Glue
It's time to start the technical onboarding with Catalog. It's pretty simple; you need to grant access to your Glue Catalog to Coalesce Catalog
What is required to complete the onboarding?
You need certain qualifications to complete the onboarding.
Permission to create IAM roles and policies in AWS
Permission to create a user for Catalog, with the roles and policies defined above
1. If needed, whitelist Catalog IP
Here is our fixed IP: 35.246.176.138
2. Create relevant IAM Policies
You'll find below the policy to create, granting only metadata access.
Make sure to replace <regions>
and <account_id>
with your own.
{
"Version": "2022-08-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"glue:GetDatabase",
"glue:GetDatabases",
"glue:GetTable",
"glue:GetTables",
"glue:GetPartition",
"glue:GetPartitions",
"glue:BatchGetPartition"
"glue:SearchTables",
"glue:GetTableVersions",
"glue:GetTableVersion",
"glue:GetUserDefinedFunctions",
"glue:GetUserDefinedFunction"
],
"Resource": [
"arn:aws:glue:<region>:<account_id>:tableVersion/*/*/*",
"arn:aws:glue:<region>:<account_id>:table/*/*",
"arn:aws:glue:<region>:<account_id>:catalog",
"arn:aws:glue:<region>:<account_id>:database/*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:ListAllMyBuckets"
],
"Resource": [
"*"
]
}
]
}
3. Create a Catalog user
Create a user following these instructions provided by Amazon: Creating an Amazon User.
Add the policy created above to this user
4. Add user's connection info on Catalog
On Catalog's Glue integration page, add your credentials in the following format:
{
"aws_region": "<your_region>",
"aws_account_id": "<your_account>",
"access_key_id": "<your_key_id>",
"access_key_secret": "<your_secret>"
}
Last updated
Was this helpful?