AWS IAM Permissions for AWS Glue
Identity and Access Management (IAM) allows you to regulate access to your AWS resources, thus ensuring that only users with the respective permissions have access to your AWS data.
The permissions required to work with AWS Glue jobs are the following:
-
Start Blueprint Job
Requires permissions for glue:ListBlueprints, glue:StartBlueprintRun, iam:PassRole, glue:GetBlueprintRun, and glue:DeleteWorkflow
-
Start Crawler Job
Requires permissions for glue:ListCrawlers, glue:StartCrawler, glue:StopCrawler, and glue:GetCrawler
-
Start Trigger Job
Requires permissions for glue:ListTriggers and glue:StartTrigger
-
Start Job Run Job
Requires permissions for glue:StartJobRun, glue:GetJobRun, glue:BatchStopJobRun, and glue:ListJobs
-
Start Workflow Job
Requires permissions for glue:StartWorkflowRun, glue:StopWorkflowRun, glue:GetWorkflowRun, glue:ListWorkflows and glue:DeleteWorkflow
See also: