Glue / Client / create_security_configuration

create_security_configuration#

Glue.Client.create_security_configuration(**kwargs)#

Creates a new security configuration. A security configuration is a set of security properties that can be used by Glue. You can use a security configuration to encrypt data at rest. For information about using security configurations in Glue, see Encrypting Data Written by Crawlers, Jobs, and Development Endpoints.

See also: AWS API Documentation

Request Syntax

response = client.create_security_configuration(
    Name='string',
    EncryptionConfiguration={
        'S3Encryption': [
            {
                'S3EncryptionMode': 'DISABLED'|'SSE-KMS'|'SSE-S3',
                'KmsKeyArn': 'string'
            },
        ],
        'CloudWatchEncryption': {
            'CloudWatchEncryptionMode': 'DISABLED'|'SSE-KMS',
            'KmsKeyArn': 'string'
        },
        'JobBookmarksEncryption': {
            'JobBookmarksEncryptionMode': 'DISABLED'|'CSE-KMS',
            'KmsKeyArn': 'string'
        },
        'DataQualityEncryption': {
            'DataQualityEncryptionMode': 'DISABLED'|'SSE-KMS',
            'KmsKeyArn': 'string'
        }
    }
)
Parameters:
  • Name (string) –

    [REQUIRED]

    The name for the new security configuration.

  • EncryptionConfiguration (dict) –

    [REQUIRED]

    The encryption configuration for the new security configuration.

    • S3Encryption (list) –

      The encryption configuration for Amazon Simple Storage Service (Amazon S3) data.

      • (dict) –

        Specifies how Amazon Simple Storage Service (Amazon S3) data should be encrypted.

        • S3EncryptionMode (string) –

          The encryption mode to use for Amazon S3 data.

        • KmsKeyArn (string) –

          The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.

    • CloudWatchEncryption (dict) –

      The encryption configuration for Amazon CloudWatch.

      • CloudWatchEncryptionMode (string) –

        The encryption mode to use for CloudWatch data.

      • KmsKeyArn (string) –

        The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.

    • JobBookmarksEncryption (dict) –

      The encryption configuration for job bookmarks.

      • JobBookmarksEncryptionMode (string) –

        The encryption mode to use for job bookmarks data.

      • KmsKeyArn (string) –

        The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.

    • DataQualityEncryption (dict) –

      The encryption configuration for Glue Data Quality assets.

      • DataQualityEncryptionMode (string) –

        The encryption mode to use for encrypting Data Quality assets. These assets include data quality rulesets, results, statistics, anomaly detection models and observations.

        Valid values are SSEKMS for encryption using a customer-managed KMS key, or DISABLED.

      • KmsKeyArn (string) –

        The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.

Return type:

dict

Returns:

Response Syntax

{
    'Name': 'string',
    'CreatedTimestamp': datetime(2015, 1, 1)
}

Response Structure

  • (dict) –

    • Name (string) –

      The name assigned to the new security configuration.

    • CreatedTimestamp (datetime) –

      The time at which the new security configuration was created.

Exceptions

  • Glue.Client.exceptions.AlreadyExistsException

  • Glue.Client.exceptions.InvalidInputException

  • Glue.Client.exceptions.InternalServiceException

  • Glue.Client.exceptions.OperationTimeoutException

  • Glue.Client.exceptions.ResourceNumberLimitExceededException