2018/09/26 - AWS Glue - 1 new api methods
Changes AWS Glue now supports data encryption at rest for ETL jobs and development endpoints. With encryption enabled, when you run ETL jobs, or development endpoints, Glue will use AWS KMS keys to write encrypted data at rest. You can also encrypt the metadata stored in the Glue Data Catalog using keys that you manage with AWS KMS. Additionally, you can use AWS KMS keys to encrypt the logs generated by crawlers and ETL jobs as well as encrypt ETL job bookmarks. Encryption settings for Glue crawlers, ETL jobs, and development endpoints can be configured using the security configurations in Glue. Glue Data Catalog encryption can be enabled via the settings for the Glue Data Catalog.
Retrieves the security configuration for a specified catalog.
See also: AWS API Documentation
Request Syntax
client.get_data_catalog_encryption_settings( CatalogId='string' )
string
The ID of the Data Catalog for which to retrieve the security configuration. If none is supplied, the AWS account ID is used by default.
dict
Response Syntax
{ 'DataCatalogEncryptionSettings': { 'EncryptionAtRest': { 'CatalogEncryptionMode': 'DISABLED'|'SSE-KMS', 'SseAwsKmsKeyId': 'string' } } }
Response Structure
(dict) --
DataCatalogEncryptionSettings (dict) --
The requested security configuration.
EncryptionAtRest (dict) --
Specifies encryption-at-rest configuration for the Data Catalog.
CatalogEncryptionMode (string) --
The encryption-at-rest mode for encrypting Data Catalog data.
SseAwsKmsKeyId (string) --
The ID of the AWS KMS key to use for encryption at rest.