Last active
November 30, 2021 19:18
-
-
Save russellpierce/82f78cff17b37ae9d04419b0d1ac04d6 to your computer and use it in GitHub Desktop.
Basic Terraform Setup for AWS Glue
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Discussion on Medium: https://medium.com/@russell.s.pierce/setting-up-aws-glue-with-terraform-8f601cf36366 | |
| resource "aws_iam_role" "glue" { | |
| name = "AWSGlueServiceRoleDefault" | |
| assume_role_policy = <<EOF | |
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Action": "sts:AssumeRole", | |
| "Principal": { | |
| "Service": "glue.amazonaws.com" | |
| }, | |
| "Effect": "Allow", | |
| "Sid": "" | |
| } | |
| ] | |
| } | |
| EOF | |
| } | |
| resource "aws_iam_role_policy_attachment" "glue_service" { | |
| role = "${aws_iam_role.glue.id}" | |
| policy_arn = "arn:aws:iam::aws:policy/service-role/AWSGlueServiceRole" | |
| } | |
| ## If you don't already have a policy, uncomment this section | |
| #resource "aws_iam_role_policy" "my_s3_policy" { | |
| # name = "my_s3_policy" | |
| # role = "${aws_iam_role.glue.id}" | |
| # policy = <<EOF | |
| #{ | |
| # "Version": "2012-10-17", | |
| # "Statement": [ | |
| # { | |
| # "Effect": "Allow", | |
| # "Action": [ | |
| # "s3:*" | |
| # ], | |
| # "Resource": [ | |
| # "arn:aws:s3:::my_bucket", | |
| # "arn:aws:s3:::my_bucket/*" | |
| # ] | |
| # } | |
| # ] | |
| #} | |
| #EOF | |
| #} | |
| # If you already have a policy you want to use, uncomment this section: | |
| #resource "aws_iam_role_policy" "glue_service_s3" { | |
| # name = "glue_service_s3" | |
| # role = "${aws_iam_role.glue.id}" | |
| # policy = "${aws_iam_role_policy.my_s3_policy.policy}" | |
| #} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment