Skip to content

Resource: awsGlueSecurityConfiguration

Manages a Glue Security Configuration.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.glueSecurityConfiguration.GlueSecurityConfiguration(this, "example", {
  encryptionConfiguration: {
    cloudwatchEncryption: {
      cloudwatchEncryptionMode: "DISABLED",
    },
    jobBookmarksEncryption: {
      jobBookmarksEncryptionMode: "DISABLED",
    },
    s3Encryption: {
      kmsKeyArn: "${data.aws_kms_key.example.arn}",
      s3EncryptionMode: "SSE-KMS",
    },
  },
  name: "example",
});

Argument Reference

The following arguments are supported:

  • encryptionConfiguration – (Required) Configuration block containing encryption configuration. Detailed below.
  • name – (Required) Name of the security configuration.

encryption_configuration Argument Reference

  • cloudwatchEncryption - (Required) A cloudwatchEncryption block as described below, which contains encryption configuration for CloudWatch.
  • jobBookmarksEncryption - (Required) A jobBookmarksEncryption block as described below, which contains encryption configuration for job bookmarks.
  • s3Encryption - (Required) A s3Encryption block as described below, which contains encryption configuration for S3 data.

cloudwatch_encryption Argument Reference

  • cloudwatchEncryptionMode - (Optional) Encryption mode to use for CloudWatch data. Valid values: disabled, sseKms. Default value: disabled.
  • kmsKeyArn - (Optional) Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.

job_bookmarks_encryption Argument Reference

  • jobBookmarksEncryptionMode - (Optional) Encryption mode to use for job bookmarks data. Valid values: cseKms, disabled. Default value: disabled.
  • kmsKeyArn - (Optional) Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.

s3_encryption Argument Reference

  • s3EncryptionMode - (Optional) Encryption mode to use for S3 data. Valid values: disabled, sseKms, sseS3. Default value: disabled.
  • kmsKeyArn - (Optional) Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • id - Glue security configuration name

Import

Glue Security Configurations can be imported using name, e.g.,

$ terraform import aws_glue_security_configuration.example example