Class KerberosConfig (5.16.0)

KerberosConfig(mapping=None, *, ignore_unknown_fields=False, **kwargs)

Specifies Kerberos related configuration.

Attributes

Name Description
enable_kerberos bool
Optional. Flag to indicate whether to Kerberize the cluster (default: false). Set this field to true to enable Kerberos on a cluster.
root_principal_password_uri str
Optional. The Cloud Storage URI of a KMS encrypted file containing the root principal password.
kms_key_uri str
Optional. The URI of the KMS key used to encrypt sensitive files.
keystore_uri str
Optional. The Cloud Storage URI of the keystore file used for SSL encryption. If not provided, Dataproc will provide a self-signed certificate.
truststore_uri str
Optional. The Cloud Storage URI of the truststore file used for SSL encryption. If not provided, Dataproc will provide a self-signed certificate.
keystore_password_uri str
Optional. The Cloud Storage URI of a KMS encrypted file containing the password to the user provided keystore. For the self-signed certificate, this password is generated by Dataproc.
key_password_uri str
Optional. The Cloud Storage URI of a KMS encrypted file containing the password to the user provided key. For the self-signed certificate, this password is generated by Dataproc.
truststore_password_uri str
Optional. The Cloud Storage URI of a KMS encrypted file containing the password to the user provided truststore. For the self-signed certificate, this password is generated by Dataproc.
cross_realm_trust_realm str
Optional. The remote realm the Dataproc on-cluster KDC will trust, should the user enable cross realm trust.
cross_realm_trust_kdc str
Optional. The KDC (IP or hostname) for the remote trusted realm in a cross realm trust relationship.
cross_realm_trust_admin_server str
Optional. The admin server (IP or hostname) for the remote trusted realm in a cross realm trust relationship.
cross_realm_trust_shared_password_uri str
Optional. The Cloud Storage URI of a KMS encrypted file containing the shared password between the on-cluster Kerberos realm and the remote trusted realm, in a cross realm trust relationship.
kdc_db_key_uri str
Optional. The Cloud Storage URI of a KMS encrypted file containing the master key of the KDC database.
tgt_lifetime_hours int
Optional. The lifetime of the ticket granting ticket, in hours. If not specified, or user specifies 0, then default value 10 will be used.
realm str
Optional. The name of the on-cluster Kerberos realm. If not specified, the uppercased domain of hostnames will be the realm.