CfnPrincipalPermissionsPropsMixin
- class aws_cdk.mixins_preview.aws_lakeformation.mixins.CfnPrincipalPermissionsPropsMixin(props, *, strategy=None)
Bases:
MixinThe
AWS::LakeFormation::PrincipalPermissionsresource represents the permissions that a principal has on a Data Catalog resource (such as AWS Glue databases or AWS Glue tables).When you create a
PrincipalPermissionsresource, the permissions are granted via the AWS Lake FormationGrantPermissionsAPI operation. When you delete aPrincipalPermissionsresource, the permissions on principal-resource pair are revoked via the AWS Lake FormationRevokePermissionsAPI operation.- See:
- CloudformationResource:
AWS::LakeFormation::PrincipalPermissions
- Mixin:
true
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview import mixins from aws_cdk.mixins_preview.aws_lakeformation import mixins as lakeformation_mixins # catalog: Any # table_wildcard: Any cfn_principal_permissions_props_mixin = lakeformation_mixins.CfnPrincipalPermissionsPropsMixin(lakeformation_mixins.CfnPrincipalPermissionsMixinProps( catalog="catalog", permissions=["permissions"], permissions_with_grant_option=["permissionsWithGrantOption"], principal=lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.DataLakePrincipalProperty( data_lake_principal_identifier="dataLakePrincipalIdentifier" ), resource=lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.ResourceProperty( catalog=catalog, database=lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.DatabaseResourceProperty( catalog_id="catalogId", name="name" ), data_cells_filter=lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.DataCellsFilterResourceProperty( database_name="databaseName", name="name", table_catalog_id="tableCatalogId", table_name="tableName" ), data_location=lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.DataLocationResourceProperty( catalog_id="catalogId", resource_arn="resourceArn" ), lf_tag=lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.LFTagKeyResourceProperty( catalog_id="catalogId", tag_key="tagKey", tag_values=["tagValues"] ), lf_tag_policy=lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.LFTagPolicyResourceProperty( catalog_id="catalogId", expression=[lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.LFTagProperty( tag_key="tagKey", tag_values=["tagValues"] )], resource_type="resourceType" ), table=lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.TableResourceProperty( catalog_id="catalogId", database_name="databaseName", name="name", table_wildcard=table_wildcard ), table_with_columns=lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.TableWithColumnsResourceProperty( catalog_id="catalogId", column_names=["columnNames"], column_wildcard=lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.ColumnWildcardProperty( excluded_column_names=["excludedColumnNames"] ), database_name="databaseName", name="name" ) ) ), strategy=mixins.PropertyMergeStrategy.OVERRIDE )
Create a mixin to apply properties to
AWS::LakeFormation::PrincipalPermissions.- Parameters:
props (
Union[CfnPrincipalPermissionsMixinProps,Dict[str,Any]]) – L1 properties to apply.strategy (
Optional[PropertyMergeStrategy]) – (experimental) Strategy for merging nested properties. Default: - PropertyMergeStrategy.MERGE
Methods
- apply_to(construct)
Apply the mixin properties to the construct.
- Parameters:
construct (
IConstruct)- Return type:
- supports(construct)
Check if this mixin supports the given construct.
- Parameters:
construct (
IConstruct)- Return type:
bool
Attributes
- CFN_PROPERTY_KEYS = ['catalog', 'permissions', 'permissionsWithGrantOption', 'principal', 'resource']
Static Methods
- classmethod is_mixin(x)
(experimental) Checks if
xis a Mixin.- Parameters:
x (
Any) – Any object.- Return type:
bool- Returns:
true if
xis an object created from a class which extendsMixin.- Stability:
experimental
ColumnWildcardProperty
- class CfnPrincipalPermissionsPropsMixin.ColumnWildcardProperty(*, excluded_column_names=None)
Bases:
objectA wildcard object, consisting of an optional list of excluded column names or indexes.
- Parameters:
excluded_column_names (
Optional[Sequence[str]]) – Excludes column names. Any column with this name will be excluded.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_lakeformation import mixins as lakeformation_mixins column_wildcard_property = lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.ColumnWildcardProperty( excluded_column_names=["excludedColumnNames"] )
Attributes
- excluded_column_names
Excludes column names.
Any column with this name will be excluded.
DataCellsFilterResourceProperty
- class CfnPrincipalPermissionsPropsMixin.DataCellsFilterResourceProperty(*, database_name=None, name=None, table_catalog_id=None, table_name=None)
Bases:
objectA structure that describes certain columns on certain rows.
- Parameters:
database_name (
Optional[str]) – A database in the Data Catalog .name (
Optional[str]) – The name given by the user to the data filter cell.table_catalog_id (
Optional[str]) – The ID of the catalog to which the table belongs.table_name (
Optional[str]) – The name of the table.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_lakeformation import mixins as lakeformation_mixins data_cells_filter_resource_property = lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.DataCellsFilterResourceProperty( database_name="databaseName", name="name", table_catalog_id="tableCatalogId", table_name="tableName" )
Attributes
- database_name
A database in the Data Catalog .
- name
The name given by the user to the data filter cell.
- table_catalog_id
The ID of the catalog to which the table belongs.
DataLakePrincipalProperty
- class CfnPrincipalPermissionsPropsMixin.DataLakePrincipalProperty(*, data_lake_principal_identifier=None)
Bases:
objectThe AWS Lake Formation principal.
- Parameters:
data_lake_principal_identifier (
Optional[str]) – An identifier for the AWS Lake Formation principal.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_lakeformation import mixins as lakeformation_mixins data_lake_principal_property = lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.DataLakePrincipalProperty( data_lake_principal_identifier="dataLakePrincipalIdentifier" )
Attributes
- data_lake_principal_identifier
An identifier for the AWS Lake Formation principal.
DataLocationResourceProperty
- class CfnPrincipalPermissionsPropsMixin.DataLocationResourceProperty(*, catalog_id=None, resource_arn=None)
Bases:
objectA structure for a data location object where permissions are granted or revoked.
- Parameters:
catalog_id (
Optional[str]) – The identifier for the Data Catalog where the location is registered with AWS Lake Formation .resource_arn (
Optional[str]) – The Amazon Resource Name (ARN) that uniquely identifies the data location resource.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_lakeformation import mixins as lakeformation_mixins data_location_resource_property = lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.DataLocationResourceProperty( catalog_id="catalogId", resource_arn="resourceArn" )
Attributes
- catalog_id
The identifier for the Data Catalog where the location is registered with AWS Lake Formation .
- resource_arn
The Amazon Resource Name (ARN) that uniquely identifies the data location resource.
DatabaseResourceProperty
- class CfnPrincipalPermissionsPropsMixin.DatabaseResourceProperty(*, catalog_id=None, name=None)
Bases:
objectA structure for the database object.
- Parameters:
catalog_id (
Optional[str]) – The identifier for the Data Catalog. By default, it is the account ID of the caller.name (
Optional[str]) – The name of the database resource. Unique to the Data Catalog.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_lakeformation import mixins as lakeformation_mixins database_resource_property = lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.DatabaseResourceProperty( catalog_id="catalogId", name="name" )
Attributes
- catalog_id
The identifier for the Data Catalog.
By default, it is the account ID of the caller.
- name
The name of the database resource.
Unique to the Data Catalog.
LFTagKeyResourceProperty
- class CfnPrincipalPermissionsPropsMixin.LFTagKeyResourceProperty(*, catalog_id=None, tag_key=None, tag_values=None)
Bases:
objectA structure containing an LF-tag key and values for a resource.
- Parameters:
catalog_id (
Optional[str]) – The identifier for the Data Catalog where the location is registered with Data Catalog .tag_key (
Optional[str]) – The key-name for the LF-tag.tag_values (
Optional[Sequence[str]]) – A list of possible values for the correspondingTagKeyof an LF-tag key-value pair.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_lakeformation import mixins as lakeformation_mixins l_fTag_key_resource_property = lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.LFTagKeyResourceProperty( catalog_id="catalogId", tag_key="tagKey", tag_values=["tagValues"] )
Attributes
- catalog_id
The identifier for the Data Catalog where the location is registered with Data Catalog .
- tag_key
The key-name for the LF-tag.
- tag_values
A list of possible values for the corresponding
TagKeyof an LF-tag key-value pair.
LFTagPolicyResourceProperty
- class CfnPrincipalPermissionsPropsMixin.LFTagPolicyResourceProperty(*, catalog_id=None, expression=None, resource_type=None)
Bases:
objectA list of LF-tag conditions that define a resource’s LF-tag policy.
A structure that allows an admin to grant user permissions on certain conditions. For example, granting a role access to all columns that do not have the LF-tag ‘PII’ in tables that have the LF-tag ‘Prod’.
- Parameters:
catalog_id (
Optional[str]) – The identifier for the Data Catalog . The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.expression (
Union[IResolvable,Sequence[Union[IResolvable,LFTagProperty,Dict[str,Any]]],None]) – A list of LF-tag conditions that apply to the resource’s LF-tag policy.resource_type (
Optional[str]) – The resource type for which the LF-tag policy applies.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_lakeformation import mixins as lakeformation_mixins l_fTag_policy_resource_property = lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.LFTagPolicyResourceProperty( catalog_id="catalogId", expression=[lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.LFTagProperty( tag_key="tagKey", tag_values=["tagValues"] )], resource_type="resourceType" )
Attributes
- catalog_id
The identifier for the Data Catalog .
The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.
- expression
A list of LF-tag conditions that apply to the resource’s LF-tag policy.
- resource_type
The resource type for which the LF-tag policy applies.
LFTagProperty
- class CfnPrincipalPermissionsPropsMixin.LFTagProperty(*, tag_key=None, tag_values=None)
Bases:
objectThe LF-tag key and values attached to a resource.
- Parameters:
tag_key (
Optional[str]) – The key-name for the LF-tag.tag_values (
Optional[Sequence[str]]) – A list of possible values of the correspondingTagKeyof an LF-tag key-value pair.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_lakeformation import mixins as lakeformation_mixins l_fTag_property = lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.LFTagProperty( tag_key="tagKey", tag_values=["tagValues"] )
Attributes
- tag_key
The key-name for the LF-tag.
- tag_values
A list of possible values of the corresponding
TagKeyof an LF-tag key-value pair.
ResourceProperty
- class CfnPrincipalPermissionsPropsMixin.ResourceProperty(*, catalog=None, database=None, data_cells_filter=None, data_location=None, lf_tag=None, lf_tag_policy=None, table=None, table_with_columns=None)
Bases:
objectA structure for the resource.
- Parameters:
catalog (
Any) – The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.database (
Union[IResolvable,DatabaseResourceProperty,Dict[str,Any],None]) – The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal.data_cells_filter (
Union[IResolvable,DataCellsFilterResourceProperty,Dict[str,Any],None]) – A data cell filter.data_location (
Union[IResolvable,DataLocationResourceProperty,Dict[str,Any],None]) – The location of an Amazon S3 path where permissions are granted or revoked.lf_tag (
Union[IResolvable,LFTagKeyResourceProperty,Dict[str,Any],None]) – The LF-tag key and values attached to a resource.lf_tag_policy (
Union[IResolvable,LFTagPolicyResourceProperty,Dict[str,Any],None]) – A list of LF-tag conditions that define a resource’s LF-tag policy.table (
Union[IResolvable,TableResourceProperty,Dict[str,Any],None]) – The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.table_with_columns (
Union[IResolvable,TableWithColumnsResourceProperty,Dict[str,Any],None]) – The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_lakeformation import mixins as lakeformation_mixins # catalog: Any # table_wildcard: Any resource_property = lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.ResourceProperty( catalog=catalog, database=lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.DatabaseResourceProperty( catalog_id="catalogId", name="name" ), data_cells_filter=lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.DataCellsFilterResourceProperty( database_name="databaseName", name="name", table_catalog_id="tableCatalogId", table_name="tableName" ), data_location=lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.DataLocationResourceProperty( catalog_id="catalogId", resource_arn="resourceArn" ), lf_tag=lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.LFTagKeyResourceProperty( catalog_id="catalogId", tag_key="tagKey", tag_values=["tagValues"] ), lf_tag_policy=lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.LFTagPolicyResourceProperty( catalog_id="catalogId", expression=[lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.LFTagProperty( tag_key="tagKey", tag_values=["tagValues"] )], resource_type="resourceType" ), table=lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.TableResourceProperty( catalog_id="catalogId", database_name="databaseName", name="name", table_wildcard=table_wildcard ), table_with_columns=lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.TableWithColumnsResourceProperty( catalog_id="catalogId", column_names=["columnNames"], column_wildcard=lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.ColumnWildcardProperty( excluded_column_names=["excludedColumnNames"] ), database_name="databaseName", name="name" ) )
Attributes
- catalog
The identifier for the Data Catalog.
By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.
- data_cells_filter
A data cell filter.
- data_location
The location of an Amazon S3 path where permissions are granted or revoked.
- database
The database for the resource.
Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal.
- lf_tag
The LF-tag key and values attached to a resource.
- lf_tag_policy
A list of LF-tag conditions that define a resource’s LF-tag policy.
- table
The table for the resource.
A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.
- table_with_columns
The table with columns for the resource.
A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3.
TableResourceProperty
- class CfnPrincipalPermissionsPropsMixin.TableResourceProperty(*, catalog_id=None, database_name=None, name=None, table_wildcard=None)
Bases:
objectA structure for the table object.
A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.
- Parameters:
catalog_id (
Optional[str]) – The identifier for the Data Catalog. By default, it is the account ID of the caller.database_name (
Optional[str]) – The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.name (
Optional[str]) – The name of the table.table_wildcard (
Any) – A wildcard object representing every table under a database. At least one ofTableResource$NameorTableResource$TableWildcardis required.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_lakeformation import mixins as lakeformation_mixins # table_wildcard: Any table_resource_property = lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.TableResourceProperty( catalog_id="catalogId", database_name="databaseName", name="name", table_wildcard=table_wildcard )
Attributes
- catalog_id
The identifier for the Data Catalog.
By default, it is the account ID of the caller.
- database_name
The name of the database for the table.
Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.
- name
The name of the table.
- table_wildcard
A wildcard object representing every table under a database.
At least one of
TableResource$NameorTableResource$TableWildcardis required.
TableWithColumnsResourceProperty
- class CfnPrincipalPermissionsPropsMixin.TableWithColumnsResourceProperty(*, catalog_id=None, column_names=None, column_wildcard=None, database_name=None, name=None)
Bases:
objectA structure for a table with columns object. This object is only used when granting a SELECT permission.
This object must take a value for at least one of
ColumnsNames,ColumnsIndexes, orColumnsWildcard.- Parameters:
catalog_id (
Optional[str]) – The identifier for the Data Catalog where the location is registered with AWS Lake Formation .column_names (
Optional[Sequence[str]]) – The list of column names for the table. At least one ofColumnNamesorColumnWildcardis required.column_wildcard (
Union[IResolvable,ColumnWildcardProperty,Dict[str,Any],None]) – A wildcard specified by aColumnWildcardobject. At least one ofColumnNamesorColumnWildcardis required.database_name (
Optional[str]) – The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.name (
Optional[str]) – The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_lakeformation import mixins as lakeformation_mixins table_with_columns_resource_property = lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.TableWithColumnsResourceProperty( catalog_id="catalogId", column_names=["columnNames"], column_wildcard=lakeformation_mixins.CfnPrincipalPermissionsPropsMixin.ColumnWildcardProperty( excluded_column_names=["excludedColumnNames"] ), database_name="databaseName", name="name" )
Attributes
- catalog_id
The identifier for the Data Catalog where the location is registered with AWS Lake Formation .
- column_names
The list of column names for the table.
At least one of
ColumnNamesorColumnWildcardis required.
- column_wildcard
A wildcard specified by a
ColumnWildcardobject.At least one of
ColumnNamesorColumnWildcardis required.
- database_name
The name of the database for the table with columns resource.
Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.
- name
The name of the table resource.
A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.