret else None
self._emrfs_configuration = property_values.get('EmrFsConfiguration', None)
self._lake_formation_configuration = property_values.get('LakeFormationConfiguration', None)
self._security_configuration_name = property_values.get('SecurityConfiguration', None)
self._description = property_values.get('Description', None)
self._rehydrated = True
return self
def test_emr_security_groups():
app = core.App()
stack = core.Stack(app, 'test-stack')
artifacts_bucket = s3.Bucket(stack, 'test-artifacts-bucket')
logs_bucket = s3.Bucket(stack, 'test-logs-bucket')
emr_roles = EMRRoles(stack,
'test-emr-components',
role_name_prefix='TestCluster',
artifacts_bucket=artifacts_bucket,
logs_bucket=logs_bucket)
assert emr_roles.service_role
assert emr_roles.instance_role
assert emr_roles.autoscaling_role