Ensure AWS Glue component is associated with a security configuration

*Error: AWS Glue component is not associated with a security configuration

Bridgecrew Policy ID: BC_AWS_GENERAL_137
Checkov Check ID: CKV_AWS_195
Severity: LOW

AWS Glue component is not associated with a security configuration

Description

A security configuration specifies the encryption settings for data stored on data stores and for data in transit. By associating your Glue components with a security configuration, you can ensure that your data is encrypted in accordance with your security requirements.

Encrypting your data can help protect it from unauthorized access and ensure the confidentiality of your data. This is especially important for sensitive data, such as financial or personal information.

Fix - Runtime

Fix - Buildtime

Terraform

resource "aws_glue_crawler" "enabled" {
  database_name = "aws_glue_catalog_database.example.name"
  name          = "example"
  role          = "aws_iam_role.example.arn"

  security_configuration = "aws_glue_security_configuration.example.name"
}

resource "aws_glue_dev_endpoint" "enabled" {
  name     = "example"
  role_arn = "aws_iam_role.example.arn"

  security_configuration = "aws_glue_security_configuration.example.name"
}

resource "aws_glue_job" "enabled" {
  name     = "example"
  role_arn = "aws_iam_role.example.arn"

  security_configuration = "aws_glue_security_configuration.example.name"

  command {
    script_location = "s3://aws_s3_bucket.example.bucket/example.py"
  }
}

Updated 11 months ago