EMR bootstrap action solution for Log4j, how to specify bootstrapActionConfigs?

mgloel · February 17, 2022, 12:27pm

Hi,

our IT security department warned us that the EMR instances used for the shredding have a log4j vulnerability issue.

In order to overcome this vulnerability a specific bootstrap action should be configured depending on the AMI version that we are using (6.5.0 in our case):

See here:

I copied the shell script into a bucket on our AWS account. How do I specify that in the emr-config.json.

...
   ],
    "bootstrapActionConfigs": [
      {
        "name": "Elasticity Bootstrap Action Log 4 J ",
        "scriptBootstrapAction": {
          "path": "s3://our-bucket-STAGE/patch-log4j-emr-6.5.0-v1.sh",
          "args": [ "" ]
        }
      }
    ],

...

If we just specify the bucket where the bootstrap shell script is located we get the following error:

json: cannot unmarshal string into Go struct field ClusterConfig.BootstrapActionConfigs of type main.BootstrapActionConfigsRec

dilyan · February 17, 2022, 4:52pm

@mgloel This looks legit on the face of it. Could the string than cannot be unmarshalled be the empty "" you have in args? Have you tried "args": [ ]?

mgloel · February 18, 2022, 7:53am

Hi @dilyan ,

Thanks for your reply. We removed the “args” argument completely. Now it works.

Topic		Replies	Views
EmrEtlRunner compatibility issue with new AWS region AWS batch pipeline (Legacy)	2	1244	March 31, 2017
AWS EMR API Error (ValidationException ) while running EmrEtlRunner AWS batch pipeline (Legacy)	3	1445	September 25, 2017
AWS EMR Bootstrapping Incident revew Open Source Alerts	4	2127	February 27, 2020
EMR cluster step fails Enrichment	6	1636	October 31, 2016
Event Recovery 0.5.0 New releases	0	695	April 15, 2022

EMR bootstrap action solution for Log4j, how to specify bootstrapActionConfigs?

Related Topics