Class CfnDataLakeSettings
A CloudFormation AWS::LakeFormation::DataLakeSettings.
Inherited Members
Namespace: Amazon.CDK.AWS.LakeFormation
Assembly: Amazon.CDK.AWS.LakeFormation.dll
Syntax (csharp)
public class CfnDataLakeSettings : CfnResource, IConstruct, IDependable, IInspectableSyntax (vb)
Public Class CfnDataLakeSettings
Inherits CfnResource
Implements IConstruct, IDependable, IInspectableRemarks
The AWS::LakeFormation::DataLakeSettings resource is an AWS Lake Formation resource type that manages the data lake settings for your account.
CloudformationResource: AWS::LakeFormation::DataLakeSettings
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.LakeFormation;
var parameters;
var cfnDataLakeSettings = new CfnDataLakeSettings(this, "MyCfnDataLakeSettings", new CfnDataLakeSettingsProps {
Admins = new [] { new DataLakePrincipalProperty {
DataLakePrincipalIdentifier = "dataLakePrincipalIdentifier"
} },
AllowExternalDataFiltering = false,
AuthorizedSessionTagValueList = new [] { "authorizedSessionTagValueList" },
CreateDatabaseDefaultPermissions = new [] { new PrincipalPermissionsProperty {
Permissions = new [] { "permissions" },
Principal = new DataLakePrincipalProperty {
DataLakePrincipalIdentifier = "dataLakePrincipalIdentifier"
}
} },
CreateTableDefaultPermissions = new [] { new PrincipalPermissionsProperty {
Permissions = new [] { "permissions" },
Principal = new DataLakePrincipalProperty {
DataLakePrincipalIdentifier = "dataLakePrincipalIdentifier"
}
} },
ExternalDataFilteringAllowList = new [] { new DataLakePrincipalProperty {
DataLakePrincipalIdentifier = "dataLakePrincipalIdentifier"
} },
Parameters = parameters,
TrustedResourceOwners = new [] { "trustedResourceOwners" }
});Synopsis
Constructors
| CfnDataLakeSettings(Construct, String, ICfnDataLakeSettingsProps) | Create a new |
| CfnDataLakeSettings(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
| CfnDataLakeSettings(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
Properties
| Admins | A list of AWS Lake Formation principals. |
| AllowExternalDataFiltering | Whether to allow Amazon EMR clusters or other third-party query engines to access data managed by Lake Formation . |
| AuthorizedSessionTagValueList | Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. |
| CFN_RESOURCE_TYPE_NAME | The CloudFormation resource type name for this resource class. |
| CfnProperties | |
| CreateDatabaseDefaultPermissions | Specifies whether access control on a newly created database is managed by Lake Formation permissions or exclusively by IAM permissions. |
| CreateTableDefaultPermissions | Specifies whether access control on a newly created table is managed by Lake Formation permissions or exclusively by IAM permissions. |
| ExternalDataFilteringAllowList | A list of the account IDs of AWS accounts with Amazon EMR clusters or third-party engines that are allwed to perform data filtering. |
| Parameters | A key-value map that provides an additional configuration on your data lake. |
| TrustedResourceOwners | An array of UTF-8 strings. |
Methods
| Inspect(TreeInspector) | Examines the CloudFormation resource and discloses attributes. |
| RenderProperties(IDictionary<String, Object>) |
Constructors
CfnDataLakeSettings(Construct, String, ICfnDataLakeSettingsProps)
Create a new AWS::LakeFormation::DataLakeSettings.
public CfnDataLakeSettings(Construct scope, string id, ICfnDataLakeSettingsProps props = null)Parameters
- scope Construct
- scope in which this resource is defined.
- id System.String
- scoped id of the resource.
- props ICfnDataLakeSettingsProps
- resource properties.
CfnDataLakeSettings(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected CfnDataLakeSettings(ByRefValue reference)Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
CfnDataLakeSettings(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected CfnDataLakeSettings(DeputyBase.DeputyProps props)Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
Properties
Admins
A list of AWS Lake Formation principals.
public virtual object Admins { get; set; }Property Value
System.Object
Remarks
AllowExternalDataFiltering
Whether to allow Amazon EMR clusters or other third-party query engines to access data managed by Lake Formation .
public virtual object AllowExternalDataFiltering { get; set; }Property Value
System.Object
Remarks
If set to true, you allow Amazon EMR clusters or other third-party engines to access data in Amazon S3 locations that are registered with Lake Formation .
If false or null, no third-party query engines will be able to access data in Amazon S3 locations that are registered with Lake Formation.
For more information, see External data filtering setting .
AuthorizedSessionTagValueList
Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it.
public virtual string[] AuthorizedSessionTagValueList { get; set; }Property Value
System.String[]
Remarks
Lake Formation will publish the acceptable key-value pair, for example key = "LakeFormationTrustedCaller" and value = "TRUE" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation 's administrative API operations.
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
public static string CFN_RESOURCE_TYPE_NAME { get; }Property Value
System.String
CfnProperties
protected override IDictionary<string, object> CfnProperties { get; }Property Value
System.Collections.Generic.IDictionary<System.String, System.Object>
Overrides
CreateDatabaseDefaultPermissions
Specifies whether access control on a newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.
public virtual object CreateDatabaseDefaultPermissions { get; set; }Property Value
System.Object
Remarks
A null value indicates that the access is controlled by Lake Formation permissions. ALL permissions assigned to IAM_ALLOWED_PRINCIPALS group indicates that the user's IAM permissions determine the access to the database. This is referred to as the setting "Use only IAM access control," and is to support backward compatibility with the AWS Glue permission model implemented by IAM permissions.
The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS .
For more information, see Changing the default security settings for your data lake .
CreateTableDefaultPermissions
Specifies whether access control on a newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.
public virtual object CreateTableDefaultPermissions { get; set; }Property Value
System.Object
Remarks
A null value indicates that the access is controlled by Lake Formation permissions. ALL permissions assigned to IAM_ALLOWED_PRINCIPALS group indicate that the user's IAM permissions determine the access to the table. This is referred to as the setting "Use only IAM access control," and is to support the backward compatibility with the AWS Glue permission model implemented by IAM permissions.
The only permitted values are an empty array or an array that contains a single JSON object that grants ALL permissions to IAM_ALLOWED_PRINCIPALS .
For more information, see Changing the default security settings for your data lake .
ExternalDataFilteringAllowList
A list of the account IDs of AWS accounts with Amazon EMR clusters or third-party engines that are allwed to perform data filtering.
public virtual object ExternalDataFilteringAllowList { get; set; }Property Value
System.Object
Remarks
Parameters
A key-value map that provides an additional configuration on your data lake.
public virtual object Parameters { get; set; }Property Value
System.Object
Remarks
CrossAccountVersion is the key you can configure in the Parameters field. Accepted values for the CrossAccountVersion key are 1, 2, and 3.
TrustedResourceOwners
An array of UTF-8 strings.
public virtual string[] TrustedResourceOwners { get; set; }Property Value
System.String[]
Remarks
A list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log. You may want to specify this property when you are in a high-trust boundary, such as the same team or company.
Methods
Inspect(TreeInspector)
Examines the CloudFormation resource and discloses attributes.
public virtual void Inspect(TreeInspector inspector)Parameters
- inspector TreeInspector
- tree inspector to collect and process attributes.
RenderProperties(IDictionary<String, Object>)
protected override IDictionary<string, object> RenderProperties(IDictionary<string, object> props)Parameters
- props System.Collections.Generic.IDictionary<System.String, System.Object>
Returns
System.Collections.Generic.IDictionary<System.String, System.Object>