:doc:`Glue <../../glue>` / Client / create_security_configuration

*****************************
create_security_configuration
*****************************



.. py:method:: Glue.Client.create_security_configuration(**kwargs)

  

  Creates a new security configuration. A security configuration is a set of security properties that can be used by Glue. You can use a security configuration to encrypt data at rest. For information about using security configurations in Glue, see `Encrypting Data Written by Crawlers, Jobs, and Development Endpoints <https://docs.aws.amazon.com/glue/latest/dg/encryption-security-configuration.html>`__.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/glue-2017-03-31/CreateSecurityConfiguration>`_  


  **Request Syntax**
  ::

    response = client.create_security_configuration(
        Name='string',
        EncryptionConfiguration={
            'S3Encryption': [
                {
                    'S3EncryptionMode': 'DISABLED'|'SSE-KMS'|'SSE-S3',
                    'KmsKeyArn': 'string'
                },
            ],
            'CloudWatchEncryption': {
                'CloudWatchEncryptionMode': 'DISABLED'|'SSE-KMS',
                'KmsKeyArn': 'string'
            },
            'JobBookmarksEncryption': {
                'JobBookmarksEncryptionMode': 'DISABLED'|'CSE-KMS',
                'KmsKeyArn': 'string'
            },
            'DataQualityEncryption': {
                'DataQualityEncryptionMode': 'DISABLED'|'SSE-KMS',
                'KmsKeyArn': 'string'
            }
        }
    )
    
  :type Name: string
  :param Name: **[REQUIRED]** 

    The name for the new security configuration.

    

  
  :type EncryptionConfiguration: dict
  :param EncryptionConfiguration: **[REQUIRED]** 

    The encryption configuration for the new security configuration.

    

  
    - **S3Encryption** *(list) --* 

      The encryption configuration for Amazon Simple Storage Service (Amazon S3) data.

      

    
      - *(dict) --* 

        Specifies how Amazon Simple Storage Service (Amazon S3) data should be encrypted.

        

      
        - **S3EncryptionMode** *(string) --* 

          The encryption mode to use for Amazon S3 data.

          

        
        - **KmsKeyArn** *(string) --* 

          The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.

          

        
      
  
    - **CloudWatchEncryption** *(dict) --* 

      The encryption configuration for Amazon CloudWatch.

      

    
      - **CloudWatchEncryptionMode** *(string) --* 

        The encryption mode to use for CloudWatch data.

        

      
      - **KmsKeyArn** *(string) --* 

        The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.

        

      
    
    - **JobBookmarksEncryption** *(dict) --* 

      The encryption configuration for job bookmarks.

      

    
      - **JobBookmarksEncryptionMode** *(string) --* 

        The encryption mode to use for job bookmarks data.

        

      
      - **KmsKeyArn** *(string) --* 

        The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.

        

      
    
    - **DataQualityEncryption** *(dict) --* 

      The encryption configuration for Glue Data Quality assets.

      

    
      - **DataQualityEncryptionMode** *(string) --* 

        The encryption mode to use for encrypting Data Quality assets. These assets include data quality rulesets, results, statistics, anomaly detection models and observations.

         

        Valid values are ``SSEKMS`` for encryption using a customer-managed KMS key, or ``DISABLED``.

        

      
      - **KmsKeyArn** *(string) --* 

        The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.

        

      
    
  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'Name': 'string',
          'CreatedTimestamp': datetime(2015, 1, 1)
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **Name** *(string) --* 

        The name assigned to the new security configuration.

        
      

      - **CreatedTimestamp** *(datetime) --* 

        The time at which the new security configuration was created.

        
  
  **Exceptions**
  
  *   :py:class:`Glue.Client.exceptions.AlreadyExistsException`

  
  *   :py:class:`Glue.Client.exceptions.InvalidInputException`

  
  *   :py:class:`Glue.Client.exceptions.InternalServiceException`

  
  *   :py:class:`Glue.Client.exceptions.OperationTimeoutException`

  
  *   :py:class:`Glue.Client.exceptions.ResourceNumberLimitExceededException`

  