com.amazonaws.services.lakeformation.model

Class DataLakeSettings

java.lang.Object

com.amazonaws.services.lakeformation.model.DataLakeSettings

All Implemented Interfaces:

StructuredPojo, Serializable, Cloneable

@Generated(value="com.amazonaws:aws-java-sdk-code-generator")
public class DataLakeSettings
extends Object
implements Serializable, Cloneable, StructuredPojo

A structure representing a list of Lake Formation principals designated as data lake administrators and lists of principal permission entries for default create database and default create table permissions.

See Also:

AWS API Documentation, Serialized Form

Constructor Summary

Constructors

Constructor and Description
DataLakeSettings()

Method Summary

Modifier and Type	Method and Description
DataLakeSettings	addParametersEntry(String key, String value) Add a single Parameters entry
DataLakeSettings	clearParametersEntries() Removes all the entries added into Parameters.
DataLakeSettings	clone()
boolean	equals(Object obj)
Boolean	getAllowExternalDataFiltering() Whether to allow Amazon EMR clusters to access data managed by Lake Formation.
Boolean	getAllowFullTableExternalDataAccess() Whether to allow a third-party query engine to get data access credentials without session tags when a caller has full data access permissions.
List<String>	getAuthorizedSessionTagValueList() Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it.
List<PrincipalPermissions>	getCreateDatabaseDefaultPermissions() Specifies whether access control on newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.
List<PrincipalPermissions>	getCreateTableDefaultPermissions() Specifies whether access control on newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.
List<DataLakePrincipal>	getDataLakeAdmins() A list of Lake Formation principals.
List<DataLakePrincipal>	getExternalDataFilteringAllowList() A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.>
Map<String,String>	getParameters() A key-value map that provides an additional configuration on your data lake.
List<DataLakePrincipal>	getReadOnlyAdmins() A list of Lake Formation principals with only view access to the resources, without the ability to make changes.
List<String>	getTrustedResourceOwners() A list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs).
int	hashCode()
Boolean	isAllowExternalDataFiltering() Whether to allow Amazon EMR clusters to access data managed by Lake Formation.
Boolean	isAllowFullTableExternalDataAccess() Whether to allow a third-party query engine to get data access credentials without session tags when a caller has full data access permissions.
void	marshall(ProtocolMarshaller protocolMarshaller) Marshalls this structured data using the given ProtocolMarshaller.
void	setAllowExternalDataFiltering(Boolean allowExternalDataFiltering) Whether to allow Amazon EMR clusters to access data managed by Lake Formation.
void	setAllowFullTableExternalDataAccess(Boolean allowFullTableExternalDataAccess) Whether to allow a third-party query engine to get data access credentials without session tags when a caller has full data access permissions.
void	setAuthorizedSessionTagValueList(Collection<String> authorizedSessionTagValueList) Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it.
void	setCreateDatabaseDefaultPermissions(Collection<PrincipalPermissions> createDatabaseDefaultPermissions) Specifies whether access control on newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.
void	setCreateTableDefaultPermissions(Collection<PrincipalPermissions> createTableDefaultPermissions) Specifies whether access control on newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.
void	setDataLakeAdmins(Collection<DataLakePrincipal> dataLakeAdmins) A list of Lake Formation principals.
void	setExternalDataFilteringAllowList(Collection<DataLakePrincipal> externalDataFilteringAllowList) A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.>
void	setParameters(Map<String,String> parameters) A key-value map that provides an additional configuration on your data lake.
void	setReadOnlyAdmins(Collection<DataLakePrincipal> readOnlyAdmins) A list of Lake Formation principals with only view access to the resources, without the ability to make changes.
void	setTrustedResourceOwners(Collection<String> trustedResourceOwners) A list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs).
String	toString() Returns a string representation of this object.
DataLakeSettings	withAllowExternalDataFiltering(Boolean allowExternalDataFiltering) Whether to allow Amazon EMR clusters to access data managed by Lake Formation.
DataLakeSettings	withAllowFullTableExternalDataAccess(Boolean allowFullTableExternalDataAccess) Whether to allow a third-party query engine to get data access credentials without session tags when a caller has full data access permissions.
DataLakeSettings	withAuthorizedSessionTagValueList(Collection<String> authorizedSessionTagValueList) Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it.
DataLakeSettings	withAuthorizedSessionTagValueList(String... authorizedSessionTagValueList) Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it.
DataLakeSettings	withCreateDatabaseDefaultPermissions(Collection<PrincipalPermissions> createDatabaseDefaultPermissions) Specifies whether access control on newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.
DataLakeSettings	withCreateDatabaseDefaultPermissions(PrincipalPermissions... createDatabaseDefaultPermissions) Specifies whether access control on newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.
DataLakeSettings	withCreateTableDefaultPermissions(Collection<PrincipalPermissions> createTableDefaultPermissions) Specifies whether access control on newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.
DataLakeSettings	withCreateTableDefaultPermissions(PrincipalPermissions... createTableDefaultPermissions) Specifies whether access control on newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.
DataLakeSettings	withDataLakeAdmins(Collection<DataLakePrincipal> dataLakeAdmins) A list of Lake Formation principals.
DataLakeSettings	withDataLakeAdmins(DataLakePrincipal... dataLakeAdmins) A list of Lake Formation principals.
DataLakeSettings	withExternalDataFilteringAllowList(Collection<DataLakePrincipal> externalDataFilteringAllowList) A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.>
DataLakeSettings	withExternalDataFilteringAllowList(DataLakePrincipal... externalDataFilteringAllowList) A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.>
DataLakeSettings	withParameters(Map<String,String> parameters) A key-value map that provides an additional configuration on your data lake.
DataLakeSettings	withReadOnlyAdmins(Collection<DataLakePrincipal> readOnlyAdmins) A list of Lake Formation principals with only view access to the resources, without the ability to make changes.
DataLakeSettings	withReadOnlyAdmins(DataLakePrincipal... readOnlyAdmins) A list of Lake Formation principals with only view access to the resources, without the ability to make changes.
DataLakeSettings	withTrustedResourceOwners(Collection<String> trustedResourceOwners) A list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs).
DataLakeSettings	withTrustedResourceOwners(String... trustedResourceOwners) A list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs).

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

DataLakeSettings

public DataLakeSettings()

Method Detail

getDataLakeAdmins

public List<DataLakePrincipal> getDataLakeAdmins()

A list of Lake Formation principals. Supported principals are IAM users or IAM roles.

Returns:

A list of Lake Formation principals. Supported principals are IAM users or IAM roles.

setDataLakeAdmins

public void setDataLakeAdmins(Collection<DataLakePrincipal> dataLakeAdmins)

A list of Lake Formation principals. Supported principals are IAM users or IAM roles.

Parameters:

dataLakeAdmins - A list of Lake Formation principals. Supported principals are IAM users or IAM roles.

withDataLakeAdmins

public DataLakeSettings withDataLakeAdmins(DataLakePrincipal... dataLakeAdmins)

A list of Lake Formation principals. Supported principals are IAM users or IAM roles.

NOTE: This method appends the values to the existing list (if any). Use setDataLakeAdmins(java.util.Collection) or withDataLakeAdmins(java.util.Collection) if you want to override the existing values.

Parameters:

dataLakeAdmins - A list of Lake Formation principals. Supported principals are IAM users or IAM roles.

Returns:

Returns a reference to this object so that method calls can be chained together.

withDataLakeAdmins

public DataLakeSettings withDataLakeAdmins(Collection<DataLakePrincipal> dataLakeAdmins)

A list of Lake Formation principals. Supported principals are IAM users or IAM roles.

Parameters:

dataLakeAdmins - A list of Lake Formation principals. Supported principals are IAM users or IAM roles.

Returns:

Returns a reference to this object so that method calls can be chained together.

getReadOnlyAdmins

public List<DataLakePrincipal> getReadOnlyAdmins()

A list of Lake Formation principals with only view access to the resources, without the ability to make changes. Supported principals are IAM users or IAM roles.

Returns:

A list of Lake Formation principals with only view access to the resources, without the ability to make changes. Supported principals are IAM users or IAM roles.

setReadOnlyAdmins

public void setReadOnlyAdmins(Collection<DataLakePrincipal> readOnlyAdmins)

A list of Lake Formation principals with only view access to the resources, without the ability to make changes. Supported principals are IAM users or IAM roles.

Parameters:

readOnlyAdmins - A list of Lake Formation principals with only view access to the resources, without the ability to make changes. Supported principals are IAM users or IAM roles.

withReadOnlyAdmins

public DataLakeSettings withReadOnlyAdmins(DataLakePrincipal... readOnlyAdmins)

A list of Lake Formation principals with only view access to the resources, without the ability to make changes. Supported principals are IAM users or IAM roles.

NOTE: This method appends the values to the existing list (if any). Use setReadOnlyAdmins(java.util.Collection) or withReadOnlyAdmins(java.util.Collection) if you want to override the existing values.

Parameters:

readOnlyAdmins - A list of Lake Formation principals with only view access to the resources, without the ability to make changes. Supported principals are IAM users or IAM roles.

Returns:

Returns a reference to this object so that method calls can be chained together.

withReadOnlyAdmins

public DataLakeSettings withReadOnlyAdmins(Collection<DataLakePrincipal> readOnlyAdmins)

A list of Lake Formation principals with only view access to the resources, without the ability to make changes. Supported principals are IAM users or IAM roles.

Parameters:

readOnlyAdmins - A list of Lake Formation principals with only view access to the resources, without the ability to make changes. Supported principals are IAM users or IAM roles.

Returns:

Returns a reference to this object so that method calls can be chained together.

getCreateDatabaseDefaultPermissions

public List<PrincipalPermissions> getCreateDatabaseDefaultPermissions()

Specifies whether access control on newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

Returns:

Specifies whether access control on newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

setCreateDatabaseDefaultPermissions

public void setCreateDatabaseDefaultPermissions(Collection<PrincipalPermissions> createDatabaseDefaultPermissions)

Specifies whether access control on newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

Parameters:

createDatabaseDefaultPermissions - Specifies whether access control on newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

withCreateDatabaseDefaultPermissions

public DataLakeSettings withCreateDatabaseDefaultPermissions(PrincipalPermissions... createDatabaseDefaultPermissions)

Specifies whether access control on newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

NOTE: This method appends the values to the existing list (if any). Use setCreateDatabaseDefaultPermissions(java.util.Collection) or withCreateDatabaseDefaultPermissions(java.util.Collection) if you want to override the existing values.

Parameters:

createDatabaseDefaultPermissions - Specifies whether access control on newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

Returns:

Returns a reference to this object so that method calls can be chained together.

withCreateDatabaseDefaultPermissions

public DataLakeSettings withCreateDatabaseDefaultPermissions(Collection<PrincipalPermissions> createDatabaseDefaultPermissions)

Specifies whether access control on newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

Parameters:

createDatabaseDefaultPermissions - Specifies whether access control on newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

Returns:

Returns a reference to this object so that method calls can be chained together.

getCreateTableDefaultPermissions

public List<PrincipalPermissions> getCreateTableDefaultPermissions()

Specifies whether access control on newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

Returns:

Specifies whether access control on newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

setCreateTableDefaultPermissions

public void setCreateTableDefaultPermissions(Collection<PrincipalPermissions> createTableDefaultPermissions)

Specifies whether access control on newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

Parameters:

createTableDefaultPermissions - Specifies whether access control on newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

withCreateTableDefaultPermissions

public DataLakeSettings withCreateTableDefaultPermissions(PrincipalPermissions... createTableDefaultPermissions)

Specifies whether access control on newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

NOTE: This method appends the values to the existing list (if any). Use setCreateTableDefaultPermissions(java.util.Collection) or withCreateTableDefaultPermissions(java.util.Collection) if you want to override the existing values.

Parameters:

createTableDefaultPermissions - Specifies whether access control on newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

Returns:

Returns a reference to this object so that method calls can be chained together.

withCreateTableDefaultPermissions

public DataLakeSettings withCreateTableDefaultPermissions(Collection<PrincipalPermissions> createTableDefaultPermissions)

Specifies whether access control on newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

Parameters:

createTableDefaultPermissions - Specifies whether access control on newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

Returns:

Returns a reference to this object so that method calls can be chained together.

getParameters

public Map<String,String> getParameters()

A key-value map that provides an additional configuration on your data lake. CROSS_ACCOUNT_VERSION is the key you can configure in the Parameters field. Accepted values for the CrossAccountVersion key are 1, 2, 3, and 4.

Returns:

A key-value map that provides an additional configuration on your data lake. CROSS_ACCOUNT_VERSION is the key you can configure in the Parameters field. Accepted values for the CrossAccountVersion key are 1, 2, 3, and 4.

setParameters

public void setParameters(Map<String,String> parameters)

A key-value map that provides an additional configuration on your data lake. CROSS_ACCOUNT_VERSION is the key you can configure in the Parameters field. Accepted values for the CrossAccountVersion key are 1, 2, 3, and 4.

Parameters:

parameters - A key-value map that provides an additional configuration on your data lake. CROSS_ACCOUNT_VERSION is the key you can configure in the Parameters field. Accepted values for the CrossAccountVersion key are 1, 2, 3, and 4.

withParameters

public DataLakeSettings withParameters(Map<String,String> parameters)

A key-value map that provides an additional configuration on your data lake. CROSS_ACCOUNT_VERSION is the key you can configure in the Parameters field. Accepted values for the CrossAccountVersion key are 1, 2, 3, and 4.

Parameters:

parameters - A key-value map that provides an additional configuration on your data lake. CROSS_ACCOUNT_VERSION is the key you can configure in the Parameters field. Accepted values for the CrossAccountVersion key are 1, 2, 3, and 4.

Returns:

Returns a reference to this object so that method calls can be chained together.

addParametersEntry

public DataLakeSettings addParametersEntry(String key,
                                           String value)

Add a single Parameters entry

See Also:

withParameters(java.util.Map<java.lang.String, java.lang.String>)

clearParametersEntries

public DataLakeSettings clearParametersEntries()

Removes all the entries added into Parameters.

Returns:

Returns a reference to this object so that method calls can be chained together.

getTrustedResourceOwners

public List<String> getTrustedResourceOwners()

A list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log.

You may want to specify this property when you are in a high-trust boundary, such as the same team or company.

Returns:

A list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log.

You may want to specify this property when you are in a high-trust boundary, such as the same team or company.

setTrustedResourceOwners

public void setTrustedResourceOwners(Collection<String> trustedResourceOwners)

A list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log.

You may want to specify this property when you are in a high-trust boundary, such as the same team or company.

Parameters:

trustedResourceOwners - A list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log.

You may want to specify this property when you are in a high-trust boundary, such as the same team or company.

withTrustedResourceOwners

public DataLakeSettings withTrustedResourceOwners(String... trustedResourceOwners)

A list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log.

You may want to specify this property when you are in a high-trust boundary, such as the same team or company.

NOTE: This method appends the values to the existing list (if any). Use setTrustedResourceOwners(java.util.Collection) or withTrustedResourceOwners(java.util.Collection) if you want to override the existing values.

Parameters:

trustedResourceOwners - A list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log.

You may want to specify this property when you are in a high-trust boundary, such as the same team or company.

Returns:

Returns a reference to this object so that method calls can be chained together.

withTrustedResourceOwners

public DataLakeSettings withTrustedResourceOwners(Collection<String> trustedResourceOwners)

A list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log.

You may want to specify this property when you are in a high-trust boundary, such as the same team or company.

Parameters:

trustedResourceOwners - A list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log.

You may want to specify this property when you are in a high-trust boundary, such as the same team or company.

Returns:

Returns a reference to this object so that method calls can be chained together.

setAllowExternalDataFiltering

public void setAllowExternalDataFiltering(Boolean allowExternalDataFiltering)

Whether to allow Amazon EMR clusters to access data managed by Lake Formation.

If true, you allow Amazon EMR clusters to access data in Amazon S3 locations that are registered with Lake Formation.

If false or null, no Amazon EMR clusters will be able to access data in Amazon S3 locations that are registered with Lake Formation.

For more information, see (Optional) Allow external data filtering.

Parameters:

allowExternalDataFiltering - Whether to allow Amazon EMR clusters to access data managed by Lake Formation.

If true, you allow Amazon EMR clusters to access data in Amazon S3 locations that are registered with Lake Formation.

If false or null, no Amazon EMR clusters will be able to access data in Amazon S3 locations that are registered with Lake Formation.

For more information, see (Optional) Allow external data filtering.

getAllowExternalDataFiltering

public Boolean getAllowExternalDataFiltering()

Whether to allow Amazon EMR clusters to access data managed by Lake Formation.

If true, you allow Amazon EMR clusters to access data in Amazon S3 locations that are registered with Lake Formation.

If false or null, no Amazon EMR clusters will be able to access data in Amazon S3 locations that are registered with Lake Formation.

For more information, see (Optional) Allow external data filtering.

Returns:

Whether to allow Amazon EMR clusters to access data managed by Lake Formation.

If true, you allow Amazon EMR clusters to access data in Amazon S3 locations that are registered with Lake Formation.

If false or null, no Amazon EMR clusters will be able to access data in Amazon S3 locations that are registered with Lake Formation.

For more information, see (Optional) Allow external data filtering.

withAllowExternalDataFiltering

public DataLakeSettings withAllowExternalDataFiltering(Boolean allowExternalDataFiltering)

Whether to allow Amazon EMR clusters to access data managed by Lake Formation.

If true, you allow Amazon EMR clusters to access data in Amazon S3 locations that are registered with Lake Formation.

If false or null, no Amazon EMR clusters will be able to access data in Amazon S3 locations that are registered with Lake Formation.

For more information, see (Optional) Allow external data filtering.

Parameters:

allowExternalDataFiltering - Whether to allow Amazon EMR clusters to access data managed by Lake Formation.

If true, you allow Amazon EMR clusters to access data in Amazon S3 locations that are registered with Lake Formation.

If false or null, no Amazon EMR clusters will be able to access data in Amazon S3 locations that are registered with Lake Formation.

For more information, see (Optional) Allow external data filtering.

Returns:

Returns a reference to this object so that method calls can be chained together.

isAllowExternalDataFiltering

public Boolean isAllowExternalDataFiltering()

Whether to allow Amazon EMR clusters to access data managed by Lake Formation.

If true, you allow Amazon EMR clusters to access data in Amazon S3 locations that are registered with Lake Formation.

If false or null, no Amazon EMR clusters will be able to access data in Amazon S3 locations that are registered with Lake Formation.

For more information, see (Optional) Allow external data filtering.

Returns:

Whether to allow Amazon EMR clusters to access data managed by Lake Formation.

If true, you allow Amazon EMR clusters to access data in Amazon S3 locations that are registered with Lake Formation.

If false or null, no Amazon EMR clusters will be able to access data in Amazon S3 locations that are registered with Lake Formation.

For more information, see (Optional) Allow external data filtering.

setAllowFullTableExternalDataAccess

public void setAllowFullTableExternalDataAccess(Boolean allowFullTableExternalDataAccess)

Whether to allow a third-party query engine to get data access credentials without session tags when a caller has full data access permissions.

Parameters:

allowFullTableExternalDataAccess - Whether to allow a third-party query engine to get data access credentials without session tags when a caller has full data access permissions.

getAllowFullTableExternalDataAccess

public Boolean getAllowFullTableExternalDataAccess()

Whether to allow a third-party query engine to get data access credentials without session tags when a caller has full data access permissions.

Returns:

Whether to allow a third-party query engine to get data access credentials without session tags when a caller has full data access permissions.

withAllowFullTableExternalDataAccess

public DataLakeSettings withAllowFullTableExternalDataAccess(Boolean allowFullTableExternalDataAccess)

Whether to allow a third-party query engine to get data access credentials without session tags when a caller has full data access permissions.

Parameters:

allowFullTableExternalDataAccess - Whether to allow a third-party query engine to get data access credentials without session tags when a caller has full data access permissions.

Returns:

Returns a reference to this object so that method calls can be chained together.

isAllowFullTableExternalDataAccess

public Boolean isAllowFullTableExternalDataAccess()

Whether to allow a third-party query engine to get data access credentials without session tags when a caller has full data access permissions.

Returns:

Whether to allow a third-party query engine to get data access credentials without session tags when a caller has full data access permissions.

getExternalDataFilteringAllowList

public List<DataLakePrincipal> getExternalDataFilteringAllowList()

A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.>

Returns:

A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.>

setExternalDataFilteringAllowList

public void setExternalDataFilteringAllowList(Collection<DataLakePrincipal> externalDataFilteringAllowList)

A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.>

Parameters:

externalDataFilteringAllowList - A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.>

withExternalDataFilteringAllowList

public DataLakeSettings withExternalDataFilteringAllowList(DataLakePrincipal... externalDataFilteringAllowList)

A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.>

NOTE: This method appends the values to the existing list (if any). Use setExternalDataFilteringAllowList(java.util.Collection) or withExternalDataFilteringAllowList(java.util.Collection) if you want to override the existing values.

Parameters:

externalDataFilteringAllowList - A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.>

Returns:

Returns a reference to this object so that method calls can be chained together.

withExternalDataFilteringAllowList

public DataLakeSettings withExternalDataFilteringAllowList(Collection<DataLakePrincipal> externalDataFilteringAllowList)

A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.>

Parameters:

externalDataFilteringAllowList - A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.>

Returns:

Returns a reference to this object so that method calls can be chained together.

getAuthorizedSessionTagValueList

public List<String> getAuthorizedSessionTagValueList()

Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. Lake Formation will publish the acceptable key-value pair, for example key = "LakeFormationTrustedCaller" and value = "TRUE" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation's administrative APIs.

Returns:

Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. Lake Formation will publish the acceptable key-value pair, for example key = "LakeFormationTrustedCaller" and value = "TRUE" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation's administrative APIs.

setAuthorizedSessionTagValueList

public void setAuthorizedSessionTagValueList(Collection<String> authorizedSessionTagValueList)

Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. Lake Formation will publish the acceptable key-value pair, for example key = "LakeFormationTrustedCaller" and value = "TRUE" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation's administrative APIs.

Parameters:

authorizedSessionTagValueList - Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. Lake Formation will publish the acceptable key-value pair, for example key = "LakeFormationTrustedCaller" and value = "TRUE" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation's administrative APIs.

withAuthorizedSessionTagValueList

public DataLakeSettings withAuthorizedSessionTagValueList(String... authorizedSessionTagValueList)

Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. Lake Formation will publish the acceptable key-value pair, for example key = "LakeFormationTrustedCaller" and value = "TRUE" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation's administrative APIs.

NOTE: This method appends the values to the existing list (if any). Use setAuthorizedSessionTagValueList(java.util.Collection) or withAuthorizedSessionTagValueList(java.util.Collection) if you want to override the existing values.

Parameters:

authorizedSessionTagValueList - Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. Lake Formation will publish the acceptable key-value pair, for example key = "LakeFormationTrustedCaller" and value = "TRUE" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation's administrative APIs.

Returns:

Returns a reference to this object so that method calls can be chained together.

withAuthorizedSessionTagValueList

public DataLakeSettings withAuthorizedSessionTagValueList(Collection<String> authorizedSessionTagValueList)

Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. Lake Formation will publish the acceptable key-value pair, for example key = "LakeFormationTrustedCaller" and value = "TRUE" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation's administrative APIs.

Parameters:

authorizedSessionTagValueList - Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. Lake Formation will publish the acceptable key-value pair, for example key = "LakeFormationTrustedCaller" and value = "TRUE" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation's administrative APIs.

Returns:

Returns a reference to this object so that method calls can be chained together.

toString

public String toString()

Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.

Overrides:

toString in class Object

Returns:

A string representation of this object.

See Also:

Object.toString()

equals

public boolean equals(Object obj)

Overrides:

equals in class Object

hashCode

public int hashCode()

Overrides:

hashCode in class Object

clone

public DataLakeSettings clone()

Overrides:

clone in class Object

marshall

public void marshall(ProtocolMarshaller protocolMarshaller)

Description copied from interface: StructuredPojo

Marshalls this structured data using the given ProtocolMarshaller.

Specified by:

marshall in interface StructuredPojo

Parameters:

protocolMarshaller - Implementation of ProtocolMarshaller used to marshall this object's data.