Class KerberosConfig

Specifies Kerberos related configuration.

Attributes
NameDescription
boolenable_kerberos
Optional. Flag to indicate whether to Kerberize the cluster (default: false). Set this field to true to enable Kerberos on a cluster.
strroot_principal_password_uri
Optional. The Cloud Storage URI of a KMS encrypted file containing the root principal password.
strkms_key_uri
Optional. The uri of the KMS key used to encrypt various sensitive files.
strkeystore_uri
Optional. The Cloud Storage URI of the keystore file used for SSL encryption. If not provided, Dataproc will provide a self-signed certificate.
strtruststore_uri
Optional. The Cloud Storage URI of the truststore file used for SSL encryption. If not provided, Dataproc will provide a self-signed certificate.
strkeystore_password_uri
Optional. The Cloud Storage URI of a KMS encrypted file containing the password to the user provided keystore. For the self-signed certificate, this password is generated by Dataproc.
strkey_password_uri
Optional. The Cloud Storage URI of a KMS encrypted file containing the password to the user provided key. For the self-signed certificate, this password is generated by Dataproc.
strtruststore_password_uri
Optional. The Cloud Storage URI of a KMS encrypted file containing the password to the user provided truststore. For the self-signed certificate, this password is generated by Dataproc.
strcross_realm_trust_realm
Optional. The remote realm the Dataproc on- luster KDC will trust, should the user enable cross realm trust.
strcross_realm_trust_kdc
Optional. The KDC (IP or hostname) for the remote trusted realm in a cross realm trust relationship.
strcross_realm_trust_admin_server
Optional. The admin server (IP or hostname) for the remote trusted realm in a cross realm trust relationship.
strcross_realm_trust_shared_password_uri
Optional. The Cloud Storage URI of a KMS encrypted file containing the shared password between the on-cluster Kerberos realm and the remote trusted realm, in a cross realm trust relationship.
strkdc_db_key_uri
Optional. The Cloud Storage URI of a KMS encrypted file containing the master key of the KDC database.
inttgt_lifetime_hours
Optional. The lifetime of the ticket granting ticket, in hours. If not specified, or user specifies 0, then default value 10 will be used.
strrealm
Optional. The name of the on-cluster Kerberos realm. If not specified, the uppercased domain of hostnames will be the realm.

Inheritance

builtins.object > proto.message.Message > KerberosConfig