Create a VPC Endpoint for S3, which is required for Glue jobs

controlshift · Nov 16, 2021 · 371a542 · 371a542
1 parent 2103b17
commit 371a542
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 0 deletions.
diff --git a/glue_job.tf b/glue_job.tf
@@ -246,3 +246,14 @@ resource "aws_cloudwatch_event_target" "notify_failed_glue_job" {
   target_id = "notify-failed-glue-job-run"
   arn       = aws_sns_topic.glue_job_failure.arn
 }
+
+
+data "aws_vpc" "main" {
+  id = var.vpc_id
+}
+
+# Glue jobs require a VPC endpoint for connecting to S3
+resource "aws_vpc_endpoint" "s3" {
+  vpc_id       = data.aws_vpc.main.id
+  service_name = "com.amazonaws.${var.aws_region}.s3"
+}
diff --git a/variables.tf b/variables.tf
@@ -110,3 +110,8 @@ variable "glue_physical_connection_requirements" {
   type = object({ availability_zone=string, subnet_id=string, security_group_id_list=list(string) })
   description = "A terraform map of the physical_connection_requirements property of the glue redshift connection. See Terraform aws_glue_connection docs."
 }
+
+variable "vpc_id" {
+  type = string
+  description = "The ID of the VPC Glue uses for connecting with Redshift"
+}