bool
Optional. Flag to indicate whether to
Kerberize the cluster (default: false). Set this
field to true to enable Kerberos on a cluster.
root_principal_password_uri
str
Optional. The Cloud Storage URI of a KMS
encrypted file containing the root principal
password.
kms_key_uri
str
Optional. The URI of the KMS key used to
encrypt sensitive files.
keystore_uri
str
Optional. The Cloud Storage URI of the
keystore file used for SSL encryption. If not
provided, Dataproc will provide a self-signed
certificate.
truststore_uri
str
Optional. The Cloud Storage URI of the
truststore file used for SSL encryption. If not
provided, Dataproc will provide a self-signed
certificate.
keystore_password_uri
str
Optional. The Cloud Storage URI of a KMS
encrypted file containing the password to the
user provided keystore. For the self-signed
certificate, this password is generated by
Dataproc.
key_password_uri
str
Optional. The Cloud Storage URI of a KMS
encrypted file containing the password to the
user provided key. For the self-signed
certificate, this password is generated by
Dataproc.
truststore_password_uri
str
Optional. The Cloud Storage URI of a KMS
encrypted file containing the password to the
user provided truststore. For the self-signed
certificate, this password is generated by
Dataproc.
cross_realm_trust_realm
str
Optional. The remote realm the Dataproc
on-cluster KDC will trust, should the user
enable cross realm trust.
cross_realm_trust_kdc
str
Optional. The KDC (IP or hostname) for the
remote trusted realm in a cross realm trust
relationship.
cross_realm_trust_admin_server
str
Optional. The admin server (IP or hostname)
for the remote trusted realm in a cross realm
trust relationship.
cross_realm_trust_shared_password_uri
str
Optional. The Cloud Storage URI of a KMS
encrypted file containing the shared password
between the on-cluster Kerberos realm and the
remote trusted realm, in a cross realm trust
relationship.
kdc_db_key_uri
str
Optional. The Cloud Storage URI of a KMS
encrypted file containing the master key of the
KDC database.
tgt_lifetime_hours
int
Optional. The lifetime of the ticket granting
ticket, in hours. If not specified, or user
specifies 0, then default value 10 will be used.
realm
str
Optional. The name of the on-cluster Kerberos
realm. If not specified, the uppercased domain
of hostnames will be the realm.
