Package software.amazon.awscdk.services.glue

Class SecurityConfiguration

java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.core.Construct
software.amazon.awscdk.core.Resource
software.amazon.awscdk.services.glue.SecurityConfiguration
All Implemented Interfaces:
IConstruct, IDependable, IResource, ISecurityConfiguration, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct
@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)", date="2023-06-19T16:30:42.595Z") @Stability(Experimental) public class SecurityConfiguration extends Resource implements ISecurityConfiguration
(experimental) A security configuration is a set of security properties that can be used by AWS Glue to encrypt data at rest.

The following scenarios show some of the ways that you can use a security configuration.

  • Attach a security configuration to an AWS Glue crawler to write encrypted Amazon CloudWatch Logs.
  • Attach a security configuration to an extract, transform, and load (ETL) job to write encrypted Amazon Simple Storage Service (Amazon S3) targets and encrypted CloudWatch Logs.
  • Attach a security configuration to an ETL job to write its jobs bookmarks as encrypted Amazon S3 data.
  • Attach a security configuration to a development endpoint to write encrypted Amazon S3 targets.

Example: 

 SecurityConfiguration.Builder.create(this, "MySecurityConfiguration")
         .securityConfigurationName("name")
         .cloudWatchEncryption(CloudWatchEncryption.builder()
                 .mode(CloudWatchEncryptionMode.KMS)
                 .build())
         .jobBookmarksEncryption(JobBookmarksEncryption.builder()
                 .mode(JobBookmarksEncryptionMode.CLIENT_SIDE_KMS)
                 .build())
         .s3Encryption(S3Encryption.builder()
                 .mode(S3EncryptionMode.KMS)
                 .build())
         .build();

  • Constructor Details

    • SecurityConfiguration

      protected SecurityConfiguration(software.amazon.jsii.JsiiObjectRef objRef)

    • SecurityConfiguration

      protected SecurityConfiguration(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

    • SecurityConfiguration

      @Stability(Experimental) public SecurityConfiguration(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull SecurityConfigurationProps props)
      Parameters:
      scope - This parameter is required.
      id - This parameter is required.
      props - This parameter is required.

  • Method Details

    • fromSecurityConfigurationName

      @Stability(Experimental) @NotNull public static ISecurityConfiguration fromSecurityConfigurationName(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull String securityConfigurationName)
      (experimental) Creates a Connection construct that represents an external security configuration.

      Parameters:
      scope - The scope creating construct (usually this). This parameter is required.
      id - The construct's id. This parameter is required.
      securityConfigurationName - name of external security configuration. This parameter is required.

    • getSecurityConfigurationName

      @Stability(Experimental) @NotNull public String getSecurityConfigurationName()
      (experimental) The name of the security configuration.
      Specified by:
      getSecurityConfigurationName in interface ISecurityConfiguration

    • getCloudWatchEncryptionKey

      @Stability(Experimental) @Nullable public IKey getCloudWatchEncryptionKey()
      (experimental) The KMS key used in CloudWatch encryption if it requires a kms key.

    • getJobBookmarksEncryptionKey

      @Stability(Experimental) @Nullable public IKey getJobBookmarksEncryptionKey()
      (experimental) The KMS key used in job bookmarks encryption if it requires a kms key.

    • getS3EncryptionKey

      @Stability(Experimental) @Nullable public IKey getS3EncryptionKey()
      (experimental) The KMS key used in S3 encryption if it requires a kms key.