feat(client-emr-containers): EMRonEKS Service support for SecurityCon…

…figuration enforcement for Spark Jobs.
aws · Apr 24, 2024 · 349915b · 349915b
1 parent 02eab1f
commit 349915b
Show file tree

Hide file tree

Showing 15 changed files with 1,533 additions and 0 deletions.
diff --git a/clients/client-emr-containers/README.md b/clients/client-emr-containers/README.md
@@ -249,6 +249,14 @@ CreateManagedEndpoint
 
 [Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/emr-containers/command/CreateManagedEndpointCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-emr-containers/Interface/CreateManagedEndpointCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-emr-containers/Interface/CreateManagedEndpointCommandOutput/)
 
+</details>
+<details>
+<summary>
+CreateSecurityConfiguration
+</summary>
+
+[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/emr-containers/command/CreateSecurityConfigurationCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-emr-containers/Interface/CreateSecurityConfigurationCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-emr-containers/Interface/CreateSecurityConfigurationCommandOutput/)
+
 </details>
 <details>
 <summary>
@@ -305,6 +313,14 @@ DescribeManagedEndpoint
 
 [Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/emr-containers/command/DescribeManagedEndpointCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-emr-containers/Interface/DescribeManagedEndpointCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-emr-containers/Interface/DescribeManagedEndpointCommandOutput/)
 
+</details>
+<details>
+<summary>
+DescribeSecurityConfiguration
+</summary>
+
+[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/emr-containers/command/DescribeSecurityConfigurationCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-emr-containers/Interface/DescribeSecurityConfigurationCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-emr-containers/Interface/DescribeSecurityConfigurationCommandOutput/)
+
 </details>
 <details>
 <summary>
@@ -345,6 +361,14 @@ ListManagedEndpoints
 
 [Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/emr-containers/command/ListManagedEndpointsCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-emr-containers/Interface/ListManagedEndpointsCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-emr-containers/Interface/ListManagedEndpointsCommandOutput/)
 
+</details>
+<details>
+<summary>
+ListSecurityConfigurations
+</summary>
+
+[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/emr-containers/command/ListSecurityConfigurationsCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-emr-containers/Interface/ListSecurityConfigurationsCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-emr-containers/Interface/ListSecurityConfigurationsCommandOutput/)
+
 </details>
 <details>
 <summary>

diff --git a/clients/client-emr-containers/src/EMRContainers.ts b/clients/client-emr-containers/src/EMRContainers.ts
@@ -17,6 +17,11 @@ import {
   CreateManagedEndpointCommandInput,
   CreateManagedEndpointCommandOutput,
 } from "./commands/CreateManagedEndpointCommand";
+import {
+  CreateSecurityConfigurationCommand,
+  CreateSecurityConfigurationCommandInput,
+  CreateSecurityConfigurationCommandOutput,
+} from "./commands/CreateSecurityConfigurationCommand";
 import {
   CreateVirtualClusterCommand,
   CreateVirtualClusterCommandInput,
@@ -52,6 +57,11 @@ import {
   DescribeManagedEndpointCommandInput,
   DescribeManagedEndpointCommandOutput,
 } from "./commands/DescribeManagedEndpointCommand";
+import {
+  DescribeSecurityConfigurationCommand,
+  DescribeSecurityConfigurationCommandInput,
+  DescribeSecurityConfigurationCommandOutput,
+} from "./commands/DescribeSecurityConfigurationCommand";
 import {
   DescribeVirtualClusterCommand,
   DescribeVirtualClusterCommandInput,
@@ -73,6 +83,11 @@ import {
   ListManagedEndpointsCommandInput,
   ListManagedEndpointsCommandOutput,
 } from "./commands/ListManagedEndpointsCommand";
+import {
+  ListSecurityConfigurationsCommand,
+  ListSecurityConfigurationsCommandInput,
+  ListSecurityConfigurationsCommandOutput,
+} from "./commands/ListSecurityConfigurationsCommand";
 import {
   ListTagsForResourceCommand,
   ListTagsForResourceCommandInput,
@@ -96,18 +111,21 @@ const commands = {
   CancelJobRunCommand,
   CreateJobTemplateCommand,
   CreateManagedEndpointCommand,
+  CreateSecurityConfigurationCommand,
   CreateVirtualClusterCommand,
   DeleteJobTemplateCommand,
   DeleteManagedEndpointCommand,
   DeleteVirtualClusterCommand,
   DescribeJobRunCommand,
   DescribeJobTemplateCommand,
   DescribeManagedEndpointCommand,
+  DescribeSecurityConfigurationCommand,
   DescribeVirtualClusterCommand,
   GetManagedEndpointSessionCredentialsCommand,
   ListJobRunsCommand,
   ListJobTemplatesCommand,
   ListManagedEndpointsCommand,
+  ListSecurityConfigurationsCommand,
   ListTagsForResourceCommand,
   ListVirtualClustersCommand,
   StartJobRunCommand,
@@ -161,6 +179,23 @@ export interface EMRContainers {
     cb: (err: any, data?: CreateManagedEndpointCommandOutput) => void
   ): void;
 
+  /**
+   * @see {@link CreateSecurityConfigurationCommand}
+   */
+  createSecurityConfiguration(
+    args: CreateSecurityConfigurationCommandInput,
+    options?: __HttpHandlerOptions
+  ): Promise<CreateSecurityConfigurationCommandOutput>;
+  createSecurityConfiguration(
+    args: CreateSecurityConfigurationCommandInput,
+    cb: (err: any, data?: CreateSecurityConfigurationCommandOutput) => void
+  ): void;
+  createSecurityConfiguration(
+    args: CreateSecurityConfigurationCommandInput,
+    options: __HttpHandlerOptions,
+    cb: (err: any, data?: CreateSecurityConfigurationCommandOutput) => void
+  ): void;
+
   /**
    * @see {@link CreateVirtualClusterCommand}
    */
@@ -277,6 +312,23 @@ export interface EMRContainers {
     cb: (err: any, data?: DescribeManagedEndpointCommandOutput) => void
   ): void;
 
+  /**
+   * @see {@link DescribeSecurityConfigurationCommand}
+   */
+  describeSecurityConfiguration(
+    args: DescribeSecurityConfigurationCommandInput,
+    options?: __HttpHandlerOptions
+  ): Promise<DescribeSecurityConfigurationCommandOutput>;
+  describeSecurityConfiguration(
+    args: DescribeSecurityConfigurationCommandInput,
+    cb: (err: any, data?: DescribeSecurityConfigurationCommandOutput) => void
+  ): void;
+  describeSecurityConfiguration(
+    args: DescribeSecurityConfigurationCommandInput,
+    options: __HttpHandlerOptions,
+    cb: (err: any, data?: DescribeSecurityConfigurationCommandOutput) => void
+  ): void;
+
   /**
    * @see {@link DescribeVirtualClusterCommand}
    */
@@ -357,6 +409,24 @@ export interface EMRContainers {
     cb: (err: any, data?: ListManagedEndpointsCommandOutput) => void
   ): void;
 
+  /**
+   * @see {@link ListSecurityConfigurationsCommand}
+   */
+  listSecurityConfigurations(): Promise<ListSecurityConfigurationsCommandOutput>;
+  listSecurityConfigurations(
+    args: ListSecurityConfigurationsCommandInput,
+    options?: __HttpHandlerOptions
+  ): Promise<ListSecurityConfigurationsCommandOutput>;
+  listSecurityConfigurations(
+    args: ListSecurityConfigurationsCommandInput,
+    cb: (err: any, data?: ListSecurityConfigurationsCommandOutput) => void
+  ): void;
+  listSecurityConfigurations(
+    args: ListSecurityConfigurationsCommandInput,
+    options: __HttpHandlerOptions,
+    cb: (err: any, data?: ListSecurityConfigurationsCommandOutput) => void
+  ): void;
+
   /**
    * @see {@link ListTagsForResourceCommand}
    */

diff --git a/clients/client-emr-containers/src/EMRContainersClient.ts b/clients/client-emr-containers/src/EMRContainersClient.ts
@@ -59,6 +59,10 @@ import {
   CreateManagedEndpointCommandInput,
   CreateManagedEndpointCommandOutput,
 } from "./commands/CreateManagedEndpointCommand";
+import {
+  CreateSecurityConfigurationCommandInput,
+  CreateSecurityConfigurationCommandOutput,
+} from "./commands/CreateSecurityConfigurationCommand";
 import {
   CreateVirtualClusterCommandInput,
   CreateVirtualClusterCommandOutput,
@@ -81,6 +85,10 @@ import {
   DescribeManagedEndpointCommandInput,
   DescribeManagedEndpointCommandOutput,
 } from "./commands/DescribeManagedEndpointCommand";
+import {
+  DescribeSecurityConfigurationCommandInput,
+  DescribeSecurityConfigurationCommandOutput,
+} from "./commands/DescribeSecurityConfigurationCommand";
 import {
   DescribeVirtualClusterCommandInput,
   DescribeVirtualClusterCommandOutput,
@@ -95,6 +103,10 @@ import {
   ListManagedEndpointsCommandInput,
   ListManagedEndpointsCommandOutput,
 } from "./commands/ListManagedEndpointsCommand";
+import {
+  ListSecurityConfigurationsCommandInput,
+  ListSecurityConfigurationsCommandOutput,
+} from "./commands/ListSecurityConfigurationsCommand";
 import {
   ListTagsForResourceCommandInput,
   ListTagsForResourceCommandOutput,
@@ -124,18 +136,21 @@ export type ServiceInputTypes =
   | CancelJobRunCommandInput
   | CreateJobTemplateCommandInput
   | CreateManagedEndpointCommandInput
+  | CreateSecurityConfigurationCommandInput
   | CreateVirtualClusterCommandInput
   | DeleteJobTemplateCommandInput
   | DeleteManagedEndpointCommandInput
   | DeleteVirtualClusterCommandInput
   | DescribeJobRunCommandInput
   | DescribeJobTemplateCommandInput
   | DescribeManagedEndpointCommandInput
+  | DescribeSecurityConfigurationCommandInput
   | DescribeVirtualClusterCommandInput
   | GetManagedEndpointSessionCredentialsCommandInput
   | ListJobRunsCommandInput
   | ListJobTemplatesCommandInput
   | ListManagedEndpointsCommandInput
+  | ListSecurityConfigurationsCommandInput
   | ListTagsForResourceCommandInput
   | ListVirtualClustersCommandInput
   | StartJobRunCommandInput
@@ -149,18 +164,21 @@ export type ServiceOutputTypes =
   | CancelJobRunCommandOutput
   | CreateJobTemplateCommandOutput
   | CreateManagedEndpointCommandOutput
+  | CreateSecurityConfigurationCommandOutput
   | CreateVirtualClusterCommandOutput
   | DeleteJobTemplateCommandOutput
   | DeleteManagedEndpointCommandOutput
   | DeleteVirtualClusterCommandOutput
   | DescribeJobRunCommandOutput
   | DescribeJobTemplateCommandOutput
   | DescribeManagedEndpointCommandOutput
+  | DescribeSecurityConfigurationCommandOutput
   | DescribeVirtualClusterCommandOutput
   | GetManagedEndpointSessionCredentialsCommandOutput
   | ListJobRunsCommandOutput
   | ListJobTemplatesCommandOutput
   | ListManagedEndpointsCommandOutput
+  | ListSecurityConfigurationsCommandOutput
   | ListTagsForResourceCommandOutput
   | ListVirtualClustersCommandOutput
   | StartJobRunCommandOutput

diff --git a/clients/client-emr-containers/src/commands/CreateSecurityConfigurationCommand.ts b/clients/client-emr-containers/src/commands/CreateSecurityConfigurationCommand.ts
@@ -0,0 +1,122 @@
+// smithy-typescript generated code
+import { getEndpointPlugin } from "@smithy/middleware-endpoint";
+import { getSerdePlugin } from "@smithy/middleware-serde";
+import { Command as $Command } from "@smithy/smithy-client";
+import { MetadataBearer as __MetadataBearer } from "@smithy/types";
+
+import { EMRContainersClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EMRContainersClient";
+import { commonParams } from "../endpoint/EndpointParameters";
+import { CreateSecurityConfigurationRequest, CreateSecurityConfigurationResponse } from "../models/models_0";
+import {
+  de_CreateSecurityConfigurationCommand,
+  se_CreateSecurityConfigurationCommand,
+} from "../protocols/Aws_restJson1";
+
+/**
+ * @public
+ */
+export { __MetadataBearer, $Command };
+/**
+ * @public
+ *
+ * The input for {@link CreateSecurityConfigurationCommand}.
+ */
+export interface CreateSecurityConfigurationCommandInput extends CreateSecurityConfigurationRequest {}
+/**
+ * @public
+ *
+ * The output of {@link CreateSecurityConfigurationCommand}.
+ */
+export interface CreateSecurityConfigurationCommandOutput
+  extends CreateSecurityConfigurationResponse,
+    __MetadataBearer {}
+
+/**
+ * <p>Creates a security configuration. Security configurations in Amazon EMR on EKS are
+ *          templates for different security setups. You can use security configurations to configure
+ *          the Lake Formation integration setup. You can also create a security configuration
+ *          to re-use a security setup each time you create a virtual cluster.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { EMRContainersClient, CreateSecurityConfigurationCommand } from "@aws-sdk/client-emr-containers"; // ES Modules import
+ * // const { EMRContainersClient, CreateSecurityConfigurationCommand } = require("@aws-sdk/client-emr-containers"); // CommonJS import
+ * const client = new EMRContainersClient(config);
+ * const input = { // CreateSecurityConfigurationRequest
+ *   clientToken: "STRING_VALUE", // required
+ *   name: "STRING_VALUE", // required
+ *   securityConfigurationData: { // SecurityConfigurationData
+ *     authorizationConfiguration: { // AuthorizationConfiguration
+ *       lakeFormationConfiguration: { // LakeFormationConfiguration
+ *         authorizedSessionTagValue: "STRING_VALUE",
+ *         secureNamespaceInfo: { // SecureNamespaceInfo
+ *           clusterId: "STRING_VALUE",
+ *           namespace: "STRING_VALUE",
+ *         },
+ *         queryEngineRoleArn: "STRING_VALUE",
+ *       },
+ *       encryptionConfiguration: { // EncryptionConfiguration
+ *         inTransitEncryptionConfiguration: { // InTransitEncryptionConfiguration
+ *           tlsCertificateConfiguration: { // TLSCertificateConfiguration
+ *             certificateProviderType: "PEM",
+ *             publicCertificateSecretArn: "STRING_VALUE",
+ *             privateCertificateSecretArn: "STRING_VALUE",
+ *           },
+ *         },
+ *       },
+ *     },
+ *   },
+ *   tags: { // TagMap
+ *     "<keys>": "STRING_VALUE",
+ *   },
+ * };
+ * const command = new CreateSecurityConfigurationCommand(input);
+ * const response = await client.send(command);
+ * // { // CreateSecurityConfigurationResponse
+ * //   id: "STRING_VALUE",
+ * //   name: "STRING_VALUE",
+ * //   arn: "STRING_VALUE",
+ * // };
+ *
+ * ```
+ *
+ * @param CreateSecurityConfigurationCommandInput - {@link CreateSecurityConfigurationCommandInput}
+ * @returns {@link CreateSecurityConfigurationCommandOutput}
+ * @see {@link CreateSecurityConfigurationCommandInput} for command's `input` shape.
+ * @see {@link CreateSecurityConfigurationCommandOutput} for command's `response` shape.
+ * @see {@link EMRContainersClientResolvedConfig | config} for EMRContainersClient's `config` shape.
+ *
+ * @throws {@link InternalServerException} (server fault)
+ *  <p>This is an internal server exception.</p>
+ *
+ * @throws {@link ValidationException} (client fault)
+ *  <p>There are invalid parameters in the client request.</p>
+ *
+ * @throws {@link EMRContainersServiceException}
+ * <p>Base exception class for all service exceptions from EMRContainers service.</p>
+ *
+ * @public
+ */
+export class CreateSecurityConfigurationCommand extends $Command
+  .classBuilder<
+    CreateSecurityConfigurationCommandInput,
+    CreateSecurityConfigurationCommandOutput,
+    EMRContainersClientResolvedConfig,
+    ServiceInputTypes,
+    ServiceOutputTypes
+  >()
+  .ep({
+    ...commonParams,
+  })
+  .m(function (this: any, Command: any, cs: any, config: EMRContainersClientResolvedConfig, o: any) {
+    return [
+      getSerdePlugin(config, this.serialize, this.deserialize),
+      getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
+    ];
+  })
+  .s("AwsChicagoWebService", "CreateSecurityConfiguration", {})
+  .n("EMRContainersClient", "CreateSecurityConfigurationCommand")
+  .f(void 0, void 0)
+  .ser(se_CreateSecurityConfigurationCommand)
+  .de(de_CreateSecurityConfigurationCommand)
+  .build() {}
diff --git a/clients/client-emr-containers/src/commands/CreateVirtualClusterCommand.ts b/clients/client-emr-containers/src/commands/CreateVirtualClusterCommand.ts
@@ -52,6 +52,7 @@ export interface CreateVirtualClusterCommandOutput extends CreateVirtualClusterR
  *   tags: { // TagMap
  *     "<keys>": "STRING_VALUE",
  *   },
+ *   securityConfigurationId: "STRING_VALUE",
  * };
  * const command = new CreateVirtualClusterCommand(input);
  * const response = await client.send(command);