DescribeLakeFormationIdentityCenterConfiguration - Lake Formation
Request SyntaxRequest ParametersResponse SyntaxResponse ElementsErrorsExamplesSee Also

DescribeLakeFormationIdentityCenterConfiguration

Retrieves the instance ARN and application ARN for the connection.

Request Syntax

{
   "CatalogId": "string"
}

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

CatalogId

The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 255.

Pattern: [\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\t]*

Required: No

Response Syntax

{
   "ApplicationArn": "string",
   "CatalogId": "string",
   "ExternalFiltering": { 
      "AuthorizedTargets": [ "string" ],
      "Status": "string"
   },
   "InstanceArn": "string",
   "ResourceShare": "string",
   "ShareRecipients": [ 
      { 
         "DataLakePrincipalIdentifier": "string"
      }
   ]
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

ApplicationArn

The Amazon Resource Name (ARN) of the Lake Formation application integrated with IAM Identity Center.

Type: String

CatalogId

The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 255.

Pattern: [\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\t]*

ExternalFiltering

Indicates if external filtering is enabled.

Type: ExternalFilteringConfiguration object

InstanceArn

The Amazon Resource Name (ARN) of the connection.

Type: String

ResourceShare

The Amazon Resource Name (ARN) of the RAM share.

Type: String

ShareRecipients

A list of AWS account IDs or AWS organization/organizational unit ARNs that are allowed to access data managed by Lake Formation.

If the ShareRecipients list includes valid values, a resource share is created with the principals you want to have access to the resources as the ShareRecipients.

If the ShareRecipients value is null or the list is empty, no resource share is created.

Type: Array of DataLakePrincipal objects

Array Members: Minimum number of 0 items. Maximum number of 30 items.

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

Access to a resource was denied.

HTTP Status Code: 400

EntityNotFoundException

A specified entity does not exist.

HTTP Status Code: 400

InternalServiceException

An internal service error occurred.

HTTP Status Code: 500

InvalidInputException

The input provided was not valid.

HTTP Status Code: 400

OperationTimeoutException

The operation timed out.

HTTP Status Code: 400

Examples

Response example

This example illustrates one usage of DescribeLakeFormationIdentityCenterConfiguration.

{
    "CatalogId": "123456789012",
    "InstanceArn": "arn:aws:sso:::instance/ssoins-1223f2dba9f23211",
    "ApplicationArn": "arn:aws:sso::123456789012:application/ssoins-1223f2dba9f23211/apl-8effb002e2841417",
    "ShareRecipients": [
        {
            "DataLakePrincipalIdentifier": "555555555555"
        },
        {
            "DataLakePrincipalIdentifier": "444455556666"
        }
    ],
    "ResourceShare": "arn:aws:ram:us-east-1:123456789012:resource-share/2b5032f6-19e4-461e-8b02-cd711d119df7"
}

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: