AWS Data Pipeline 不再向新客户提供。的现有客户 AWS Data Pipeline 可以继续照常使用该服务。[了解详情](https://aws.amazon.com/blogs/big-data/migrate-workloads-from-aws-data-pipeline/)
本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
# 配置 Hadoop KMS ACLs 并在 HDFS 中创建加密区域
**Example**
以下对象是 ACLs 为 Hadoop KMS 创建的,并在 HDFS 中创建加密区域和相应的加密密钥:
```
{
"name": "kmsAcls",
"id": "kmsAcls",
"type": "EmrConfiguration",
"classification": "hadoop-kms-acls",
"property": [
{"ref":"kmsBlacklist"},
{"ref":"kmsAcl"}
]
},
{
"name": "hdfsEncryptionZone",
"id": "hdfsEncryptionZone",
"type": "EmrConfiguration",
"classification": "hdfs-encryption-zones",
"property": [
{"ref":"hdfsPath1"},
{"ref":"hdfsPath2"}
]
},
{
"name": "kmsBlacklist",
"id": "kmsBlacklist",
"type": "Property",
"key": "hadoop.kms.blacklist.CREATE",
"value": "foo,myBannedUser"
},
{
"name": "kmsAcl",
"id": "kmsAcl",
"type": "Property",
"key": "hadoop.kms.acl.ROLLOVER",
"value": "myAllowedUser"
},
{
"name": "hdfsPath1",
"id": "hdfsPath1",
"type": "Property",
"key": "/myHDFSPath1",
"value": "path1_key"
},
{
"name": "hdfsPath2",
"id": "hdfsPath2",
"type": "Property",
"key": "/myHDFSPath2",
"value": "path2_key"
}
```