Open menu
-->

AWS Glue Best Practices



Enable CloudWatch Logs Encryption for AWS Glue
Ensure that at-rest encryption is enabled when writing Amazon Glue logs to CloudWatch Logs.

Enable AWS Glue Data Catalog Encryption
Ensure that Amazon Glue Data Catalog objects and connection passwords are encrypted.

Use KMS Customer Master Keys for AWS Glue Data Catalog Encryption
Ensure that Amazon Glue Data Catalogs enforce data-at-rest encryption using KMS CMKs.

Enable AWS Glue Job Bookmark Encryption
Ensure that encryption at rest is enabled for Amazon Glue job bookmarks.

Enable S3 Encryption for AWS Glue
Ensure that at-rest encryption is enabled when writing AWS Glue data to Amazon S3.