Ensure AWS Glue component is associated with a security configuration
*Error: AWS Glue component is not associated with a security configuration
Bridgecrew Policy ID: BC_AWS_GENERAL_137
Checkov Check ID: CKV_AWS_195
Severity: LOW
AWS Glue component is not associated with a security configuration
Description
A security configuration specifies the encryption settings for data stored on data stores and for data in transit. By associating your Glue components with a security configuration, you can ensure that your data is encrypted in accordance with your security requirements.
Encrypting your data can help protect it from unauthorized access and ensure the confidentiality of your data. This is especially important for sensitive data, such as financial or personal information.
Fix - Runtime
Fix - Buildtime
Terraform
resource "aws_glue_crawler" "enabled" {
database_name = "aws_glue_catalog_database.example.name"
name = "example"
role = "aws_iam_role.example.arn"
security_configuration = "aws_glue_security_configuration.example.name"
}
resource "aws_glue_dev_endpoint" "enabled" {
name = "example"
role_arn = "aws_iam_role.example.arn"
security_configuration = "aws_glue_security_configuration.example.name"
}
resource "aws_glue_job" "enabled" {
name = "example"
role_arn = "aws_iam_role.example.arn"
security_configuration = "aws_glue_security_configuration.example.name"
command {
script_location = "s3://aws_s3_bucket.example.bucket/example.py"
}
}
Updated 11 months ago