问题
The scenario is this: Our snowflake will only be accessible by whitelisted IP addresses. If we plan to use AWS Glue what IP address can we use so that it will allow us to connect to snowflake? I need a way to identify that this AWS Glue job with IP address (endpoint) so that it can be identified in Snowflake. I want to use an AWS Glue because it is a serverless orchestration tool.
Thanks, D.
回答1:
AWS has specified the ip-ranges of several services and regions, but Glue is currently not listed.
You can achieve the required behavior with the following workaround:
- Create a VPC with private and public subnet. Public subnet's route table will have the Internet Gateway, while private subnet's route table will have the NAT Gateway configured. Assign an Elastic IP address to your NAT Gateway.
- Create a Glue Connection. You may enter any arbitrary JDBC string and password, yet you will assign the VPC and private subnet you just created. Assign the security group with all the inbound and outbound traffic open.
- Attach this Glue Connection to your Glue Job, and from now on all the Glue Job traffic will pass through the NAT Gateway. The NAT Gateway's IP address must be whitelisted in snowflake.
More details about Glue Connection properties. Please consider that there's an extra hop of NAT Gateway that may cause minor delays.
来源:https://stackoverflow.com/questions/64410007/can-you-have-permanent-ip-address-with-aws-glue-so-that-it-can-be-whitelisted-in