Scenario
This feature facilitates the management of users within the EMR cluster, enabling swift addition, modification, and deletion of cluster users. Newly added users can be utilized for Hadoop cluster task submissions. This document will guide you through the relevant operations of user management.
Note
Currently, the user management feature is supported by EMR-V2.6.0, EMR-V3.2.1, and subsequent newer versions.
Deleting users or resetting passwords may potentially lead to the failure of ongoing tasks, thus necessitating careful execution.
Instructions
1. Log in to the Elastic MapReduce Console, and in the cluster list, click on the cluster ID/Name to access the cluster details page.
2. On the cluster details page, click on User Management. This page supports functions such as batch user addition, batch user deletion, password reset, and Keytab download.
3. Click on Create New User to begin the process of user creation. The username, user group, and password are mandatory fields, while the notes field is optional.
4. Creating a new user supports automatic synchronization with Ranger, with a default sync frequency of one minute. If you need to adjust the sync frequency, you can go to the Ranger configuration management page, modify the ranger.usersync.sleeptimeinmillisbetweensynccycle parameter, and distribute the configuration.
Note
For clusters created before July 1, 2023, it is necessary to manually trigger the distribution of the ranger-ugsync-site.xml configuration and restart the EnableUnixAuth service for user synchronization to take effect. You can go to the Ranger configuration management page, select the ranger-ugsync-site.xml configuration file, execute the configuration distribution operation, and then restart the service.
5. Reset Password
On the User Management list page, click on Reset Password in the operations on the right side of the user whose password needs to be changed. After entering and confirming the new password, click on Confirm to complete the reset.
6. Download Keytab
On the User Management list page, select the user for whom you need to download the Keytab, then click on Download Keytab. The Keytab can be used to log into the cluster.
Note
Kerberos clusters support the download of Keytab.
7. Delete User
On the User Management list page, click on Delete in the operations on the right side of the user you need to remove. Click on Confirm Deletion to complete the removal.
