AWS Glue Security Configuration
This page shows how to write Terraform and CloudFormation for AWS Glue Security Configuration and write them securely.
aws_glue_security_configuration (Terraform)
The Security Configuration in AWS Glue can be configured in Terraform with the resource name aws_glue_security_configuration
. The following sections describe 5 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_glue_security_configuration" "glue_security" {
name = var.security_name
encryption_configuration {
cloudwatch_encryption {
}
resource "aws_glue_security_configuration" "main" {
name = var.database
encryption_configuration {
cloudwatch_encryption {
cloudwatch_encryption_mode = "DISABLED"
resource "aws_glue_security_configuration" "glue_security" {
name = var.security_name
encryption_configuration {
cloudwatch_encryption {
}
resource "aws_glue_security_configuration" "positive1" {
name = "example"
encryption_configuration {
cloudwatch_encryption {
cloudwatch_encryption_mode = "SSE-KMS"
resource "aws_glue_security_configuration" "positive2" {
name = "example"
encryption_configuration {
cloudwatch_encryption {
cloudwatch_encryption_mode = "SSE-KMS"
Parameters
-
id
optional computed - string -
name
required - string -
encryption_configuration
list block-
cloudwatch_encryption
list block-
cloudwatch_encryption_mode
optional - string -
kms_key_arn
optional - string
-
-
job_bookmarks_encryption
list block-
job_bookmarks_encryption_mode
optional - string -
kms_key_arn
optional - string
-
-
s3_encryption
list block-
kms_key_arn
optional - string -
s3_encryption_mode
optional - string
-
-
Explanation in Terraform Registry
Manages a Glue Security Configuration.
AWS::Glue::SecurityConfiguration (CloudFormation)
The SecurityConfiguration in Glue can be configured in CloudFormation with the resource name AWS::Glue::SecurityConfiguration
. The following sections describe 10 examples of how to use the resource and its parameters.
Example Usage from GitHub
Type: "AWS::Glue::SecurityConfiguration"
Properties:
EncryptionConfiguration:
S3Encryptions:
- KmsKeyArn: !Ref KmsS3Arn
S3EncryptionMode: SSE-KMS
Type: AWS::Glue::SecurityConfiguration
Properties:
Name: Name
EncryptionConfiguration:
CloudWatchEncryption:
CloudWatchEncryptionMode: SSE-KMS
Type: AWS::Glue::SecurityConfiguration
Properties:
Name: Name
EncryptionConfiguration:
CloudWatchEncryption:
CloudWatchEncryptionMode: SSE-KMS
Type: AWS::Glue::SecurityConfiguration
Properties:
Name: Name
EncryptionConfiguration:
CloudWatchEncryption:
CloudWatchEncryptionMode: DISABLED
Type: AWS::Glue::SecurityConfiguration
Properties:
Name: Name
EncryptionConfiguration:
CloudWatchEncryption:
CloudWatchEncryptionMode: DISABLED
"Type": "AWS::Glue::SecurityConfiguration",
"Properties": {
"EncryptionConfiguration": {
"CloudWatchEncryption": {
"CloudWatchEncryptionMode": "SSE-KMS",
"KmsKeyArn": {
"Type": "AWS::Glue::SecurityConfiguration",
"Properties": {
"EncryptionConfiguration": {
"CloudWatchEncryption": {
"CloudWatchEncryptionMode": "SSE-KMS",
"KmsKeyArn": {
"Type": "AWS::Glue::SecurityConfiguration",
"Properties": {
"EncryptionConfiguration": {
"CloudWatchEncryption": {
"CloudWatchEncryptionMode": "SSE-KMS",
"KmsKeyArn": {
"Type": "AWS::Glue::SecurityConfiguration",
"Properties": {
"EncryptionConfiguration": {
"CloudWatchEncryption": {
"CloudWatchEncryptionMode": "SSE-KMS",
"KmsKeyArn": {
"Type": "AWS::Glue::SecurityConfiguration",
"Properties": {
"EncryptionConfiguration": {
"CloudWatchEncryption": {
"CloudWatchEncryptionMode": "SSE-KMS",
"KmsKeyArn": {
Parameters
-
EncryptionConfiguration
required - EncryptionConfiguration -
Name
required - String
Explanation in CloudFormation Registry
Creates a new security configuration. A security configuration is a set of security properties that can be used by AWS Glue. You can use a security configuration to encrypt data at rest. For information about using security configurations in AWS Glue, see Encrypting Data Written by Crawlers, Jobs, and Development Endpoints.
Frequently asked questions
What is AWS Glue Security Configuration?
AWS Glue Security Configuration is a resource for Glue of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.
Where can I find the example code for the AWS Glue Security Configuration?
For Terraform, the 1oglop1/aws-glue-monorepo-style, CMSgov/beneficiary-fhir-data and SJREDDY6/terra source code examples are useful. See the Terraform Example section for further details.
For CloudFormation, the MarcoAP/AWSTraining, SnidermanIndustries/checkov-fork and bridgecrewio/checkov source code examples are useful. See the CloudFormation Example section for further details.