[ aws . glue ]

create-security-configuration

Description

Creates a new security configuration. A security configuration is a set of security properties that can be used by AWS Glue. You can use a security configuration to encrypt data at rest. For information about using security configurations in AWS Glue, see Encrypting Data Written by Crawlers, Jobs, and Development Endpoints .

See also: AWS API Documentation

See ‘aws help’ for descriptions of global parameters.

Synopsis

  create-security-configuration
--name <value>
--encryption-configuration <value>
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]

Options

--name (string)

The name for the new security configuration.

--encryption-configuration (structure)

The encryption configuration for the new security configuration.

S3Encryption -> (list)

The encryption configuration for Amazon Simple Storage Service (Amazon S3) data.

(structure)

Specifies how Amazon Simple Storage Service (Amazon S3) data should be encrypted.

S3EncryptionMode -> (string)

The encryption mode to use for Amazon S3 data.

KmsKeyArn -> (string)

The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.

CloudWatchEncryption -> (structure)

The encryption configuration for Amazon CloudWatch.

CloudWatchEncryptionMode -> (string)

The encryption mode to use for CloudWatch data.

KmsKeyArn -> (string)

The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.

JobBookmarksEncryption -> (structure)

The encryption configuration for job bookmarks.

JobBookmarksEncryptionMode -> (string)

The encryption mode to use for job bookmarks data.

KmsKeyArn -> (string)

The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.

Shorthand Syntax:

S3Encryption=[{S3EncryptionMode=string,KmsKeyArn=string},{S3EncryptionMode=string,KmsKeyArn=string}],CloudWatchEncryption={CloudWatchEncryptionMode=string,KmsKeyArn=string},JobBookmarksEncryption={JobBookmarksEncryptionMode=string,KmsKeyArn=string}

JSON Syntax:

{
  "S3Encryption": [
    {
      "S3EncryptionMode": "DISABLED"|"SSE-KMS"|"SSE-S3",
      "KmsKeyArn": "string"
    }
    ...
  ],
  "CloudWatchEncryption": {
    "CloudWatchEncryptionMode": "DISABLED"|"SSE-KMS",
    "KmsKeyArn": "string"
  },
  "JobBookmarksEncryption": {
    "JobBookmarksEncryptionMode": "DISABLED"|"CSE-KMS",
    "KmsKeyArn": "string"
  }
}

--cli-input-json | --cli-input-yaml (string) Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. Similarly, if provided yaml-input it will print a sample input YAML that can be used with --cli-input-yaml. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

See ‘aws help’ for descriptions of global parameters.

Output

Name -> (string)

The name assigned to the new security configuration.

CreatedTimestamp -> (timestamp)

The time at which the new security configuration was created.