EMR block public access setting should be enabled

amazon-emr
This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

Amazon EMR provides the ‘Block public access’ (BPA) setting to help restrict unintended public access to data stored in EMR. By default, accounts that have created Amazon EMR clusters after July 2019 have this setting enabled automatically. Additionally, an exemption for SSH traffic on port 22 is present by default. Exemptions can be added or removed as necessary depending on your requirements.

Remediation

For guidance on configuring EMR BPA settings, refer to the Using Amazon EMR block public access section of the Amazon EMR Management Guide.