Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add module to handle Glue security configurations #26

Merged
merged 2 commits into from
May 29, 2024
Merged

Add module to handle Glue security configurations #26

merged 2 commits into from
May 29, 2024

Conversation

gsoria
Copy link

@gsoria gsoria commented May 27, 2024

This PR adds a new module to handle Glue Security Configurations. This module was written by @swhite-oreilly, with the only difference that when checking for the next token apart from checking for nil, it checks for an empty string. That was causing aws-nuke to hang when trying to delete this resource.

Testing

  1. Use a test account, and create the glue security configuration
# Create a KMS key
KMS_KEY_ARN=$(aws kms create-key --query 'KeyMetadata.Arn' --output text)
echo "KMS key created: $KMS_KEY_ARN"

# Create a Glue security configuration with the created KMS key ARN
aws glue create-security-configuration \
    --name "testSecurityConfig" \
    --encryption-configuration '{
        "S3Encryption": [
            {
                "S3EncryptionMode": "SSE-KMS",
                "KmsKeyArn": "'"$KMS_KEY_ARN"'"
            }
        ],
        "CloudWatchEncryption": {
            "CloudWatchEncryptionMode": "SSE-KMS",
            "KmsKeyArn": "'"$KMS_KEY_ARN"'"
        },
        "JobBookmarksEncryption": {
            "JobBookmarksEncryptionMode": "CSE-KMS",
            "KmsKeyArn": "'"$KMS_KEY_ARN"'"
        }
    }'
echo "Glue security configuration created"

# Listing security configurations
aws glue get-security-configurations
  1. Run aws-nuke against the selected account
  2. Check that glue security configurations were correctly deleted aws glue get-security-configurations

@gsoria
Reformat the file
9517b36 
Signed-off-by: Gabriela S. Soria <[email protected]>
danarbaugh
danarbaugh approved these changes May 29, 2024
View reviewed changes
Copy link
Member

@danarbaugh danarbaugh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I used the script in the supporting PR and witnessed this output after running cleanup following this change:

us-east-1 - GlueSecurityConfiguration - testSecurityConfig - [Name: "testSecurityConfig"] - removed

@gsoria gsoria merged commit fca7b90 into oreilly-main May 29, 2024
1 check passed
@swhite-oreilly
Copy link

@gsoria sorry I was late on this one. I tested this as well and it worked as expected. What was the line that was causing the hangup from my original try? Just curious.

corybekk pushed a commit that referenced this pull request Nov 6, 2024
@ekristen
docs: adding badges to README.md (#26)
e6a2209 
Signed-off-by: Erik Kristensen <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@danarbaugh danarbaugh danarbaugh approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@gsoria @swhite-oreilly @danarbaugh