UpdatePermissionGroup - Amazon FinSpace

Amazon FinSpace Dataset Browser will be discontinued on November 29, 2024. Starting November 29, 2023, FinSpace will no longer accept the creation of new Dataset Browser environments. Customers using Amazon FinSpace with Managed Kdb Insights will not be affected. For more information, review the FAQ or contact AWS Support to assist with your transition.

UpdatePermissionGroup

Modifies the details of a permission group. You cannot modify a permissionGroupID.

Request Syntax

PUT /permission-group/permissionGroupId HTTP/1.1 Content-type: application/json { "applicationPermissions": [ "string" ], "clientToken": "string", "description": "string", "name": "string" }

URI Request Parameters

The request uses the following URI parameters.

permissionGroupId

The unique identifier for the permission group to update.

Length Constraints: Minimum length of 1. Maximum length of 26.

Pattern: .*\S.*

Required: Yes

Request Body

The request accepts the following data in JSON format.

applicationPermissions

The permissions that are granted to a specific group for accessing the FinSpace application.

Important

When assigning application permissions, be aware that the permission ManageUsersAndGroups allows users to grant themselves or others access to any functionality in their FinSpace environment's application. It should only be granted to trusted users.

  • CreateDataset – Group members can create new datasets.

  • ManageClusters – Group members can manage Apache Spark clusters from FinSpace notebooks.

  • ManageUsersAndGroups – Group members can manage users and permission groups. This is a privileged permission that allows users to grant themselves or others access to any functionality in the application. It should only be granted to trusted users.

  • ManageAttributeSets – Group members can manage attribute sets.

  • ViewAuditData – Group members can view audit data.

  • AccessNotebooks – Group members will have access to FinSpace notebooks.

  • GetTemporaryCredentials – Group members can get temporary API credentials.

Type: Array of strings

Valid Values: CreateDataset | ManageClusters | ManageUsersAndGroups | ManageAttributeSets | ViewAuditData | AccessNotebooks | GetTemporaryCredentials

Required: No

clientToken

A token that ensures idempotency. This token expires in 10 minutes.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: .*\S.*

Required: No

description

A brief description for the permission group.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 4000.

Pattern: [\s\S]*

Required: No

name

The name of the permission group.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 255.

Pattern: .*\S.*

Required: No

Response Syntax

HTTP/1.1 200 Content-type: application/json { "permissionGroupId": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

permissionGroupId

The unique identifier for the updated permission group.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 26.

Pattern: .*\S.*

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

You do not have sufficient access to perform this action.

HTTP Status Code: 403

ConflictException

The request conflicts with an existing resource.

HTTP Status Code: 409

InternalServerException

The request processing has failed because of an unknown error, exception or failure.

HTTP Status Code: 500

ResourceNotFoundException

One or more resources can't be found.

HTTP Status Code: 404

ThrottlingException

The request was denied due to request throttling.

HTTP Status Code: 429

ValidationException

The input fails to satisfy the constraints specified by an AWS service.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: