Skip to content

Commit

Permalink
feat(client-lakeformation): Adds supports for ReadOnlyAdmins and Allo…
Browse files Browse the repository at this point in the history 
…wFullTableExternalDataAccess. Adds NESTED_PERMISSION and NESTED_CELL_PERMISSION to SUPPORTED_PERMISSION_TYPES enum. Adds CREATE_LF_TAG on catalog resource and ALTER, DROP, and GRANT_WITH_LF_TAG_EXPRESSION on LF Tag resource.
  • Loading branch information
awstools committed Jul 17, 2023
1 parent 4b0faf7 commit 367d6f4
Show file tree
Hide file tree
Showing 12 changed files with 143 additions and 90 deletions.
8 changes: 4 additions & 4 deletions clients/client-lakeformation/src/commands/BatchGrantPermissionsCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,10 +107,10 @@ export interface BatchGrantPermissionsCommandOutput extends BatchGrantPermission
* },
* },
* Permissions: [ // PermissionList
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
* ],
* PermissionsWithGrantOption: [
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
* ],
* },
* ],
Expand Down Expand Up @@ -181,10 +181,10 @@ export interface BatchGrantPermissionsCommandOutput extends BatchGrantPermission
* // },
* // },
* // Permissions: [ // PermissionList
* // "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
* // "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
* // ],
* // PermissionsWithGrantOption: [
* // "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
* // "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
* // ],
* // },
* // Error: { // ErrorDetail
Expand Down
8 changes: 4 additions & 4 deletions clients/client-lakeformation/src/commands/BatchRevokePermissionsCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,10 +107,10 @@ export interface BatchRevokePermissionsCommandOutput extends BatchRevokePermissi
* },
* },
* Permissions: [ // PermissionList
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
* ],
* PermissionsWithGrantOption: [
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
* ],
* },
* ],
Expand Down Expand Up @@ -181,10 +181,10 @@ export interface BatchRevokePermissionsCommandOutput extends BatchRevokePermissi
* // },
* // },
* // Permissions: [ // PermissionList
* // "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
* // "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
* // ],
* // PermissionsWithGrantOption: [
* // "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
* // "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
* // ],
* // },
* // Error: { // ErrorDetail
Expand Down
10 changes: 8 additions & 2 deletions clients/client-lakeformation/src/commands/GetDataLakeSettingsCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,13 +55,18 @@ export interface GetDataLakeSettingsCommandOutput extends GetDataLakeSettingsRes
* // DataLakePrincipalIdentifier: "STRING_VALUE",
* // },
* // ],
* // ReadOnlyAdmins: [
* // {
* // DataLakePrincipalIdentifier: "STRING_VALUE",
* // },
* // ],
* // CreateDatabaseDefaultPermissions: [ // PrincipalPermissionsList
* // { // PrincipalPermissions
* // Principal: {
* // DataLakePrincipalIdentifier: "STRING_VALUE",
* // },
* // Permissions: [ // PermissionList
* // "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
* // "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
* // ],
* // },
* // ],
Expand All @@ -71,7 +76,7 @@ export interface GetDataLakeSettingsCommandOutput extends GetDataLakeSettingsRes
* // DataLakePrincipalIdentifier: "STRING_VALUE",
* // },
* // Permissions: [
* // "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
* // "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
* // ],
* // },
* // ],
Expand All @@ -82,6 +87,7 @@ export interface GetDataLakeSettingsCommandOutput extends GetDataLakeSettingsRes
* // "STRING_VALUE",
* // ],
* // AllowExternalDataFiltering: true || false,
* // AllowFullTableExternalDataAccess: true || false,
* // ExternalDataFilteringAllowList: [
* // {
* // DataLakePrincipalIdentifier: "STRING_VALUE",
Expand Down
4 changes: 2 additions & 2 deletions clients/client-lakeformation/src/commands/GetEffectivePermissionsForPathCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -119,10 +119,10 @@ export interface GetEffectivePermissionsForPathCommandOutput
* // },
* // },
* // Permissions: [ // PermissionList
* // "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
* // "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
* // ],
* // PermissionsWithGrantOption: [
* // "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
* // "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
* // ],
* // AdditionalDetails: { // DetailsMap
* // ResourceShare: [ // ResourceShareList
Expand Down
6 changes: 3 additions & 3 deletions clients/client-lakeformation/src/commands/GetTemporaryGluePartitionCredentialsCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,14 +59,14 @@ export interface GetTemporaryGluePartitionCredentialsCommandOutput
* ],
* },
* Permissions: [ // PermissionList
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
* ],
* DurationSeconds: Number("int"),
* AuditContext: { // AuditContext
* AdditionalAuditContext: "STRING_VALUE",
* },
* SupportedPermissionTypes: [ // PermissionTypeList // required
* "COLUMN_PERMISSION" || "CELL_FILTER_PERMISSION",
* SupportedPermissionTypes: [ // PermissionTypeList
* "COLUMN_PERMISSION" || "CELL_FILTER_PERMISSION" || "NESTED_PERMISSION" || "NESTED_CELL_PERMISSION",
* ],
* };
* const command = new GetTemporaryGluePartitionCredentialsCommand(input);
Expand Down
6 changes: 3 additions & 3 deletions clients/client-lakeformation/src/commands/GetTemporaryGlueTableCredentialsCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,14 +51,14 @@ export interface GetTemporaryGlueTableCredentialsCommandOutput
* const input = { // GetTemporaryGlueTableCredentialsRequest
* TableArn: "STRING_VALUE", // required
* Permissions: [ // PermissionList
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
* ],
* DurationSeconds: Number("int"),
* AuditContext: { // AuditContext
* AdditionalAuditContext: "STRING_VALUE",
* },
* SupportedPermissionTypes: [ // PermissionTypeList // required
* "COLUMN_PERMISSION" || "CELL_FILTER_PERMISSION",
* SupportedPermissionTypes: [ // PermissionTypeList
* "COLUMN_PERMISSION" || "CELL_FILTER_PERMISSION" || "NESTED_PERMISSION" || "NESTED_CELL_PERMISSION",
* ],
* };
* const command = new GetTemporaryGlueTableCredentialsCommand(input);
Expand Down
4 changes: 2 additions & 2 deletions clients/client-lakeformation/src/commands/GrantPermissionsCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -105,10 +105,10 @@ export interface GrantPermissionsCommandOutput extends GrantPermissionsResponse,
* },
* },
* Permissions: [ // PermissionList // required
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
* ],
* PermissionsWithGrantOption: [
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
* ],
* };
* const command = new GrantPermissionsCommand(input);
Expand Down
6 changes: 3 additions & 3 deletions clients/client-lakeformation/src/commands/ListPermissionsCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ export interface ListPermissionsCommandOutput extends ListPermissionsResponse, _
* @public
* <p>Returns a list of the principal permissions on the resource, filtered by the permissions of the caller. For example, if you are granted an ALTER permission, you are able to see only the principal permissions for ALTER.</p>
* <p>This operation returns only those permissions that have been explicitly granted.</p>
* <p>For information about permissions, see <a href="https://docs-aws.amazon.com/lake-formation/latest/dg/security-data-access.html">Security and Access Control to Metadata and Data</a>.</p>
* <p>For information about permissions, see <a href="https://docs.aws.amazon.com/lake-formation/latest/dg/security-data-access.html">Security and Access Control to Metadata and Data</a>.</p>
* @example
* Use a bare-bones client and the command you need to make an API call.
* ```javascript
Expand Down Expand Up @@ -174,10 +174,10 @@ export interface ListPermissionsCommandOutput extends ListPermissionsResponse, _
* // },
* // },
* // Permissions: [ // PermissionList
* // "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
* // "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
* // ],
* // PermissionsWithGrantOption: [
* // "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
* // "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
* // ],
* // AdditionalDetails: { // DetailsMap
* // ResourceShare: [ // ResourceShareList
Expand Down
10 changes: 8 additions & 2 deletions clients/client-lakeformation/src/commands/PutDataLakeSettingsCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,13 +52,18 @@ export interface PutDataLakeSettingsCommandOutput extends PutDataLakeSettingsRes
* DataLakePrincipalIdentifier: "STRING_VALUE",
* },
* ],
* ReadOnlyAdmins: [
* {
* DataLakePrincipalIdentifier: "STRING_VALUE",
* },
* ],
* CreateDatabaseDefaultPermissions: [ // PrincipalPermissionsList
* { // PrincipalPermissions
* Principal: {
* DataLakePrincipalIdentifier: "STRING_VALUE",
* },
* Permissions: [ // PermissionList
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
* ],
* },
* ],
Expand All @@ -68,7 +73,7 @@ export interface PutDataLakeSettingsCommandOutput extends PutDataLakeSettingsRes
* DataLakePrincipalIdentifier: "STRING_VALUE",
* },
* Permissions: [
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
* ],
* },
* ],
Expand All @@ -79,6 +84,7 @@ export interface PutDataLakeSettingsCommandOutput extends PutDataLakeSettingsRes
* "STRING_VALUE",
* ],
* AllowExternalDataFiltering: true || false,
* AllowFullTableExternalDataAccess: true || false,
* ExternalDataFilteringAllowList: [
* {
* DataLakePrincipalIdentifier: "STRING_VALUE",
Expand Down
4 changes: 2 additions & 2 deletions clients/client-lakeformation/src/commands/RevokePermissionsCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -104,10 +104,10 @@ export interface RevokePermissionsCommandOutput extends RevokePermissionsRespons
* },
* },
* Permissions: [ // PermissionList // required
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
* ],
* PermissionsWithGrantOption: [
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
* "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
* ],
* };
* const command = new RevokePermissionsCommand(input);
Expand Down
23 changes: 18 additions & 5 deletions clients/client-lakeformation/src/models/models_0.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -623,12 +623,13 @@ export const Permission = {
ALTER: "ALTER",
ASSOCIATE: "ASSOCIATE",
CREATE_DATABASE: "CREATE_DATABASE",
CREATE_LF_TAG: "CREATE_LF_TAG",
CREATE_TABLE: "CREATE_TABLE",
CREATE_TAG: "CREATE_TAG",
DATA_LOCATION_ACCESS: "DATA_LOCATION_ACCESS",
DELETE: "DELETE",
DESCRIBE: "DESCRIBE",
DROP: "DROP",
GRANT_WITH_LF_TAG_EXPRESSION: "GRANT_WITH_LF_TAG_EXPRESSION",
INSERT: "INSERT",
SELECT: "SELECT",
} as const;
Expand Down Expand Up @@ -920,7 +921,7 @@ export interface DataCellsFilter {
RowFilter?: RowFilter;

/**
* <p>A list of column names.</p>
* <p>A list of column names and/or nested column attributes. When specifying nested attributes, use a qualified dot (.) delimited format such as "address"."zip". Nested attributes within this list may not exceed a depth of 5.</p>
*/
ColumnNames?: string[];

Expand Down Expand Up @@ -1322,6 +1323,11 @@ export interface DataLakeSettings {
*/
DataLakeAdmins?: DataLakePrincipal[];

/**
* <p>A list of Lake Formation principals with only view access to the resources, without the ability to make changes. Supported principals are IAM users or IAM roles.</p>
*/
ReadOnlyAdmins?: DataLakePrincipal[];

/**
* <p>Specifies whether access control on newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.</p>
* <p>A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.</p>
Expand Down Expand Up @@ -1353,10 +1359,15 @@ export interface DataLakeSettings {
* <p>Whether to allow Amazon EMR clusters to access data managed by Lake Formation. </p>
* <p>If true, you allow Amazon EMR clusters to access data in Amazon S3 locations that are registered with Lake Formation.</p>
* <p>If false or null, no Amazon EMR clusters will be able to access data in Amazon S3 locations that are registered with Lake Formation.</p>
* <p>For more information, see <a href="https://docs-aws.amazon.com/lake-formation/latest/dg/getting-started-setup.html#emr-switch">(Optional) Allow Data Filtering on Amazon EMR</a>.</p>
* <p>For more information, see <a href="https://docs.aws.amazon.com/lake-formation/latest/dg/initial-LF-setup.html#external-data-filter">(Optional) Allow external data filtering</a>.</p>
*/
AllowExternalDataFiltering?: boolean;

/**
* <p>Whether to allow a third-party query engine to get data access credentials without session tags when a caller has full data access permissions.</p>
*/
AllowFullTableExternalDataAccess?: boolean;

/**
* <p>A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.></p>
*/
Expand Down Expand Up @@ -1915,6 +1926,8 @@ export interface PartitionValueList {
export const PermissionType = {
CELL_FILTER_PERMISSION: "CELL_FILTER_PERMISSION",
COLUMN_PERMISSION: "COLUMN_PERMISSION",
NESTED_CELL_PERMISSION: "NESTED_CELL_PERMISSION",
NESTED_PERMISSION: "NESTED_PERMISSION",
} as const;

/**
Expand Down Expand Up @@ -1954,7 +1967,7 @@ export interface GetTemporaryGluePartitionCredentialsRequest {
/**
* <p>A list of supported permission types for the partition. Valid values are <code>COLUMN_PERMISSION</code> and <code>CELL_FILTER_PERMISSION</code>.</p>
*/
SupportedPermissionTypes: (PermissionType | string)[] | undefined;
SupportedPermissionTypes?: (PermissionType | string)[];
}

/**
Expand Down Expand Up @@ -2034,7 +2047,7 @@ export interface GetTemporaryGlueTableCredentialsRequest {
/**
* <p>A list of supported permission types for the table. Valid values are <code>COLUMN_PERMISSION</code> and <code>CELL_FILTER_PERMISSION</code>.</p>
*/
SupportedPermissionTypes: (PermissionType | string)[] | undefined;
SupportedPermissionTypes?: (PermissionType | string)[];
}

/**
Expand Down
Loading

0 comments on commit 367d6f4

Please sign in to comment.