Encrypting connection passwords

You can retrieve connection passwords in the AWS Glue Data Catalog by using the GetConnection and GetConnections API operations. These passwords are stored in the Data Catalog connection and are used when AWS Glue connects to a Java Database Connectivity (JDBC) data store. When the connection was created or updated, an option in the Data Catalog settings determined whether the password was encrypted, and if so, what AWS Key Management Service (AWS KMS) key was specified.

On the AWS Glue console, you can turn on this option on the Data catalog settings page.

To encrypt connection passwords

Sign in to the AWS Management Console and open the AWS Glue console at https://console.aws.amazon.com/glue/.
Choose Settings in the navigation pane.
On the Data catalog settings page, select Encrypt connection passwords, and choose an AWS KMS key.

Important
AWS Glue supports only symmetric customer master keys (CMKs). The AWS KMS key list displays only symmetric keys. However, if you select Choose a AWS KMS key ARN, the console lets you enter an ARN for any key type. Ensure that you enter only ARNs for symmetric keys.

For more information, see Data Catalog settings .

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Encrypting your Data Catalog

Encrypting data written by AWS Glue

Encrypting connection passwords

To encrypt connection passwords

Important