diff --git a/aws/policy/application-services.yaml b/aws/policy/application-services.yaml
index 30222a61..bf24a19c 100644
--- a/aws/policy/application-services.yaml
+++ b/aws/policy/application-services.yaml
@@ -66,6 +66,9 @@ Statement:
       - kinesis:DescribeStream
       - cloudformation:DescribeStacks
       - cloudformation:ListExports
+      - glue:GetTags
+      - glue:TagResource
+      - glue:UntagResource
     Resource: "*"
   - Sid: AllowGlobalResourceRestrictedActionsWhichIncurNoFees
     Effect: Allow
@@ -98,11 +101,25 @@ Statement:
       - states:TagResource
       - states:UntagResource
       - logs:DescribeLogGroups
+      - elasticfilesystem:DescribeFileSystems
+      - elasticfilesystem:DescribeMountTargets
+      - elasticfilesystem:DescribeMountTargetSecurityGroups
+      - elasticfilesystem:DescribeTags
+      - elasticfilesystem:CreateFileSystem
+      - elasticfilesystem:CreateMountTarget
+      - elasticfilesystem:CreateTags
+      - elasticfilesystem:DeleteFileSystem
+      - elasticfilesystem:DeleteMountTarget
+      - kinesis:CreateStream
+      - kinesis:DeleteStream
       - kinesis:AddTagsToStream
       - kinesis:ListTagsForStream
       - kinesis:RemoveTagsFromStream
       - kinesis:StartStreamEncryption
       - kinesis:StopStreamEncryption
+      - glue:DeleteJob
+      - glue:UpdateJob
+      - glue:GetJob
     Resource:
       - 'arn:aws:ssm:{{ aws_region }}:{{ aws_account_id }}:parameter/*'
       - 'arn:aws:codebuild:{{ aws_region }}:{{ aws_account_id }}:*'
@@ -113,6 +130,7 @@ Statement:
       - 'arn:aws:logs:{{ aws_region }}:{{ aws_account_id }}:log-group:*'
       - 'arn:aws:states:{{ aws_region }}:{{ aws_account_id }}:*'
       - 'arn:aws:kinesis:{{ aws_region }}:{{ aws_account_id }}:stream/*'
+      - 'arn:aws:glue:{{ aws_region }}:{{ aws_account_id }}:job/*'
   - Sid: AllowGlobalRestrictedResourceActionsWhichIncurFees
     Effect: Allow
     Action:
@@ -125,9 +143,11 @@ Statement:
       - kinesis:DeleteStream
       - kinesis:IncreaseStreamRetentionPeriod
       - kinesis:UpdateShardCount
+      - glue:CreateJob
     Resource:
       - 'arn:aws:states:{{ aws_region }}:{{ aws_account_id }}:*'
       - 'arn:aws:kinesis:{{ aws_region }}:{{ aws_account_id }}:stream/*'
+      - 'arn:aws:glue:{{ aws_region }}:{{ aws_account_id }}:job/*'
   - Sid: ModifyCloudwatchLogs
     Effect: Allow
     Action:
diff --git a/aws/terminator/data_services.py b/aws/terminator/data_services.py
index 0957b48c..b46bcbc5 100644
--- a/aws/terminator/data_services.py
+++ b/aws/terminator/data_services.py
@@ -72,6 +72,27 @@ def terminate(self):
         self.client.delete_connection(ConnectionName=self.name)
 
 
+class GlueJob(Terminator):
+    @staticmethod
+    def create(credentials):
+        return Terminator._create(credentials, GlueJob, 'glue', lambda client: client.get_jobs()['Jobs'])
+
+    @property
+    def id(self):
+        return self.instance['Name']
+
+    @property
+    def name(self):
+        return self.instance['Name']
+
+    @property
+    def created_time(self):
+        return self.instance['CreatedOn']
+
+    def terminate(self):
+        self.client.delete_job(JobName=self.name)
+
+
 class Glacier(Terminator):
     @staticmethod
     def create(credentials):