Network misconfigurations

Amazon EMR cluster’s master node with public IP

Risk Level

Informational (4)

Platform(s)

Description

EMR, Elastic MapReduce, is a managed cluster platform that simplifies running big data frameworks. EMR cluster is a collection of Amazon Elastic Compute Cloud (Amazon EC2) instances. Each instance in the cluster is called a node. The master node manages the cluster and coordinates the distribution of data and tasks among other nodes for processing. Master node {AwsEmrInstance} has an associated public IP address. Although it allows to create a secure access using SSH tunnel, associating the master node with public IP address directly and not within a VPC or a private subnet that has IPv4 does not stand with security best practices.
  • Recommended Mitigation

    It is recommended to create a new cluster in VPC private subnet. After launch, it is not possible to manually disassociate a public IPv4 address from that instance. For more information: <a href="https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-vpc-launching-job-flows.html" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-vpc-launching-job-flows.html</a>