Glue

It's time to start the technical onboarding with Catalog. It's pretty simple; you need to grant access to your Glue Catalog to Coalesce Catalog

What is required to complete the onboarding?

You need certain qualifications to complete the onboarding.

Permission to create IAM roles and policies in AWS
Permission to create a user for Catalog, with the roles and policies defined above

1. If needed, whitelist Catalog IP

Here is our fixed IP: 35.246.176.138

2. Create relevant IAM Policies

You'll find below the policy to create, granting only metadata access.

Make sure to replace <regions> and <account_id> with your own.

{
	"Version": "2022-08-17",
	"Statement": [
		{
			"Effect": "Allow",
			"Action": [
				"glue:GetDatabase",
				"glue:GetDatabases",
				"glue:GetTable",
				"glue:GetTables",
				"glue:GetPartition",
				"glue:GetPartitions",
				"glue:BatchGetPartition"
				"glue:SearchTables",
				"glue:GetTableVersions",
				"glue:GetTableVersion",
				"glue:GetUserDefinedFunctions",
				"glue:GetUserDefinedFunction"
			],
			"Resource": [
				"arn:aws:glue:<region>:<account_id>:tableVersion/*/*/*",
				"arn:aws:glue:<region>:<account_id>:table/*/*",
				"arn:aws:glue:<region>:<account_id>:catalog",
				"arn:aws:glue:<region>:<account_id>:database/*"
			]
		},
		{
			"Effect": "Allow",
			"Action": [
				"s3:ListBucket",
				"s3:GetBucketLocation",
				"s3:ListAllMyBuckets"
			],
			"Resource": [
				"*"
			]
		}
	]
}

3. Create a Catalog user

Create a user following these instructions provided by Amazon: Creating an Amazon User.
Add the policy created above to this user

4. Add user's connection info on Catalog

On Catalog's Glue integration page, add your credentials in the following format:

{
	"aws_region": "<your_region>",
	"aws_account_id": "<your_account>",
	"access_key_id": "<your_key_id>",
	"access_key_secret": "<your_secret>"
}

PreviousFivetran set up NextMySQL

Last updated 3 months ago

Was this helpful?