Skip to content

EMR - Access Control¶

Overview¶

Privacera provides a comprehensive access control solution for Amazon EMR clusters, enabling users to define and enforce Fine-Grained Access Control (FGAC) policies for Spark, Hive, and Trino, as well as Object-Level Access Control(OLAC) for Spark.

The Privacera connector for AWS EMR supports various services depending on whether your EMR cluster has Kerberos enabled or not. Policy enforcement is managed using Privacera's Spark OLAC plugin, Hive FGAC plugin and Trino FGAC plugin.

Connector	Supported
EMR on EC2	Kerberos - Spark (OLAC), Hive (FGAC), Trino (FGAC) Non-Kerberos - Spark (OLAC) using JWT user identity
EMR Serverless	Only Spark OLAC (From Privacera version 9.3.0.1)
EMR on EKS	Not supported

Privacera supported features for EMR Cluster:

Feature	Supported
Access Management	Yes
Discovery	No
Encryption	Yes

Access Management

Encryption

Comments