Class CfnPrincipalPermissions
The AWS::LakeFormation::PrincipalPermissions
resource represents the permissions that a principal has on a Data Catalog resource (such as AWS Glue databases or AWS Glue tables).
Implements
Inherited Members
Namespace: Amazon.CDK.AWS.LakeFormation
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class CfnPrincipalPermissions : CfnResource, IInspectable
Syntax (vb)
Public Class CfnPrincipalPermissions
Inherits CfnResource
Implements IInspectable
Remarks
When you create a PrincipalPermissions
resource, the permissions are granted via the AWS Lake Formation GrantPermissions
API operation. When you delete a PrincipalPermissions
resource, the permissions on principal-resource pair are revoked via the AWS Lake Formation RevokePermissions
API operation.
CloudformationResource: AWS::LakeFormation::PrincipalPermissions
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.LakeFormation;
var catalog;
var tableWildcard;
var cfnPrincipalPermissions = new CfnPrincipalPermissions(this, "MyCfnPrincipalPermissions", new CfnPrincipalPermissionsProps {
Permissions = new [] { "permissions" },
PermissionsWithGrantOption = new [] { "permissionsWithGrantOption" },
Principal = new DataLakePrincipalProperty {
DataLakePrincipalIdentifier = "dataLakePrincipalIdentifier"
},
Resource = new ResourceProperty {
Catalog = catalog,
Database = new DatabaseResourceProperty {
CatalogId = "catalogId",
Name = "name"
},
DataCellsFilter = new DataCellsFilterResourceProperty {
DatabaseName = "databaseName",
Name = "name",
TableCatalogId = "tableCatalogId",
TableName = "tableName"
},
DataLocation = new DataLocationResourceProperty {
CatalogId = "catalogId",
ResourceArn = "resourceArn"
},
LfTag = new LFTagKeyResourceProperty {
CatalogId = "catalogId",
TagKey = "tagKey",
TagValues = new [] { "tagValues" }
},
LfTagPolicy = new LFTagPolicyResourceProperty {
CatalogId = "catalogId",
Expression = new [] { new LFTagProperty {
TagKey = "tagKey",
TagValues = new [] { "tagValues" }
} },
ResourceType = "resourceType"
},
Table = new TableResourceProperty {
CatalogId = "catalogId",
DatabaseName = "databaseName",
// the properties below are optional
Name = "name",
TableWildcard = tableWildcard
},
TableWithColumns = new TableWithColumnsResourceProperty {
CatalogId = "catalogId",
DatabaseName = "databaseName",
Name = "name",
// the properties below are optional
ColumnNames = new [] { "columnNames" },
ColumnWildcard = new ColumnWildcardProperty {
ExcludedColumnNames = new [] { "excludedColumnNames" }
}
}
},
// the properties below are optional
Catalog = "catalog"
});
Synopsis
Constructors
CfnPrincipalPermissions(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
CfnPrincipalPermissions(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
CfnPrincipalPermissions(Construct, String, ICfnPrincipalPermissionsProps) |
Properties
AttrPrincipalIdentifier | Json encoding of the input principal. |
AttrResourceIdentifier | Json encoding of the input resource. |
Catalog | The identifier for the Data Catalog . |
CFN_RESOURCE_TYPE_NAME | The CloudFormation resource type name for this resource class. |
CfnProperties | |
Permissions | The permissions granted or revoked. |
PermissionsWithGrantOption | Indicates the ability to grant permissions (as a subset of permissions granted). |
Principal | The principal to be granted a permission. |
Resource | The resource to be granted or revoked permissions. |
Methods
Inspect(TreeInspector) | Examines the CloudFormation resource and discloses attributes. |
RenderProperties(IDictionary<String, Object>) |
Constructors
CfnPrincipalPermissions(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected CfnPrincipalPermissions(ByRefValue reference)
Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
CfnPrincipalPermissions(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected CfnPrincipalPermissions(DeputyBase.DeputyProps props)
Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
CfnPrincipalPermissions(Construct, String, ICfnPrincipalPermissionsProps)
public CfnPrincipalPermissions(Construct scope, string id, ICfnPrincipalPermissionsProps props)
Parameters
- scope Constructs.Construct
Scope in which this resource is defined.
- id System.String
Construct identifier for this resource (unique in its scope).
- props ICfnPrincipalPermissionsProps
Resource properties.
Properties
AttrPrincipalIdentifier
Json encoding of the input principal.
public virtual string AttrPrincipalIdentifier { get; }
Property Value
System.String
Remarks
For example: {"DataLakePrincipalIdentifier":"arn:aws:iam::123456789012:role/ExampleRole"}
CloudformationAttribute: PrincipalIdentifier
AttrResourceIdentifier
Json encoding of the input resource.
public virtual string AttrResourceIdentifier { get; }
Property Value
System.String
Remarks
For example: {"Catalog":null,"Database":null,"Table":null,"TableWithColumns":null,"DataLocation":null,"DataCellsFilter":{"TableCatalogId":"123456789012","DatabaseName":"ExampleDatabase","TableName":"ExampleTable","Name":"ExampleFilter"},"LFTag":null,"LFTagPolicy":null}
CloudformationAttribute: ResourceIdentifier
Catalog
The identifier for the Data Catalog .
public virtual string Catalog { get; set; }
Property Value
System.String
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
public static string CFN_RESOURCE_TYPE_NAME { get; }
Property Value
System.String
CfnProperties
protected override IDictionary<string, object> CfnProperties { get; }
Property Value
System.Collections.Generic.IDictionary<System.String, System.Object>
Overrides
Permissions
The permissions granted or revoked.
public virtual string[] Permissions { get; set; }
Property Value
System.String[]
PermissionsWithGrantOption
Indicates the ability to grant permissions (as a subset of permissions granted).
public virtual string[] PermissionsWithGrantOption { get; set; }
Property Value
System.String[]
Principal
The principal to be granted a permission.
public virtual object Principal { get; set; }
Property Value
System.Object
Resource
The resource to be granted or revoked permissions.
public virtual object Resource { get; set; }
Property Value
System.Object
Methods
Inspect(TreeInspector)
Examines the CloudFormation resource and discloses attributes.
public virtual void Inspect(TreeInspector inspector)
Parameters
- inspector TreeInspector
tree inspector to collect and process attributes.
RenderProperties(IDictionary<String, Object>)
protected override IDictionary<string, object> RenderProperties(IDictionary<string, object> props)
Parameters
- props System.Collections.Generic.IDictionary<System.String, System.Object>
Returns
System.Collections.Generic.IDictionary<System.String, System.Object>