Using security configurations with Amazon EMR WAL - Amazon EMR
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Using security configurations with Amazon EMR WAL

Amazon EMR automatically encrypts both data in transit between your cluster and Amazon EMR WAL service, and the data at rest in Amazon EMR WAL. For more information, see Encryption at rest for Amazon EMR WAL. You can also use a security configuration to bring your own keys from Amazon Key Management Service (KMS) service and encrypt the data that you store in Amazon EMR WAL.

Use one of the following methods to select a security configuration when you create a cluster:

Console

From the Amazon Web Services Management Console, specify the configuration under Security configuration and EC2 key pair.

CLI

From the Amazon CLI, set the --security-configuration parameter when you use the create-cluster command.

For more information, see Encryption at rest for Amazon EMR WAL and Use security configurations to set up cluster security in the Amazon EMR Management Guide.

For more security-related information about WAL, see Using service-linked roles for write-ahead logging.