Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

what's different between EMR_EC2_DefaultRole and EMR_DefaultRole?

Tags:

amazon-web-services

amazon-emr

After a aws emr has launched, I'v noticed that it has a ec2 instance profile EMR_EC2_DefaultRole, and a emr role EMR_DefaultRole, they have similar permissions,so what's different between EMR_EC2_DefaultRole and EMR_DefaultRole?

like image 841
Harpsichord1207 Avatar asked Jan 10 '19 07:01

Harpsichord1207

People also ask

What is EMR_EC2_DefaultRole?

EMR_EC2_DefaultRole is the default managed role that is assigned to our EC2 instances as an instance profile when we create our cluster. The role has a default managed policy called "AmazonElasticMapReduceforEC2Role" which has a few risky actions.

What is EMR role?

An Emergency Medical Responder (EMR) may function in the context of a broader role, i.e., law enforcement, fire rescue or industrial response. With a limited amount of equipment, the EMR answers emergency calls to provide efficient and immediate care to ill and injured patients.

Does EMR need EC2?

EMR can run directly on Amazon EC2 or on Amazon Elastic Kubernetes Service (EKS), with the actual instances running on EC2 or Fargate. EMR is priced per second of usage, on top of the regular costs for EC2 compute instances, Fargate vCPUs, and other services needed to run EMR jobs, such as storage.

What is EMR policy?

The easiest way to grant full access or read-only access to required Amazon EMR actions is to use the IAM managed policies for Amazon EMR. Managed policies offer the benefit of updating automatically if permission requirements change.

1 Answers

As Per Documentation:

EMR Role

The EMR role defines the allowable actions for Amazon EMR when provisioning resources and performing other service-level tasks that are not performed in the context of an EC2 instance running within a cluster. The default role is EMR_DefaultRole.

EMR Role for EC2

The EMR role for EC2 is used by EC2 instances within the cluster. In other words, this is the role associated with the EC2 instance profile for cluster instances. The permissions associated with this role apply to processes that run on cluster instances. As long as an application process runs on top of the Hadoop ecosystem, the application assumes this role to interact with other AWS services. The default role is EMR_EC2_DefaultRole.

Adding Further to it:

EMR_DefaultRole

This is the EMR role, which allows Amazon EMR to call other AWS services such as Amazon EC2 on your behalf.

EMR_EC2_DefaultRole

The EMR role for EC2 instances within a cluster. Processes that run on cluster instances use this role when they call other AWS services. For accessing EMRFS data in Amazon S3, you can specify different roles to be assumed based on the user or group making the request, or on the location of data in Amazon S3.

like image 193
anmol.majhail Avatar answered Sep 30 '22 18:09

anmol.majhail
Sign in to Comment

Related questions

EC2 with socket.io
What are the advantages of HAproxy over AWS ELB?
Docker build npm error logs
Creating Signed Cookies for Amazon CloudFront
login using "ec2-user" instead of root using user data in aws
How to download GZip file from S3?
Can I specify HTTP endpoint in a VPC as resource in AWS API Gateway?
Handing back a response to API Gateway from Lambda
AWS ElasticSearchService index_create_block_exception
How to enable websockets on AWS Cloudfront
Cloudformation: VPC Routing table with No Route for Internet Gateway
AWS Lambda run command on EC2 instance and get result
Decrypting multiple env. variables in AWS Lambda
How to create multiple DynamoDB entries under the same primary key?
Cannot access airflow web server via AWS load balancer HTTPS because airflow redirects me to HTTP
Add embedded image in emails in AWS SES service
AccessDeniedException: User is not authorized to perform dynamodb BatchWriteItem on resource: table
Downgrade to previous version of AWS Lambda
How to add a custom service to ActiveStorage
How to use job import plugin in jenkins

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!