AWS Secrets Manager allows you to safely store and use data source credential information. Once you obtain the credential information for your data source, you must store this information as a secret in AWS Secrets Manager. The secret allows you to connect using an OAuth 2.0 grant. When creating a connection, you must specify the name of the secret you created to store your data source credential information.

Important: Your AWS Glue ETL job and secret must be hosted in the same region. Cross-region secret retrieval is not currently supported.

When you create a secret, you enter key-value pairs for each credential you are storing in the Secrets Manager. The keys are case-sensitive and must match the keys provided in the JDBC URL result field when creating a connection (see Creating a Google BigQuery connection in AWS Glue Studio).

For more information about creating and using secrets, refer to Creating and Managing Secrets with AWS Secrets Manager.