Glue Job Is Not Tagged

Overview

This check ensures that an AWS Glue Job has tags with the specific keys defined in the parameter Required Tag Keys. The control fails if the Job doesn't have any tag keys or if it doesn't have all the keys specified in the parameter Required Tag Keys. If the parameter Required Tag Keys isn't provided, the control only checks for the existence of a tag key and fails if the Job isn't tagged with any key. System tags, which are automatically applied and begin with aws: are ignored.

Vendor

AWS

Cloud Service

Glue

Input

{"requiredTagKeys":{"type":"string[]","label":"Required Tag Keys","value":[]}}

Glue.1

References

https://docs.aws.amazon.com/glue/latest/dg/monitor-tags.html, https://docs.aws.amazon.com/securityhub/latest/userguide/glue-controls.html#glue-1

Severity

Item Types

AWS::Glue::Job

Overview​

Vendor​

Cloud Service​

Input​

Related Controls​

References​

Severity​

Item Types​