AWS::QuickSight::DataSet RowLevelPermissionDataSet - AWS CloudFormation
SyntaxProperties

This is the new AWS CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the AWS CloudFormation User Guide.

AWS::QuickSight::DataSet RowLevelPermissionDataSet

Information about a dataset that contains permissions for row-level security (RLS). The permissions dataset maps fields to users or groups. For more information, see Using Row-Level Security (RLS) to Restrict Access to a Dataset in the Quick Sight User Guide.

The option to deny permissions by setting PermissionPolicy to DENY_ACCESS is not supported for new RLS datasets.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{
  "Arn" : String,
  "FormatVersion" : String,
  "Namespace" : String,
  "PermissionPolicy" : String,
  "Status" : String
}

YAML

  Arn: String
  FormatVersion: String
  Namespace: String
  PermissionPolicy: String
  Status: String

Properties

Arn

The Amazon Resource Name (ARN) of the dataset that contains permissions for RLS.

Required: Yes

Type: String

Update requires: No interruption

FormatVersion

The user or group rules associated with the dataset that contains permissions for RLS.

By default, FormatVersion is VERSION_1. When FormatVersion is VERSION_1, UserName and GroupName are required. When FormatVersion is VERSION_2, UserARN and GroupARN are required, and Namespace must not exist.

Required: No

Type: String

Allowed values: VERSION_1 | VERSION_2

Update requires: No interruption

Namespace

The namespace associated with the dataset that contains permissions for RLS.

Required: No

Type: String

Pattern: ^[a-zA-Z0-9._-]*$

Minimum: 0

Maximum: 64

Update requires: No interruption

PermissionPolicy

The type of permissions to use when interpreting the permissions for RLS. DENY_ACCESS is included for backward compatibility only.

Required: Yes

Type: String

Allowed values: GRANT_ACCESS | DENY_ACCESS

Update requires: No interruption

Status

The status of the row-level security permission dataset. If enabled, the status is ENABLED. If disabled, the status is DISABLED.

Required: No

Type: String

Allowed values: ENABLED | DISABLED

Update requires: No interruption