Associate AWS Glue component with a security component Low

AWS Glue component is detected without associated security configuration. Make sure that Glue component is associated with a security component.

Detector ID
terraform/associate-glue-security-terraform@v1.0
Category
Common Weakness Enumeration (CWE) external icon

Noncompliant example

1resource "aws_glue_crawler" "cloudrail_table_crawler" {
2  database_name = aws_glue_catalog_database.cloudrail_table_database.name
3  name          = "cloudrail_table_crawler"
4  role          = aws_iam_role.cloudrail_glue_iam.arn
5  # Noncompliant: Glue component has no security configuration associated.
6  s3_target {
7    path = "s3://${aws_s3_bucket.cloudrail.bucket}"
8  }
9}

Compliant example

1resource "aws_glue_crawler" "cloudrail_table_crawler" {
2  database_name = aws_glue_catalog_database.cloudrail_table_database.name
3  name          = "cloudrail_table_crawler"
4  role          = aws_iam_role.cloudrail_glue_iam.arn
5
6  s3_target {
7    path = "s3://${aws_s3_bucket.cloudrail.bucket}"
8  }
9  # Compliant: Glue component has a security configuration associated.
10  security_configuration = aws_glue_security_configuration.example.name
11}