IAM roles for native integration with Apache Ranger - Amazon EMR
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

IAM roles for native integration with Apache Ranger

The integration between Amazon EMR and Apache Ranger relies on three key roles that you should create before you launch your cluster:

  • A custom Amazon EC2 instance profile for Amazon EMR

  • An IAM role for Apache Ranger Engines

  • An IAM role for other Amazon services

This section gives an overview of these roles and the policies that you need to include for each IAM role. For information about creating these roles, see Set up Ranger Admin server.