CfnPermissionsPropsMixin
- class aws_cdk.mixins_preview.aws_lakeformation.mixins.CfnPermissionsPropsMixin(props, *, strategy=None)
Bases:
MixinThe
AWS::LakeFormation::Permissionsresource represents the permissions that a principal has on an AWS Glue Data Catalog resource (such as AWS Glue database or AWS Glue tables).When you upload a permissions stack, the permissions are granted to the principal and when you remove the stack, the permissions are revoked from the principal. If you remove a stack, and the principal does not have the permissions referenced in the stack then AWS Lake Formation will throw an error because you can’t call revoke on non-existing permissions. To successfully remove the stack, you’ll need to regrant those permissions and then remove the stack. .. epigraph:
New versions of AWS Lake Formation permission resources are now available. For more information, see: `AWS:LakeFormation::PrincipalPermissions <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-principalpermissions.html>`_
- See:
- CloudformationResource:
AWS::LakeFormation::Permissions
- Mixin:
true
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview import mixins from aws_cdk.mixins_preview.aws_lakeformation import mixins as lakeformation_mixins cfn_permissions_props_mixin = lakeformation_mixins.CfnPermissionsPropsMixin(lakeformation_mixins.CfnPermissionsMixinProps( data_lake_principal=lakeformation_mixins.CfnPermissionsPropsMixin.DataLakePrincipalProperty( data_lake_principal_identifier="dataLakePrincipalIdentifier" ), permissions=["permissions"], permissions_with_grant_option=["permissionsWithGrantOption"], resource=lakeformation_mixins.CfnPermissionsPropsMixin.ResourceProperty( database_resource=lakeformation_mixins.CfnPermissionsPropsMixin.DatabaseResourceProperty( catalog_id="catalogId", name="name" ), data_location_resource=lakeformation_mixins.CfnPermissionsPropsMixin.DataLocationResourceProperty( catalog_id="catalogId", s3_resource="s3Resource" ), table_resource=lakeformation_mixins.CfnPermissionsPropsMixin.TableResourceProperty( catalog_id="catalogId", database_name="databaseName", name="name", table_wildcard=lakeformation_mixins.CfnPermissionsPropsMixin.TableWildcardProperty() ), table_with_columns_resource=lakeformation_mixins.CfnPermissionsPropsMixin.TableWithColumnsResourceProperty( catalog_id="catalogId", column_names=["columnNames"], column_wildcard=lakeformation_mixins.CfnPermissionsPropsMixin.ColumnWildcardProperty( excluded_column_names=["excludedColumnNames"] ), database_name="databaseName", name="name" ) ) ), strategy=mixins.PropertyMergeStrategy.OVERRIDE )
Create a mixin to apply properties to
AWS::LakeFormation::Permissions.- Parameters:
props (
Union[CfnPermissionsMixinProps,Dict[str,Any]]) – L1 properties to apply.strategy (
Optional[PropertyMergeStrategy]) – (experimental) Strategy for merging nested properties. Default: - PropertyMergeStrategy.MERGE
Methods
- apply_to(construct)
Apply the mixin properties to the construct.
- Parameters:
construct (
IConstruct)- Return type:
- supports(construct)
Check if this mixin supports the given construct.
- Parameters:
construct (
IConstruct)- Return type:
bool
Attributes
- CFN_PROPERTY_KEYS = ['dataLakePrincipal', 'permissions', 'permissionsWithGrantOption', 'resource']
Static Methods
- classmethod is_mixin(x)
(experimental) Checks if
xis a Mixin.- Parameters:
x (
Any) – Any object.- Return type:
bool- Returns:
true if
xis an object created from a class which extendsMixin.- Stability:
experimental
ColumnWildcardProperty
- class CfnPermissionsPropsMixin.ColumnWildcardProperty(*, excluded_column_names=None)
Bases:
objectA wildcard object, consisting of an optional list of excluded column names or indexes.
- Parameters:
excluded_column_names (
Optional[Sequence[str]]) – Excludes column names. Any column with this name will be excluded.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_lakeformation import mixins as lakeformation_mixins column_wildcard_property = lakeformation_mixins.CfnPermissionsPropsMixin.ColumnWildcardProperty( excluded_column_names=["excludedColumnNames"] )
Attributes
- excluded_column_names
Excludes column names.
Any column with this name will be excluded.
DataLakePrincipalProperty
- class CfnPermissionsPropsMixin.DataLakePrincipalProperty(*, data_lake_principal_identifier=None)
Bases:
objectThe Lake Formation principal.
- Parameters:
data_lake_principal_identifier (
Optional[str]) – An identifier for the Lake Formation principal.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_lakeformation import mixins as lakeformation_mixins data_lake_principal_property = lakeformation_mixins.CfnPermissionsPropsMixin.DataLakePrincipalProperty( data_lake_principal_identifier="dataLakePrincipalIdentifier" )
Attributes
- data_lake_principal_identifier
An identifier for the Lake Formation principal.
DataLocationResourceProperty
- class CfnPermissionsPropsMixin.DataLocationResourceProperty(*, catalog_id=None, s3_resource=None)
Bases:
objectA structure for a data location object where permissions are granted or revoked.
- Parameters:
catalog_id (
Optional[str]) – The identifier for the Data Catalog . By default, it is the account ID of the caller.s3_resource (
Optional[str]) – The Amazon Resource Name (ARN) that uniquely identifies the data location resource.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_lakeformation import mixins as lakeformation_mixins data_location_resource_property = lakeformation_mixins.CfnPermissionsPropsMixin.DataLocationResourceProperty( catalog_id="catalogId", s3_resource="s3Resource" )
Attributes
- catalog_id
The identifier for the Data Catalog .
By default, it is the account ID of the caller.
- s3_resource
The Amazon Resource Name (ARN) that uniquely identifies the data location resource.
DatabaseResourceProperty
- class CfnPermissionsPropsMixin.DatabaseResourceProperty(*, catalog_id=None, name=None)
Bases:
objectA structure for the database object.
- Parameters:
catalog_id (
Optional[str]) – The identifier for the Data Catalog . By default, it is the account ID of the caller.name (
Optional[str]) – The name of the database resource. Unique to the Data Catalog.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_lakeformation import mixins as lakeformation_mixins database_resource_property = lakeformation_mixins.CfnPermissionsPropsMixin.DatabaseResourceProperty( catalog_id="catalogId", name="name" )
Attributes
- catalog_id
The identifier for the Data Catalog .
By default, it is the account ID of the caller.
- name
The name of the database resource.
Unique to the Data Catalog.
ResourceProperty
- class CfnPermissionsPropsMixin.ResourceProperty(*, database_resource=None, data_location_resource=None, table_resource=None, table_with_columns_resource=None)
Bases:
objectA structure for the resource.
- Parameters:
database_resource (
Union[IResolvable,DatabaseResourceProperty,Dict[str,Any],None]) – A structure for the database object.data_location_resource (
Union[IResolvable,DataLocationResourceProperty,Dict[str,Any],None]) – A structure for a data location object where permissions are granted or revoked.table_resource (
Union[IResolvable,TableResourceProperty,Dict[str,Any],None]) – A structure for the table object. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.table_with_columns_resource (
Union[IResolvable,TableWithColumnsResourceProperty,Dict[str,Any],None]) – A structure for a table with columns object. This object is only used when granting a SELECT permission.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_lakeformation import mixins as lakeformation_mixins resource_property = lakeformation_mixins.CfnPermissionsPropsMixin.ResourceProperty( database_resource=lakeformation_mixins.CfnPermissionsPropsMixin.DatabaseResourceProperty( catalog_id="catalogId", name="name" ), data_location_resource=lakeformation_mixins.CfnPermissionsPropsMixin.DataLocationResourceProperty( catalog_id="catalogId", s3_resource="s3Resource" ), table_resource=lakeformation_mixins.CfnPermissionsPropsMixin.TableResourceProperty( catalog_id="catalogId", database_name="databaseName", name="name", table_wildcard=lakeformation_mixins.CfnPermissionsPropsMixin.TableWildcardProperty() ), table_with_columns_resource=lakeformation_mixins.CfnPermissionsPropsMixin.TableWithColumnsResourceProperty( catalog_id="catalogId", column_names=["columnNames"], column_wildcard=lakeformation_mixins.CfnPermissionsPropsMixin.ColumnWildcardProperty( excluded_column_names=["excludedColumnNames"] ), database_name="databaseName", name="name" ) )
Attributes
- data_location_resource
A structure for a data location object where permissions are granted or revoked.
- database_resource
A structure for the database object.
- table_resource
A structure for the table object.
A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.
- table_with_columns_resource
A structure for a table with columns object.
This object is only used when granting a SELECT permission.
TableResourceProperty
- class CfnPermissionsPropsMixin.TableResourceProperty(*, catalog_id=None, database_name=None, name=None, table_wildcard=None)
Bases:
objectA structure for the table object.
A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.
- Parameters:
catalog_id (
Optional[str]) – The identifier for the Data Catalog . By default, it is the account ID of the caller.database_name (
Optional[str]) – The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.name (
Optional[str]) – The name of the table.table_wildcard (
Union[IResolvable,TableWildcardProperty,Dict[str,Any],None]) – An empty object representing all tables under a database. If this field is specified instead of theNamefield, all tables underDatabaseNamewill have permission changes applied.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_lakeformation import mixins as lakeformation_mixins table_resource_property = lakeformation_mixins.CfnPermissionsPropsMixin.TableResourceProperty( catalog_id="catalogId", database_name="databaseName", name="name", table_wildcard=lakeformation_mixins.CfnPermissionsPropsMixin.TableWildcardProperty() )
Attributes
- catalog_id
The identifier for the Data Catalog .
By default, it is the account ID of the caller.
- database_name
The name of the database for the table.
Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.
- name
The name of the table.
- table_wildcard
An empty object representing all tables under a database.
If this field is specified instead of the
Namefield, all tables underDatabaseNamewill have permission changes applied.
TableWildcardProperty
- class CfnPermissionsPropsMixin.TableWildcardProperty
Bases:
object- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_lakeformation import mixins as lakeformation_mixins table_wildcard_property = lakeformation_mixins.CfnPermissionsPropsMixin.TableWildcardProperty()
TableWithColumnsResourceProperty
- class CfnPermissionsPropsMixin.TableWithColumnsResourceProperty(*, catalog_id=None, column_names=None, column_wildcard=None, database_name=None, name=None)
Bases:
objectA structure for a table with columns object. This object is only used when granting a SELECT permission.
This object must take a value for at least one of
ColumnsNames,ColumnsIndexes, orColumnsWildcard.- Parameters:
catalog_id (
Optional[str]) – The identifier for the Data Catalog . By default, it is the account ID of the caller.column_names (
Optional[Sequence[str]]) – The list of column names for the table. At least one ofColumnNamesorColumnWildcardis required.column_wildcard (
Union[IResolvable,ColumnWildcardProperty,Dict[str,Any],None]) – A wildcard specified by aColumnWildcardobject. At least one ofColumnNamesorColumnWildcardis required.database_name (
Optional[str]) – The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.name (
Optional[str]) – The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_lakeformation import mixins as lakeformation_mixins table_with_columns_resource_property = lakeformation_mixins.CfnPermissionsPropsMixin.TableWithColumnsResourceProperty( catalog_id="catalogId", column_names=["columnNames"], column_wildcard=lakeformation_mixins.CfnPermissionsPropsMixin.ColumnWildcardProperty( excluded_column_names=["excludedColumnNames"] ), database_name="databaseName", name="name" )
Attributes
- catalog_id
The identifier for the Data Catalog .
By default, it is the account ID of the caller.
- column_names
The list of column names for the table.
At least one of
ColumnNamesorColumnWildcardis required.
- column_wildcard
A wildcard specified by a
ColumnWildcardobject.At least one of
ColumnNamesorColumnWildcardis required.
- database_name
The name of the database for the table with columns resource.
Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.
- name
The name of the table resource.
A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.