Ensure Glue component has a security configuration associated

Error: AWS Glue component has no security configuration associated

AWS Glue component has no security configuration associated

Description

Ensure that AWS Glue components Crawlers, Jobs, and Development Endpoints have a security configuration associated. It is needed to encrypt data at rest.

Fix - Runtime

CLI Command

aws glue update-crawler \

–name <value> \

[–crawler-security-configuration <value>]

Fix - Buildtime

Terraform
  • Resource: aws_glue_crawleraws_glue_dev_endpoint and aws_glue_job
  • Arguments: security_configuration

resource “aws_glue_crawler” “example” {

name = “example”

security_configuration = aws_glue_security_configuration.example.name

}

CloudFormation
  • Resource: AWS::Glue::CrawlerAWS::Glue::DevEndpoint and AWS::Glue::Job
  • Arguments: Properties.CrawlerSecurityConfiguration or SecurityConfiguration

Resources:

Crawler:

Type: AWS::Glue::Crawler

Properties:

Name: example

CrawlerSecurityConfiguration: !Ref SecurityConfiguration

Job:

Type: AWS::Glue::Job

Properties:

Name: example

SecurityConfiguration: !Ref SecurityConfiguration

ReLambda