aws-cdk-lib
Version:
Version 2 of the AWS Cloud Development Kit library
977 lines • 82.1 kB
TypeScript
import * as constructs from 'constructs';
import * as cdk from '../../core';
import * as cfn_parse from '../../core/lib/helpers-internal';
/**
* Properties for defining a `CfnDataCellsFilter`
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-datacellsfilter.html
*/
export interface CfnDataCellsFilterProps {
/**
* UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html#aws-glue-api-regex-oneLine) .
*
* A database in the Data Catalog .
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-datacellsfilter.html#cfn-lakeformation-datacellsfilter-databasename
*/
readonly databaseName: string;
/**
* UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html#aws-glue-api-regex-oneLine) .
*
* The name given by the user to the data filter cell.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-datacellsfilter.html#cfn-lakeformation-datacellsfilter-name
*/
readonly name: string;
/**
* Catalog id string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html#aws-glue-api-regex-oneLine) .
*
* The ID of the catalog to which the table belongs.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-datacellsfilter.html#cfn-lakeformation-datacellsfilter-tablecatalogid
*/
readonly tableCatalogId: string;
/**
* UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html#aws-glue-api-regex-oneLine) .
*
* A table in the database.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-datacellsfilter.html#cfn-lakeformation-datacellsfilter-tablename
*/
readonly tableName: string;
/**
* An array of UTF-8 strings. A list of column names.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-datacellsfilter.html#cfn-lakeformation-datacellsfilter-columnnames
*/
readonly columnNames?: string[];
/**
* A wildcard with exclusions. You must specify either a `ColumnNames` list or the `ColumnWildCard` .
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-datacellsfilter.html#cfn-lakeformation-datacellsfilter-columnwildcard
*/
readonly columnWildcard?: CfnDataCellsFilter.ColumnWildcardProperty | cdk.IResolvable;
/**
* A PartiQL predicate.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-datacellsfilter.html#cfn-lakeformation-datacellsfilter-rowfilter
*/
readonly rowFilter?: CfnDataCellsFilter.RowFilterProperty | cdk.IResolvable;
}
/**
* A CloudFormation `AWS::LakeFormation::DataCellsFilter`
*
* A structure that represents a data cell filter with column-level, row-level, and/or cell-level security. Data cell filters belong to a specific table in a Data Catalog . During a stack operation, AWS CloudFormation calls the AWS Lake Formation `CreateDataCellsFilter` API operation to create a `DataCellsFilter` resource, and calls the `DeleteDataCellsFilter` API operation to delete it.
*
* @cloudformationResource AWS::LakeFormation::DataCellsFilter
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-datacellsfilter.html
*/
export declare class CfnDataCellsFilter extends cdk.CfnResource implements cdk.IInspectable {
/**
* The CloudFormation resource type name for this resource class.
*/
static readonly CFN_RESOURCE_TYPE_NAME = "AWS::LakeFormation::DataCellsFilter";
/**
* A factory method that creates a new instance of this class from an object
* containing the CloudFormation properties of this resource.
* Used in the @aws-cdk/cloudformation-include module.
*
* @internal
*/
static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnDataCellsFilter;
/**
* UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html#aws-glue-api-regex-oneLine) .
*
* A database in the Data Catalog .
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-datacellsfilter.html#cfn-lakeformation-datacellsfilter-databasename
*/
databaseName: string;
/**
* UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html#aws-glue-api-regex-oneLine) .
*
* The name given by the user to the data filter cell.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-datacellsfilter.html#cfn-lakeformation-datacellsfilter-name
*/
name: string;
/**
* Catalog id string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html#aws-glue-api-regex-oneLine) .
*
* The ID of the catalog to which the table belongs.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-datacellsfilter.html#cfn-lakeformation-datacellsfilter-tablecatalogid
*/
tableCatalogId: string;
/**
* UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html#aws-glue-api-regex-oneLine) .
*
* A table in the database.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-datacellsfilter.html#cfn-lakeformation-datacellsfilter-tablename
*/
tableName: string;
/**
* An array of UTF-8 strings. A list of column names.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-datacellsfilter.html#cfn-lakeformation-datacellsfilter-columnnames
*/
columnNames: string[] | undefined;
/**
* A wildcard with exclusions. You must specify either a `ColumnNames` list or the `ColumnWildCard` .
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-datacellsfilter.html#cfn-lakeformation-datacellsfilter-columnwildcard
*/
columnWildcard: CfnDataCellsFilter.ColumnWildcardProperty | cdk.IResolvable | undefined;
/**
* A PartiQL predicate.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-datacellsfilter.html#cfn-lakeformation-datacellsfilter-rowfilter
*/
rowFilter: CfnDataCellsFilter.RowFilterProperty | cdk.IResolvable | undefined;
/**
* Create a new `AWS::LakeFormation::DataCellsFilter`.
*
* @param scope - scope in which this resource is defined
* @param id - scoped id of the resource
* @param props - resource properties
*/
constructor(scope: constructs.Construct, id: string, props: CfnDataCellsFilterProps);
/**
* Examines the CloudFormation resource and discloses attributes.
*
* @param inspector - tree inspector to collect and process attributes
*
*/
inspect(inspector: cdk.TreeInspector): void;
protected get cfnProperties(): {
[key: string]: any;
};
protected renderProperties(props: {
[key: string]: any;
}): {
[key: string]: any;
};
}
export declare namespace CfnDataCellsFilter {
/**
* A wildcard object, consisting of an optional list of excluded column names or indexes.
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-datacellsfilter-columnwildcard.html
*/
interface ColumnWildcardProperty {
/**
* Excludes column names. Any column with this name will be excluded.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-datacellsfilter-columnwildcard.html#cfn-lakeformation-datacellsfilter-columnwildcard-excludedcolumnnames
*/
readonly excludedColumnNames?: string[];
}
}
export declare namespace CfnDataCellsFilter {
/**
* A PartiQL predicate.
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-datacellsfilter-rowfilter.html
*/
interface RowFilterProperty {
/**
* A wildcard for all rows.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-datacellsfilter-rowfilter.html#cfn-lakeformation-datacellsfilter-rowfilter-allrowswildcard
*/
readonly allRowsWildcard?: any | cdk.IResolvable;
/**
* A filter expression.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-datacellsfilter-rowfilter.html#cfn-lakeformation-datacellsfilter-rowfilter-filterexpression
*/
readonly filterExpression?: string;
}
}
/**
* Properties for defining a `CfnDataLakeSettings`
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-datalakesettings.html
*/
export interface CfnDataLakeSettingsProps {
/**
* A list of AWS Lake Formation principals.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-datalakesettings.html#cfn-lakeformation-datalakesettings-admins
*/
readonly admins?: Array<CfnDataLakeSettings.DataLakePrincipalProperty | cdk.IResolvable> | cdk.IResolvable | cdk.IResolvable;
/**
* An array of UTF-8 strings.
*
* A list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log. You may want to specify this property when you are in a high-trust boundary, such as the same team or company.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-datalakesettings.html#cfn-lakeformation-datalakesettings-trustedresourceowners
*/
readonly trustedResourceOwners?: string[];
}
/**
* A CloudFormation `AWS::LakeFormation::DataLakeSettings`
*
* The `AWS::LakeFormation::DataLakeSettings` resource is an AWS Lake Formation resource type that manages the data lake settings for your account. Note that the CloudFormation template only supports updating the `Admins` list. It does not support updating the [CreateDatabaseDefaultPermissions](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-settings.html#aws-lake-formation-api-aws-lake-formation-api-settings-DataLakeSettings) or [CreateTableDefaultPermissions](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-settings.html#aws-lake-formation-api-aws-lake-formation-api-settings-DataLakeSettings) . Those permissions can only be edited in the DataLakeSettings resource via the API.
*
* @cloudformationResource AWS::LakeFormation::DataLakeSettings
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-datalakesettings.html
*/
export declare class CfnDataLakeSettings extends cdk.CfnResource implements cdk.IInspectable {
/**
* The CloudFormation resource type name for this resource class.
*/
static readonly CFN_RESOURCE_TYPE_NAME = "AWS::LakeFormation::DataLakeSettings";
/**
* A factory method that creates a new instance of this class from an object
* containing the CloudFormation properties of this resource.
* Used in the @aws-cdk/cloudformation-include module.
*
* @internal
*/
static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnDataLakeSettings;
/**
* A list of AWS Lake Formation principals.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-datalakesettings.html#cfn-lakeformation-datalakesettings-admins
*/
admins: Array<CfnDataLakeSettings.DataLakePrincipalProperty | cdk.IResolvable> | cdk.IResolvable | cdk.IResolvable | undefined;
/**
* An array of UTF-8 strings.
*
* A list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log. You may want to specify this property when you are in a high-trust boundary, such as the same team or company.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-datalakesettings.html#cfn-lakeformation-datalakesettings-trustedresourceowners
*/
trustedResourceOwners: string[] | undefined;
/**
* Create a new `AWS::LakeFormation::DataLakeSettings`.
*
* @param scope - scope in which this resource is defined
* @param id - scoped id of the resource
* @param props - resource properties
*/
constructor(scope: constructs.Construct, id: string, props?: CfnDataLakeSettingsProps);
/**
* Examines the CloudFormation resource and discloses attributes.
*
* @param inspector - tree inspector to collect and process attributes
*
*/
inspect(inspector: cdk.TreeInspector): void;
protected get cfnProperties(): {
[key: string]: any;
};
protected renderProperties(props: {
[key: string]: any;
}): {
[key: string]: any;
};
}
export declare namespace CfnDataLakeSettings {
/**
* The Lake Formation principal.
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-datalakesettings-datalakeprincipal.html
*/
interface DataLakePrincipalProperty {
/**
* An identifier for the Lake Formation principal.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-datalakesettings-datalakeprincipal.html#cfn-lakeformation-datalakesettings-datalakeprincipal-datalakeprincipalidentifier
*/
readonly dataLakePrincipalIdentifier?: string;
}
}
/**
* Properties for defining a `CfnPermissions`
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-permissions.html
*/
export interface CfnPermissionsProps {
/**
* The AWS Lake Formation principal.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-permissions.html#cfn-lakeformation-permissions-datalakeprincipal
*/
readonly dataLakePrincipal: CfnPermissions.DataLakePrincipalProperty | cdk.IResolvable;
/**
* A structure for the resource.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-permissions.html#cfn-lakeformation-permissions-resource
*/
readonly resource: CfnPermissions.ResourceProperty | cdk.IResolvable;
/**
* The permissions granted or revoked.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-permissions.html#cfn-lakeformation-permissions-permissions
*/
readonly permissions?: string[];
/**
* Indicates the ability to grant permissions (as a subset of permissions granted).
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-permissions.html#cfn-lakeformation-permissions-permissionswithgrantoption
*/
readonly permissionsWithGrantOption?: string[];
}
/**
* A CloudFormation `AWS::LakeFormation::Permissions`
*
* The `AWS::LakeFormation::Permissions` resource represents the permissions that a principal has on an AWS Glue Data Catalog resource (such as AWS Glue database or AWS Glue tables). When you upload a permissions stack, the permissions are granted to the principal and when you remove the stack, the permissions are revoked from the principal. If you remove a stack, and the principal does not have the permissions referenced in the stack then AWS Lake Formation will throw an error because you can’t call revoke on non-existing permissions. To successfully remove the stack, you’ll need to regrant those permissions and then remove the stack.
*
* > New versions of AWS Lake Formation permission resources are now available. For more information, see: [AWS:LakeFormation::PrincipalPermissions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-principalpermissions.html)
*
* @cloudformationResource AWS::LakeFormation::Permissions
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-permissions.html
*/
export declare class CfnPermissions extends cdk.CfnResource implements cdk.IInspectable {
/**
* The CloudFormation resource type name for this resource class.
*/
static readonly CFN_RESOURCE_TYPE_NAME = "AWS::LakeFormation::Permissions";
/**
* A factory method that creates a new instance of this class from an object
* containing the CloudFormation properties of this resource.
* Used in the @aws-cdk/cloudformation-include module.
*
* @internal
*/
static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnPermissions;
/**
* The AWS Lake Formation principal.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-permissions.html#cfn-lakeformation-permissions-datalakeprincipal
*/
dataLakePrincipal: CfnPermissions.DataLakePrincipalProperty | cdk.IResolvable;
/**
* A structure for the resource.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-permissions.html#cfn-lakeformation-permissions-resource
*/
resource: CfnPermissions.ResourceProperty | cdk.IResolvable;
/**
* The permissions granted or revoked.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-permissions.html#cfn-lakeformation-permissions-permissions
*/
permissions: string[] | undefined;
/**
* Indicates the ability to grant permissions (as a subset of permissions granted).
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-permissions.html#cfn-lakeformation-permissions-permissionswithgrantoption
*/
permissionsWithGrantOption: string[] | undefined;
/**
* Create a new `AWS::LakeFormation::Permissions`.
*
* @param scope - scope in which this resource is defined
* @param id - scoped id of the resource
* @param props - resource properties
*/
constructor(scope: constructs.Construct, id: string, props: CfnPermissionsProps);
/**
* Examines the CloudFormation resource and discloses attributes.
*
* @param inspector - tree inspector to collect and process attributes
*
*/
inspect(inspector: cdk.TreeInspector): void;
protected get cfnProperties(): {
[key: string]: any;
};
protected renderProperties(props: {
[key: string]: any;
}): {
[key: string]: any;
};
}
export declare namespace CfnPermissions {
/**
* A wildcard object, consisting of an optional list of excluded column names or indexes.
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-columnwildcard.html
*/
interface ColumnWildcardProperty {
/**
* Excludes column names. Any column with this name will be excluded.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-columnwildcard.html#cfn-lakeformation-permissions-columnwildcard-excludedcolumnnames
*/
readonly excludedColumnNames?: string[];
}
}
export declare namespace CfnPermissions {
/**
* The Lake Formation principal.
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-datalakeprincipal.html
*/
interface DataLakePrincipalProperty {
/**
* An identifier for the Lake Formation principal.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-datalakeprincipal.html#cfn-lakeformation-permissions-datalakeprincipal-datalakeprincipalidentifier
*/
readonly dataLakePrincipalIdentifier?: string;
}
}
export declare namespace CfnPermissions {
/**
* A structure for a data location object where permissions are granted or revoked.
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-datalocationresource.html
*/
interface DataLocationResourceProperty {
/**
* The identifier for the Data Catalog . By default, it is the account ID of the caller.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-datalocationresource.html#cfn-lakeformation-permissions-datalocationresource-catalogid
*/
readonly catalogId?: string;
/**
* The Amazon Resource Name (ARN) that uniquely identifies the data location resource.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-datalocationresource.html#cfn-lakeformation-permissions-datalocationresource-s3resource
*/
readonly s3Resource?: string;
}
}
export declare namespace CfnPermissions {
/**
* A structure for the database object.
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-databaseresource.html
*/
interface DatabaseResourceProperty {
/**
* The identifier for the Data Catalog . By default, it is the account ID of the caller.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-databaseresource.html#cfn-lakeformation-permissions-databaseresource-catalogid
*/
readonly catalogId?: string;
/**
* The name of the database resource. Unique to the Data Catalog.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-databaseresource.html#cfn-lakeformation-permissions-databaseresource-name
*/
readonly name?: string;
}
}
export declare namespace CfnPermissions {
/**
* A structure for the resource.
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-resource.html
*/
interface ResourceProperty {
/**
* A structure for a data location object where permissions are granted or revoked.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-resource.html#cfn-lakeformation-permissions-resource-datalocationresource
*/
readonly dataLocationResource?: CfnPermissions.DataLocationResourceProperty | cdk.IResolvable;
/**
* A structure for the database object.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-resource.html#cfn-lakeformation-permissions-resource-databaseresource
*/
readonly databaseResource?: CfnPermissions.DatabaseResourceProperty | cdk.IResolvable;
/**
* A structure for the table object. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-resource.html#cfn-lakeformation-permissions-resource-tableresource
*/
readonly tableResource?: CfnPermissions.TableResourceProperty | cdk.IResolvable;
/**
* A structure for a table with columns object. This object is only used when granting a SELECT permission.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-resource.html#cfn-lakeformation-permissions-resource-tablewithcolumnsresource
*/
readonly tableWithColumnsResource?: CfnPermissions.TableWithColumnsResourceProperty | cdk.IResolvable;
}
}
export declare namespace CfnPermissions {
/**
* A structure for the table object. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-tableresource.html
*/
interface TableResourceProperty {
/**
* The identifier for the Data Catalog . By default, it is the account ID of the caller.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-tableresource.html#cfn-lakeformation-permissions-tableresource-catalogid
*/
readonly catalogId?: string;
/**
* The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-tableresource.html#cfn-lakeformation-permissions-tableresource-databasename
*/
readonly databaseName?: string;
/**
* The name of the table.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-tableresource.html#cfn-lakeformation-permissions-tableresource-name
*/
readonly name?: string;
/**
* An empty object representing all tables under a database. If this field is specified instead of the `Name` field, all tables under `DatabaseName` will have permission changes applied.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-tableresource.html#cfn-lakeformation-permissions-tableresource-tablewildcard
*/
readonly tableWildcard?: CfnPermissions.TableWildcardProperty | cdk.IResolvable;
}
}
export declare namespace CfnPermissions {
/**
* A wildcard object representing every table under a database.
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-tablewildcard.html
*/
interface TableWildcardProperty {
}
}
export declare namespace CfnPermissions {
/**
* A structure for a table with columns object. This object is only used when granting a SELECT permission.
*
* This object must take a value for at least one of `ColumnsNames` , `ColumnsIndexes` , or `ColumnsWildcard` .
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-tablewithcolumnsresource.html
*/
interface TableWithColumnsResourceProperty {
/**
* The identifier for the Data Catalog . By default, it is the account ID of the caller.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-tablewithcolumnsresource.html#cfn-lakeformation-permissions-tablewithcolumnsresource-catalogid
*/
readonly catalogId?: string;
/**
* The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-tablewithcolumnsresource.html#cfn-lakeformation-permissions-tablewithcolumnsresource-columnnames
*/
readonly columnNames?: string[];
/**
* A wildcard specified by a `ColumnWildcard` object. At least one of `ColumnNames` or `ColumnWildcard` is required.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-tablewithcolumnsresource.html#cfn-lakeformation-permissions-tablewithcolumnsresource-columnwildcard
*/
readonly columnWildcard?: CfnPermissions.ColumnWildcardProperty | cdk.IResolvable;
/**
* The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-tablewithcolumnsresource.html#cfn-lakeformation-permissions-tablewithcolumnsresource-databasename
*/
readonly databaseName?: string;
/**
* The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-permissions-tablewithcolumnsresource.html#cfn-lakeformation-permissions-tablewithcolumnsresource-name
*/
readonly name?: string;
}
}
/**
* Properties for defining a `CfnPrincipalPermissions`
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-principalpermissions.html
*/
export interface CfnPrincipalPermissionsProps {
/**
* The permissions granted or revoked.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-principalpermissions.html#cfn-lakeformation-principalpermissions-permissions
*/
readonly permissions: string[];
/**
* Indicates the ability to grant permissions (as a subset of permissions granted).
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-principalpermissions.html#cfn-lakeformation-principalpermissions-permissionswithgrantoption
*/
readonly permissionsWithGrantOption: string[];
/**
* The principal to be granted a permission.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-principalpermissions.html#cfn-lakeformation-principalpermissions-principal
*/
readonly principal: CfnPrincipalPermissions.DataLakePrincipalProperty | cdk.IResolvable;
/**
* The resource to be granted or revoked permissions.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-principalpermissions.html#cfn-lakeformation-principalpermissions-resource
*/
readonly resource: CfnPrincipalPermissions.ResourceProperty | cdk.IResolvable;
/**
* The identifier for the Data Catalog . By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-principalpermissions.html#cfn-lakeformation-principalpermissions-catalog
*/
readonly catalog?: string;
}
/**
* A CloudFormation `AWS::LakeFormation::PrincipalPermissions`
*
* The `AWS::LakeFormation::PrincipalPermissions` resource represents the permissions that a principal has on a Data Catalog resource (such as AWS Glue databases or AWS Glue tables). When you create a `PrincipalPermissions` resource, the permissions are granted via the AWS Lake Formation `GrantPermissions` API operation. When you delete a `PrincipalPermissions` resource, the permissions on principal-resource pair are revoked via the AWS Lake Formation `RevokePermissions` API operation.
*
* @cloudformationResource AWS::LakeFormation::PrincipalPermissions
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-principalpermissions.html
*/
export declare class CfnPrincipalPermissions extends cdk.CfnResource implements cdk.IInspectable {
/**
* The CloudFormation resource type name for this resource class.
*/
static readonly CFN_RESOURCE_TYPE_NAME = "AWS::LakeFormation::PrincipalPermissions";
/**
* A factory method that creates a new instance of this class from an object
* containing the CloudFormation properties of this resource.
* Used in the @aws-cdk/cloudformation-include module.
*
* @internal
*/
static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnPrincipalPermissions;
/**
* Json encoding of the input principal. For example: `{"DataLakePrincipalIdentifier":"arn:aws:iam::123456789012:role/ExampleRole"}`
* @cloudformationAttribute PrincipalIdentifier
*/
readonly attrPrincipalIdentifier: string;
/**
* Json encoding of the input resource. For example: `{"Catalog":null,"Database":null,"Table":null,"TableWithColumns":null,"DataLocation":null,"DataCellsFilter":{"TableCatalogId":"123456789012","DatabaseName":"ExampleDatabase","TableName":"ExampleTable","Name":"ExampleFilter"},"LFTag":null,"LFTagPolicy":null}`
* @cloudformationAttribute ResourceIdentifier
*/
readonly attrResourceIdentifier: string;
/**
* The permissions granted or revoked.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-principalpermissions.html#cfn-lakeformation-principalpermissions-permissions
*/
permissions: string[];
/**
* Indicates the ability to grant permissions (as a subset of permissions granted).
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-principalpermissions.html#cfn-lakeformation-principalpermissions-permissionswithgrantoption
*/
permissionsWithGrantOption: string[];
/**
* The principal to be granted a permission.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-principalpermissions.html#cfn-lakeformation-principalpermissions-principal
*/
principal: CfnPrincipalPermissions.DataLakePrincipalProperty | cdk.IResolvable;
/**
* The resource to be granted or revoked permissions.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-principalpermissions.html#cfn-lakeformation-principalpermissions-resource
*/
resource: CfnPrincipalPermissions.ResourceProperty | cdk.IResolvable;
/**
* The identifier for the Data Catalog . By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lakeformation-principalpermissions.html#cfn-lakeformation-principalpermissions-catalog
*/
catalog: string | undefined;
/**
* Create a new `AWS::LakeFormation::PrincipalPermissions`.
*
* @param scope - scope in which this resource is defined
* @param id - scoped id of the resource
* @param props - resource properties
*/
constructor(scope: constructs.Construct, id: string, props: CfnPrincipalPermissionsProps);
/**
* Examines the CloudFormation resource and discloses attributes.
*
* @param inspector - tree inspector to collect and process attributes
*
*/
inspect(inspector: cdk.TreeInspector): void;
protected get cfnProperties(): {
[key: string]: any;
};
protected renderProperties(props: {
[key: string]: any;
}): {
[key: string]: any;
};
}
export declare namespace CfnPrincipalPermissions {
/**
* A wildcard object, consisting of an optional list of excluded column names or indexes.
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-columnwildcard.html
*/
interface ColumnWildcardProperty {
/**
* Excludes column names. Any column with this name will be excluded.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-columnwildcard.html#cfn-lakeformation-principalpermissions-columnwildcard-excludedcolumnnames
*/
readonly excludedColumnNames?: string[];
}
}
export declare namespace CfnPrincipalPermissions {
/**
* A structure that describes certain columns on certain rows.
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-datacellsfilterresource.html
*/
interface DataCellsFilterResourceProperty {
/**
* A database in the Data Catalog .
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-datacellsfilterresource.html#cfn-lakeformation-principalpermissions-datacellsfilterresource-databasename
*/
readonly databaseName: string;
/**
* The name given by the user to the data filter cell.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-datacellsfilterresource.html#cfn-lakeformation-principalpermissions-datacellsfilterresource-name
*/
readonly name: string;
/**
* The ID of the catalog to which the table belongs.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-datacellsfilterresource.html#cfn-lakeformation-principalpermissions-datacellsfilterresource-tablecatalogid
*/
readonly tableCatalogId: string;
/**
* The name of the table.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-datacellsfilterresource.html#cfn-lakeformation-principalpermissions-datacellsfilterresource-tablename
*/
readonly tableName: string;
}
}
export declare namespace CfnPrincipalPermissions {
/**
* The AWS Lake Formation principal.
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-datalakeprincipal.html
*/
interface DataLakePrincipalProperty {
/**
* An identifier for the AWS Lake Formation principal.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-datalakeprincipal.html#cfn-lakeformation-principalpermissions-datalakeprincipal-datalakeprincipalidentifier
*/
readonly dataLakePrincipalIdentifier?: string;
}
}
export declare namespace CfnPrincipalPermissions {
/**
* A structure for a data location object where permissions are granted or revoked.
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-datalocationresource.html
*/
interface DataLocationResourceProperty {
/**
* The identifier for the Data Catalog where the location is registered with AWS Lake Formation .
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-datalocationresource.html#cfn-lakeformation-principalpermissions-datalocationresource-catalogid
*/
readonly catalogId: string;
/**
* The Amazon Resource Name (ARN) that uniquely identifies the data location resource.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-datalocationresource.html#cfn-lakeformation-principalpermissions-datalocationresource-resourcearn
*/
readonly resourceArn: string;
}
}
export declare namespace CfnPrincipalPermissions {
/**
* A structure for the database object.
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-databaseresource.html
*/
interface DatabaseResourceProperty {
/**
* The identifier for the Data Catalog. By default, it is the account ID of the caller.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-databaseresource.html#cfn-lakeformation-principalpermissions-databaseresource-catalogid
*/
readonly catalogId: string;
/**
* The name of the database resource. Unique to the Data Catalog.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-databaseresource.html#cfn-lakeformation-principalpermissions-databaseresource-name
*/
readonly name: string;
}
}
export declare namespace CfnPrincipalPermissions {
/**
* The LF-tag key and values attached to a resource.
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-lftag.html
*/
interface LFTagProperty {
/**
* The key-name for the LF-tag.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-lftag.html#cfn-lakeformation-principalpermissions-lftag-tagkey
*/
readonly tagKey?: string;
/**
* A list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-lftag.html#cfn-lakeformation-principalpermissions-lftag-tagvalues
*/
readonly tagValues?: string[];
}
}
export declare namespace CfnPrincipalPermissions {
/**
* A structure containing an LF-tag key and values for a resource.
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-lftagkeyresource.html
*/
interface LFTagKeyResourceProperty {
/**
* The identifier for the Data Catalog where the location is registered with Data Catalog .
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-lftagkeyresource.html#cfn-lakeformation-principalpermissions-lftagkeyresource-catalogid
*/
readonly catalogId: string;
/**
* The key-name for the LF-tag.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-lftagkeyresource.html#cfn-lakeformation-principalpermissions-lftagkeyresource-tagkey
*/
readonly tagKey: string;
/**
* A list of possible values for the corresponding `TagKey` of an LF-tag key-value pair.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-lftagkeyresource.html#cfn-lakeformation-principalpermissions-lftagkeyresource-tagvalues
*/
readonly tagValues: string[];
}
}
export declare namespace CfnPrincipalPermissions {
/**
* A list of LF-tag conditions that define a resource's LF-tag policy.
*
* A structure that allows an admin to grant user permissions on certain conditions. For example, granting a role access to all columns that do not have the LF-tag 'PII' in tables that have the LF-tag 'Prod'.
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-lftagpolicyresource.html
*/
interface LFTagPolicyResourceProperty {
/**
* The identifier for the Data Catalog . The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-lftagpolicyresource.html#cfn-lakeformation-principalpermissions-lftagpolicyresource-catalogid
*/
readonly catalogId: string;
/**
* A list of LF-tag conditions that apply to the resource's LF-tag policy.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-lftagpolicyresource.html#cfn-lakeformation-principalpermissions-lftagpolicyresource-expression
*/
readonly expression: Array<CfnPrincipalPermissions.LFTagProperty | cdk.IResolvable> | cdk.IResolvable;
/**
* The resource type for which the LF-tag policy applies.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-lftagpolicyresource.html#cfn-lakeformation-principalpermissions-lftagpolicyresource-resourcetype
*/
readonly resourceType: string;
}
}
export declare namespace CfnPrincipalPermissions {
/**
* A structure for the resource.
*
* @struct
* @stability external
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-resource.html
*/
interface ResourceProperty {
/**
* The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-resource.html#cfn-lakeformation-principalpermissions-resource-catalog
*/
readonly catalog?: any | cdk.IResolvable;
/**
* A data cell filter.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-principalpermissions-resource.html#cfn-lakeformation-principalpermissions-res