Amazon EMR sg for Master and Core nodes
Why does Amazon EMR creates inbound rule entries for master and core security groups?
Documentation says that it creates an entry for all request type on all ports and all IPs addresses, I create this sgs using Amazon CloudFormation, so at the moment to erase them, it throws an exception about a circular dependency.
- Newest
- Most votes
- Most comments
Why does Amazon EMR creates inbound rule entries for master and core security groups?
This is being implemented so that master and core/task nodes can communicate with each other in the cluster. e.g. ICMP for ping and all other ports ( which should be harmless in general ) for hadoop ports e.g. 8020, 8088 and others.
you can read more about this here -
https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-man-sec-groups.html https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-security-groups.html
it throws an exception about a circular dependency
Yes, this is expected as well. in your automation, you need to put a logic to delete the inbound rules ( as default outbound rule has 0.0.0.0/0 allow ) before deleting the security group(s).
Relevant content
- Accepted Answerasked 9 months ago
- Accepted Answerasked 3 years ago
AWS OFFICIALUpdated a year ago- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
Thank you so much for the information, Mr Mishra!