AWS Config Rule: EMR Master Node No Public IP

Description: Checks if Amazon Elastic MapReduce (EMR) clusters' master nodes have public IPs. The rule is NON_COMPLIANT if the master node has a public IP.

Note: This rule checks clusters that are in RUNNING or WAITING state.

Trigger type: Periodic

AWS Region: All supported AWS regions except Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Milan), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region

When you create a cluster in EMR, by default it will normally spin up EC2 Instances complete with a public and private IP.

You can work around this by using the Bootstrap options and arguments to assign a static private IP to your EMR Master and Core Nodes. The following will assist you in this as part of a CloudFormation Stack. You will need to add some parameters at the start of your CloudFormation template which will allow you to add your own IP's as values

With this Parameter set, you can then use the following piece of CloudFormation which sets up an EMRCluster as part of your template stack;

Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here