创建EMR群集时出错,EMR服务角色无效

时间:2020-05-12 01:05:08

标签: amazon-web-services aws-lambda permissions amazon-cloudformation amazon-emr

我正在通过cloudformation和lambda函数创建一个emr集群。创建堆栈后,当我运行lambda函数时,它将通过赋予EMR服务角色来启动群集:is invalid error。我的服务角色和工作流程角色代码已随附。我缺少什么权限,或者我应该授予该权限才能让我的emr开始执行这些步骤。

EMRClusterServiceRole:
    Type: 'AWS::IAM::Role'
    Properties:
      AssumeRolePolicyDocument:
        Version: 2012-10-17
        Statement:
        - Effect: Allow
          Principal:
            Service:
            - ec2.amazonaws.com
          Action:
          - 'sts:AssumeRole'
      ManagedPolicyArns:
            - arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforEC2Role
      Path: /

  EMRClusterinstanceProfileRole: 
    Type: 'AWS::IAM::Role'
    Properties:
      AssumeRolePolicyDocument:
        Version: 2012-10-17
        Statement:
        - Effect: Allow
          Principal: 
            Service: 
            - ec2.amazonaws.com
          Action: 
          - 'sts:AssumeRole'
      ManagedPolicyArns: 
        - arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforEC2Role
      Path: /

  EMRClusterinstanceProfile:
    Type: AWS::IAM::InstanceProfile
    Properties:
      Path: /
      Roles:
      - !Ref EMRClusterinstanceProfileRole

  EMRJobFlowProfileinstance: 
    Type: AWS::IAM::InstanceProfile
    Properties:
      Path: /
      Roles:
      - !Ref EMRJobFlowRole


  EMRJobFlowRole:       
    Type: AWS::IAM::Role
    Properties:
      AssumeRolePolicyDocument:
        Version: 2012-10-17
        Statement:
        - Effect: Allow
          Principal: 
            Service: 
            - ec2.amazonaws.com
          Action: 
          - 'sts:AssumeRole'
      ManagedPolicyArns: 
        - arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforEC2Role
      Path: /

1 个答案:

答案 0 :(得分:0)

基于这些评论,解决方案是用作elasticmapreduce.amazonaws.com信任策略原则。

相关问题
最新问题