堆栈内存溢出
  简体   繁体   English

从 VPC 将 Glue 连接到 RDS、S3 和 Secrets Manager

[英]Connect Glue to RDS, S3 and Secrets manager from VPC

 原文  2021-07-28 08:57:09       aws-glue

问题描述

I need my Glue job to access a VPC accessible RDS, s3 bucket and Secrets Manager.我需要我的 Glue 作业来访问 VPC 可访问 RDS、s3 存储桶和 Secrets Manager。

I've created a JDBC connection and verified that it works fine.我创建了一个 JDBC 连接并验证它工作正常。 I've also created a.network connection and verified that it has access to the required s3 bucket.我还创建了一个.network 连接并验证它可以访问所需的 s3 存储桶。 These were both confirmed using the "Test connection" feature in the AWS UI.这些都是使用 AWS UI 中的“测试连接”功能确认的。

When I create a Glue job, I can add multiple connections.当我创建 Glue 作业时,我可以添加多个连接。 I add both connections.我添加了两个连接。

If I add the.network connection first, I can successfully connect to s3 but the connection to SecretsManager times out.如果我先添加 .network 连接,我可以成功连接到 s3,但与 SecretsManager 的连接超时。 If I add the JDBC connection first the s3 connection fails but the SecretsManager and RDS connection work fine.如果我先添加 JDBC 连接,s3 连接失败,但 SecretsManager 和 RDS 连接工作正常。

Is there something I'm missing in terms of this configuration?就此配置而言,我缺少什么吗? Are multiple connections actually supported or it a UI bug that I can add multiple?实际上支持多个连接还是我可以添加多个的 UI 错误?

Thanks for any pointers.感谢您的指点。

1 个解决方案

解决方案1
 0 已采纳  2021-10-01 14:01:15

I was pretty ignorant of Glue when I asked above.当我在上面询问时,我对胶水一无所知。

I only needed a single connection, of type "Network" to allow access to the 3 resources that I outlined above.我只需要一个类型为“网络”的连接来允许访问我上面概述的 3 种资源。

Once this connection was correctly configured (and by correctly I mean Security Groups and ACL access were in place) I could access:正确配置此连接后(正确的意思是安全组和 ACL 访问就位)我可以访问:

  • my RDS (in another private su.net in the VPC)我的 RDS(在 VPC 中的另一个私有 su.net 中)
  • S3 (via correctly configured VPC Gateway) S3(通过正确配置的 VPC 网关)
  • SecretsManager (via correctly configured VPC Gateway) SecretsManager(通过正确配置的 VPC 网关)

IMVHO, the "JDBC connection" feature is a little confusing - at least it was for me. IMVHO,“JDBC 连接”功能有点令人困惑——至少对我来说是这样。 It is *not * required to access a Database. *不需要 * 访问数据库。 It is a "special" type of Network connection which can be used to store credential info as metadata on the connection object (check with your security folks before you do this - I don't know how this is stored on the AWS backend).它是一种“特殊”类型的网络连接,可用于将凭证信息作为元数据存储在连接 object 上(在执行此操作之前请咨询您的安全人员 - 我不知道这是如何存储在 AWS 后端的)。

Anyway, Glue wasn't the issue here - my own ignorance was.无论如何,胶水不是这里的问题 - 我自己的无知是。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 AWS Glue 从 VPC 中的 RDS 数据库读取 - AWS Glue read from RDS database that's in VPC 如何将 AWS RDS 连接到 AWS Glue? (专有网络) - How to connect AWS RDS to AWS Glue ? (VPC) 使用 Glue 将数据从 RDS 移动到 S3 - Moving data from RDS to S3 using Glue 使用胶水将数据从 s3 发送到 postres rds - send data from s3 to postres rds with glue 使用 AWS Glue ETL 将镶木地板文件从 S3 加载到 AWS RDS 需要很长时间 - Loading parquet file from S3 to AWS RDS taking extremely long time using AWS Glue ETL 如何从 AWS Glue Python Shell 连接到 RDS 实例? - How to Connect to RDS Instance from AWS Glue Python Shell? AWS Lambda 访问 Redshift、S3 和 Secrets Manager - AWS Lambda access to Redshift, S3 and Secrets Manager 通过 VPC 对等连接到 RDS - Connect to RDS through VPC Peering 从 S3 到 RDS 的数据迁移 - Data migration from S3 to RDS 从 S3 VPC 端点安装 AWS Cloudwatch 代理 - Install the AWS Cloudwatch Agent from a S3 VPC endpoint
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM