AWSGlue的EMRFS角色映射等价物如何实现？ _编程开发

AWSGlue的EMRFS角色映射等价物如何实现？

创始人

2024-09-25 15:02:12

0次

AWS Glue 中，可以使用类似于 EMRFS 角色映射的机制来配置作业运行的 IAM 角色和访问 S3 存储桶的权限。

以下是使用 Python API 进行 AWS Glue IAM 角色配置和 S3 存储桶权限授权的示例代码：

import boto3
import json

glue = boto3.client('glue')
iam = boto3.client('iam')

# 创建 IAM 角色
role_name = 'my-glue-role'
assume_role_policy_doc = {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Service": "glue.amazonaws.com"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

response = iam.create_role(
    RoleName=role_name,
    AssumeRolePolicyDocument=json.dumps(assume_role_policy_doc)
)

# 配置 S3 存储桶权限
bucket_name = 'my-bucket'
region = 'us-west-2'

policy_doc = {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "s3:GetObject",
        "s3:PutObject"
      ],
      "Effect": "Allow",
      "Resource": [
        f"arn:aws:s3:::{bucket_name}/*",
        f"arn:aws:s3:::{bucket_name}"
      ],
      "Sid": "AddGluePermissions"
    }
  ]
}

response = glue.put_data_catalog_encryption_settings(
    CatalogId='AWSDataCatalog',
    DataCatalogEncryptionSettings={
        'EncryptionAtRest': {
            'CatalogEncryptionMode': 'SSE-S3'
        },
        'ConnectionPasswordEncryption': {
            'ReturnConnectionPasswordEncrypted': True
        },
        'S3EncryptionSettings': {
            'S3EncryptionMode': 'SSE-S3',
            'KmsKeyArn': 'arn:aws:kms:us-west-2:xxxx:key/xxxx'
        },
        'DatabaseEncryptionSettings': {
            'EncryptionAtRest': {
                'CatalogEncryptionMode': 'SSE-KMS',
                'SseAwsKmsKeyId': 'arn:aws:kms:us-west-2:xxxx:key/xxxx'
            }
        }
    }
)

response = glue.put_resource_policy(
    PolicyInJson=json.dumps(policy_doc),
    EnableHybrid=True,
    ResourceArn=f"arn:aws:s3:::{bucket_name}",
    PolicyHashCondition='IGNORE',
    PolicyExists

上一篇：AWSGlue的API是否按照顺序返回分区键字段？

下一篇：AWSGlue的PythonShell作业出现“内部服务错误”

AWSGlue的EMRFS角色映射等价物如何实现？

相关内容

热门资讯