create-security-configuration¶
Description¶
Creates a new security configuration. A security configuration is a set of security properties that can be used by AWS Glue. You can use a security configuration to encrypt data at rest. For information about using security configurations in AWS Glue, see Encrypting Data Written by Crawlers, Jobs, and Development Endpoints .
See also: AWS API Documentation
See ‘aws help’ for descriptions of global parameters.
Synopsis¶
create-security-configuration
--name <value>
--encryption-configuration <value>
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
[--cli-auto-prompt <value>]
Options¶
--name (string)
The name for the new security configuration.
--encryption-configuration (structure)
The encryption configuration for the new security configuration.
S3Encryption -> (list)
The encryption configuration for Amazon Simple Storage Service (Amazon S3) data.
(structure)
Specifies how Amazon Simple Storage Service (Amazon S3) data should be encrypted.
S3EncryptionMode -> (string)
The encryption mode to use for Amazon S3 data.
KmsKeyArn -> (string)
The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.
CloudWatchEncryption -> (structure)
The encryption configuration for Amazon CloudWatch.
CloudWatchEncryptionMode -> (string)
The encryption mode to use for CloudWatch data.
KmsKeyArn -> (string)
The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.
JobBookmarksEncryption -> (structure)
The encryption configuration for job bookmarks.
JobBookmarksEncryptionMode -> (string)
The encryption mode to use for job bookmarks data.
KmsKeyArn -> (string)
The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.
Shorthand Syntax:
S3Encryption=[{S3EncryptionMode=string,KmsKeyArn=string},{S3EncryptionMode=string,KmsKeyArn=string}],CloudWatchEncryption={CloudWatchEncryptionMode=string,KmsKeyArn=string},JobBookmarksEncryption={JobBookmarksEncryptionMode=string,KmsKeyArn=string}
JSON Syntax:
{
"S3Encryption": [
{
"S3EncryptionMode": "DISABLED"|"SSE-KMS"|"SSE-S3",
"KmsKeyArn": "string"
}
...
],
"CloudWatchEncryption": {
"CloudWatchEncryptionMode": "DISABLED"|"SSE-KMS",
"KmsKeyArn": "string"
},
"JobBookmarksEncryption": {
"JobBookmarksEncryptionMode": "DISABLED"|"CSE-KMS",
"KmsKeyArn": "string"
}
}
--cli-input-json | --cli-input-yaml (string)
Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml.
--generate-cli-skeleton (string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. Similarly, if provided yaml-input it will print a sample input YAML that can be used with --cli-input-yaml. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.
--cli-auto-prompt (boolean)
Automatically prompt for CLI input parameters.
See ‘aws help’ for descriptions of global parameters.
Output¶
Name -> (string)
The name assigned to the new security configuration.
CreatedTimestamp -> (timestamp)
The time at which the new security configuration was created.