AWS Data Pipeline 不再提供給新客戶。的現有客戶 AWS Data Pipeline 可以繼續正常使用服務。[進一步了解](https://aws.amazon.com/blogs/big-data/migrate-workloads-from-aws-data-pipeline/)
本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
# 設定 Hadoop KMS ACL 並在 HDFS 中建立加密區域
**Example**
下列物件會建立 Hadoop KMS 的 ACL,並在 HDFS 中建立加密區域及對應的加密金鑰:
```
{
"name": "kmsAcls",
"id": "kmsAcls",
"type": "EmrConfiguration",
"classification": "hadoop-kms-acls",
"property": [
{"ref":"kmsBlacklist"},
{"ref":"kmsAcl"}
]
},
{
"name": "hdfsEncryptionZone",
"id": "hdfsEncryptionZone",
"type": "EmrConfiguration",
"classification": "hdfs-encryption-zones",
"property": [
{"ref":"hdfsPath1"},
{"ref":"hdfsPath2"}
]
},
{
"name": "kmsBlacklist",
"id": "kmsBlacklist",
"type": "Property",
"key": "hadoop.kms.blacklist.CREATE",
"value": "foo,myBannedUser"
},
{
"name": "kmsAcl",
"id": "kmsAcl",
"type": "Property",
"key": "hadoop.kms.acl.ROLLOVER",
"value": "myAllowedUser"
},
{
"name": "hdfsPath1",
"id": "hdfsPath1",
"type": "Property",
"key": "/myHDFSPath1",
"value": "path1_key"
},
{
"name": "hdfsPath2",
"id": "hdfsPath2",
"type": "Property",
"key": "/myHDFSPath2",
"value": "path2_key"
}
```