Hi,
our IT security department warned us that the EMR instances used for the shredding have a log4j vulnerability issue.
In order to overcome this vulnerability a specific bootstrap action should be configured depending on the AMI version that we are using (6.5.0 in our case):
See here:
I copied the shell script into a bucket on our AWS account. How do I specify that in the emr-config.json.
...
],
"bootstrapActionConfigs": [
{
"name": "Elasticity Bootstrap Action Log 4 J ",
"scriptBootstrapAction": {
"path": "s3://our-bucket-STAGE/patch-log4j-emr-6.5.0-v1.sh",
"args": [ "" ]
}
}
],
...
If we just specify the bucket where the bootstrap shell script is located we get the following error:
json: cannot unmarshal string into Go struct field ClusterConfig.BootstrapActionConfigs of type main.BootstrapActionConfigsRec