Docs
Packages
AWS Classic v5.41.0, May 15 23
AWS Classic v5.41.0, May 15 23
aws.lakeformation.getPermissions
Explore with Pulumi AI
Get permissions for a principal to access metadata in the Data Catalog and data organized in underlying data storage such as Amazon S3. Permissions are granted to a principal, in a Data Catalog, relative to a Lake Formation resource, which includes the Data Catalog, databases, tables, LF-tags, and LF-tag policies. For more information, see Security and Access Control to Metadata and Data in Lake Formation.
NOTE: This data source deals with explicitly granted permissions. Lake Formation grants implicit permissions to data lake administrators, database creators, and table creators. For more information, see Implicit Lake Formation Permissions.
Example Usage
Permissions For A Lake Formation S3 Resource
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var test = Aws.LakeFormation.GetPermissions.Invoke(new()
{
Principal = aws_iam_role.Workflow_role.Arn,
DataLocation = new Aws.LakeFormation.Inputs.GetPermissionsDataLocationInputArgs
{
Arn = aws_lakeformation_resource.Test.Arn,
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lakeformation"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := lakeformation.LookupPermissions(ctx, &lakeformation.LookupPermissionsArgs{
Principal: aws_iam_role.Workflow_role.Arn,
DataLocation: lakeformation.GetPermissionsDataLocation{
Arn: aws_lakeformation_resource.Test.Arn,
},
}, nil)
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lakeformation.LakeformationFunctions;
import com.pulumi.aws.lakeformation.inputs.GetPermissionsArgs;
import com.pulumi.aws.lakeformation.inputs.GetPermissionsDataLocationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var test = LakeformationFunctions.getPermissions(GetPermissionsArgs.builder()
.principal(aws_iam_role.workflow_role().arn())
.dataLocation(GetPermissionsDataLocationArgs.builder()
.arn(aws_lakeformation_resource.test().arn())
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
test = aws.lakeformation.get_permissions(principal=aws_iam_role["workflow_role"]["arn"],
data_location=aws.lakeformation.GetPermissionsDataLocationArgs(
arn=aws_lakeformation_resource["test"]["arn"],
))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const test = aws.lakeformation.getPermissions({
principal: aws_iam_role.workflow_role.arn,
dataLocation: {
arn: aws_lakeformation_resource.test.arn,
},
});
variables:
test:
fn::invoke:
Function: aws:lakeformation:getPermissions
Arguments:
principal: ${aws_iam_role.workflow_role.arn}
dataLocation:
arn: ${aws_lakeformation_resource.test.arn}
Permissions For A Glue Catalog Database
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var test = Aws.LakeFormation.GetPermissions.Invoke(new()
{
Principal = aws_iam_role.Workflow_role.Arn,
Database = new Aws.LakeFormation.Inputs.GetPermissionsDatabaseInputArgs
{
Name = aws_glue_catalog_database.Test.Name,
CatalogId = "110376042874",
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lakeformation"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := lakeformation.LookupPermissions(ctx, &lakeformation.LookupPermissionsArgs{
Principal: aws_iam_role.Workflow_role.Arn,
Database: lakeformation.GetPermissionsDatabase{
Name: aws_glue_catalog_database.Test.Name,
CatalogId: "110376042874",
},
}, nil)
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lakeformation.LakeformationFunctions;
import com.pulumi.aws.lakeformation.inputs.GetPermissionsArgs;
import com.pulumi.aws.lakeformation.inputs.GetPermissionsDatabaseArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var test = LakeformationFunctions.getPermissions(GetPermissionsArgs.builder()
.principal(aws_iam_role.workflow_role().arn())
.database(GetPermissionsDatabaseArgs.builder()
.name(aws_glue_catalog_database.test().name())
.catalogId("110376042874")
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
test = aws.lakeformation.get_permissions(principal=aws_iam_role["workflow_role"]["arn"],
database=aws.lakeformation.GetPermissionsDatabaseArgs(
name=aws_glue_catalog_database["test"]["name"],
catalog_id="110376042874",
))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const test = aws.lakeformation.getPermissions({
principal: aws_iam_role.workflow_role.arn,
database: {
name: aws_glue_catalog_database.test.name,
catalogId: "110376042874",
},
});
variables:
test:
fn::invoke:
Function: aws:lakeformation:getPermissions
Arguments:
principal: ${aws_iam_role.workflow_role.arn}
database:
name: ${aws_glue_catalog_database.test.name}
catalogId: '110376042874'
Permissions For Tag-Based Access Control
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var test = Aws.LakeFormation.GetPermissions.Invoke(new()
{
Principal = aws_iam_role.Workflow_role.Arn,
LfTagPolicy = new Aws.LakeFormation.Inputs.GetPermissionsLfTagPolicyInputArgs
{
ResourceType = "DATABASE",
Expressions = new[]
{
new Aws.LakeFormation.Inputs.GetPermissionsLfTagPolicyExpressionInputArgs
{
Key = "Team",
Values = new[]
{
"Sales",
},
},
new Aws.LakeFormation.Inputs.GetPermissionsLfTagPolicyExpressionInputArgs
{
Key = "Environment",
Values = new[]
{
"Dev",
"Production",
},
},
},
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lakeformation"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := lakeformation.LookupPermissions(ctx, &lakeformation.LookupPermissionsArgs{
Principal: aws_iam_role.Workflow_role.Arn,
LfTagPolicy: lakeformation.GetPermissionsLfTagPolicy{
ResourceType: "DATABASE",
Expressions: []lakeformation.GetPermissionsLfTagPolicyExpression{
{
Key: "Team",
Values: []string{
"Sales",
},
},
{
Key: "Environment",
Values: []string{
"Dev",
"Production",
},
},
},
},
}, nil)
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lakeformation.LakeformationFunctions;
import com.pulumi.aws.lakeformation.inputs.GetPermissionsArgs;
import com.pulumi.aws.lakeformation.inputs.GetPermissionsLfTagPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var test = LakeformationFunctions.getPermissions(GetPermissionsArgs.builder()
.principal(aws_iam_role.workflow_role().arn())
.lfTagPolicy(GetPermissionsLfTagPolicyArgs.builder()
.resourceType("DATABASE")
.expressions(
GetPermissionsLfTagPolicyExpressionArgs.builder()
.key("Team")
.values("Sales")
.build(),
GetPermissionsLfTagPolicyExpressionArgs.builder()
.key("Environment")
.values(
"Dev",
"Production")
.build())
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
test = aws.lakeformation.get_permissions(principal=aws_iam_role["workflow_role"]["arn"],
lf_tag_policy=aws.lakeformation.GetPermissionsLfTagPolicyArgs(
resource_type="DATABASE",
expressions=[
aws.lakeformation.GetPermissionsLfTagPolicyExpressionArgs(
key="Team",
values=["Sales"],
),
aws.lakeformation.GetPermissionsLfTagPolicyExpressionArgs(
key="Environment",
values=[
"Dev",
"Production",
],
),
],
))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const test = aws.lakeformation.getPermissions({
principal: aws_iam_role.workflow_role.arn,
lfTagPolicy: {
resourceType: "DATABASE",
expressions: [
{
key: "Team",
values: ["Sales"],
},
{
key: "Environment",
values: [
"Dev",
"Production",
],
},
],
},
});
variables:
test:
fn::invoke:
Function: aws:lakeformation:getPermissions
Arguments:
principal: ${aws_iam_role.workflow_role.arn}
lfTagPolicy:
resourceType: DATABASE
expressions:
- key: Team
values:
- Sales
- key: Environment
values:
- Dev
- Production
Using getPermissions
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getPermissions(args: GetPermissionsArgs, opts?: InvokeOptions): Promise<GetPermissionsResult>
function getPermissionsOutput(args: GetPermissionsOutputArgs, opts?: InvokeOptions): Output<GetPermissionsResult>def get_permissions(catalog_id: Optional[str] = None,
catalog_resource: Optional[bool] = None,
data_location: Optional[GetPermissionsDataLocation] = None,
database: Optional[GetPermissionsDatabase] = None,
lf_tag: Optional[GetPermissionsLfTag] = None,
lf_tag_policy: Optional[GetPermissionsLfTagPolicy] = None,
principal: Optional[str] = None,
table: Optional[GetPermissionsTable] = None,
table_with_columns: Optional[GetPermissionsTableWithColumns] = None,
opts: Optional[InvokeOptions] = None) -> GetPermissionsResult
def get_permissions_output(catalog_id: Optional[pulumi.Input[str]] = None,
catalog_resource: Optional[pulumi.Input[bool]] = None,
data_location: Optional[pulumi.Input[GetPermissionsDataLocationArgs]] = None,
database: Optional[pulumi.Input[GetPermissionsDatabaseArgs]] = None,
lf_tag: Optional[pulumi.Input[GetPermissionsLfTagArgs]] = None,
lf_tag_policy: Optional[pulumi.Input[GetPermissionsLfTagPolicyArgs]] = None,
principal: Optional[pulumi.Input[str]] = None,
table: Optional[pulumi.Input[GetPermissionsTableArgs]] = None,
table_with_columns: Optional[pulumi.Input[GetPermissionsTableWithColumnsArgs]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetPermissionsResult]func LookupPermissions(ctx *Context, args *LookupPermissionsArgs, opts ...InvokeOption) (*LookupPermissionsResult, error)
func LookupPermissionsOutput(ctx *Context, args *LookupPermissionsOutputArgs, opts ...InvokeOption) LookupPermissionsResultOutput> Note: This function is named LookupPermissions in the Go SDK.
public static class GetPermissions
{
public static Task<GetPermissionsResult> InvokeAsync(GetPermissionsArgs args, InvokeOptions? opts = null)
public static Output<GetPermissionsResult> Invoke(GetPermissionsInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetPermissionsResult> getPermissions(GetPermissionsArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: aws:lakeformation/getPermissions:getPermissions
arguments:
# arguments dictionaryThe following arguments are supported:
- Principal string
Principal to be granted the permissions on the resource. Supported principals are IAM users or IAM roles.
- Catalog
Id string Identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.
- Catalog
Resource bool Whether the permissions are to be granted for the Data Catalog. Defaults to
false.- Data
Location GetPermissions Data Location Configuration block for a data location resource. Detailed below.
- Database
Get
Permissions Database Configuration block for a database resource. Detailed below.
- Lf
Tag GetPermissions Lf Tag Configuration block for an LF-tag resource. Detailed below.
- Lf
Tag GetPolicy Permissions Lf Tag Policy Configuration block for an LF-tag policy resource. Detailed below.
- Table
Get
Permissions Table Configuration block for a table resource. Detailed below.
- Table
With GetColumns Permissions Table With Columns Configuration block for a table with columns resource. Detailed below.
- Principal string
Principal to be granted the permissions on the resource. Supported principals are IAM users or IAM roles.
- Catalog
Id string Identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.
- Catalog
Resource bool Whether the permissions are to be granted for the Data Catalog. Defaults to
false.- Data
Location GetPermissions Data Location Configuration block for a data location resource. Detailed below.
- Database
Get
Permissions Database Configuration block for a database resource. Detailed below.
- Lf
Tag GetPermissions Lf Tag Configuration block for an LF-tag resource. Detailed below.
- Lf
Tag GetPolicy Permissions Lf Tag Policy Configuration block for an LF-tag policy resource. Detailed below.
- Table
Get
Permissions Table Configuration block for a table resource. Detailed below.
- Table
With GetColumns Permissions Table With Columns Configuration block for a table with columns resource. Detailed below.
- principal String
Principal to be granted the permissions on the resource. Supported principals are IAM users or IAM roles.
- catalog
Id String Identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.
- catalog
Resource Boolean Whether the permissions are to be granted for the Data Catalog. Defaults to
false.- data
Location GetPermissions Data Location Configuration block for a data location resource. Detailed below.
- database
Get
Permissions Database Configuration block for a database resource. Detailed below.
- lf
Tag GetPermissions Lf Tag Configuration block for an LF-tag resource. Detailed below.
- lf
Tag GetPolicy Permissions Lf Tag Policy Configuration block for an LF-tag policy resource. Detailed below.
- table
Get
Permissions Table Configuration block for a table resource. Detailed below.
- table
With GetColumns Permissions Table With Columns Configuration block for a table with columns resource. Detailed below.
- principal string
Principal to be granted the permissions on the resource. Supported principals are IAM users or IAM roles.
- catalog
Id string Identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.
- catalog
Resource boolean Whether the permissions are to be granted for the Data Catalog. Defaults to
false.- data
Location GetPermissions Data Location Configuration block for a data location resource. Detailed below.
- database
Get
Permissions Database Configuration block for a database resource. Detailed below.
- lf
Tag GetPermissions Lf Tag Configuration block for an LF-tag resource. Detailed below.
- lf
Tag GetPolicy Permissions Lf Tag Policy Configuration block for an LF-tag policy resource. Detailed below.
- table
Get
Permissions Table Configuration block for a table resource. Detailed below.
- table
With GetColumns Permissions Table With Columns Configuration block for a table with columns resource. Detailed below.
- principal str
Principal to be granted the permissions on the resource. Supported principals are IAM users or IAM roles.
- catalog_
id str Identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.
- catalog_
resource bool Whether the permissions are to be granted for the Data Catalog. Defaults to
false.- data_
location GetPermissions Data Location Configuration block for a data location resource. Detailed below.
- database
Get
Permissions Database Configuration block for a database resource. Detailed below.
- lf_
tag GetPermissions Lf Tag Configuration block for an LF-tag resource. Detailed below.
- lf_
tag_ Getpolicy Permissions Lf Tag Policy Configuration block for an LF-tag policy resource. Detailed below.
- table
Get
Permissions Table Configuration block for a table resource. Detailed below.
- table_
with_ Getcolumns Permissions Table With Columns Configuration block for a table with columns resource. Detailed below.
- principal String
Principal to be granted the permissions on the resource. Supported principals are IAM users or IAM roles.
- catalog
Id String Identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.
- catalog
Resource Boolean Whether the permissions are to be granted for the Data Catalog. Defaults to
false.- data
Location Property Map Configuration block for a data location resource. Detailed below.
- database Property Map
Configuration block for a database resource. Detailed below.
- lf
Tag Property Map Configuration block for an LF-tag resource. Detailed below.
- lf
Tag Property MapPolicy Configuration block for an LF-tag policy resource. Detailed below.
- table Property Map
Configuration block for a table resource. Detailed below.
- table
With Property MapColumns Configuration block for a table with columns resource. Detailed below.
getPermissions Result
The following output properties are available:
- Data
Location GetPermissions Data Location - Database
Get
Permissions Database - Id string
The provider-assigned unique ID for this managed resource.
- Lf
Tag GetPermissions Lf Tag - Lf
Tag GetPolicy Permissions Lf Tag Policy - Permissions List<string>
List of permissions granted to the principal. For details on permissions, see Lake Formation Permissions Reference.
- Permissions
With List<string>Grant Options Subset of
permissionswhich the principal can pass.- Principal string
- Table
Get
Permissions Table - Table
With GetColumns Permissions Table With Columns - Catalog
Id string - Catalog
Resource bool
- Data
Location GetPermissions Data Location - Database
Get
Permissions Database - Id string
The provider-assigned unique ID for this managed resource.
- Lf
Tag GetPermissions Lf Tag - Lf
Tag GetPolicy Permissions Lf Tag Policy - Permissions []string
List of permissions granted to the principal. For details on permissions, see Lake Formation Permissions Reference.
- Permissions
With []stringGrant Options Subset of
permissionswhich the principal can pass.- Principal string
- Table
Get
Permissions Table - Table
With GetColumns Permissions Table With Columns - Catalog
Id string - Catalog
Resource bool
- data
Location GetPermissions Data Location - database
Get
Permissions Database - id String
The provider-assigned unique ID for this managed resource.
- lf
Tag GetPermissions Lf Tag - lf
Tag GetPolicy Permissions Lf Tag Policy - permissions List<String>
List of permissions granted to the principal. For details on permissions, see Lake Formation Permissions Reference.
- permissions
With List<String>Grant Options Subset of
permissionswhich the principal can pass.- principal String
- table
Get
Permissions Table - table
With GetColumns Permissions Table With Columns - catalog
Id String - catalog
Resource Boolean
- data
Location GetPermissions Data Location - database
Get
Permissions Database - id string
The provider-assigned unique ID for this managed resource.
- lf
Tag GetPermissions Lf Tag - lf
Tag GetPolicy Permissions Lf Tag Policy - permissions string[]
List of permissions granted to the principal. For details on permissions, see Lake Formation Permissions Reference.
- permissions
With string[]Grant Options Subset of
permissionswhich the principal can pass.- principal string
- table
Get
Permissions Table - table
With GetColumns Permissions Table With Columns - catalog
Id string - catalog
Resource boolean
- data_
location GetPermissions Data Location - database
Get
Permissions Database - id str
The provider-assigned unique ID for this managed resource.
- lf_
tag GetPermissions Lf Tag - lf_
tag_ Getpolicy Permissions Lf Tag Policy - permissions Sequence[str]
List of permissions granted to the principal. For details on permissions, see Lake Formation Permissions Reference.
- permissions_
with_ Sequence[str]grant_ options Subset of
permissionswhich the principal can pass.- principal str
- table
Get
Permissions Table - table_
with_ Getcolumns Permissions Table With Columns - catalog_
id str - catalog_
resource bool
- data
Location Property Map - database Property Map
- id String
The provider-assigned unique ID for this managed resource.
- lf
Tag Property Map - lf
Tag Property MapPolicy - permissions List<String>
List of permissions granted to the principal. For details on permissions, see Lake Formation Permissions Reference.
- permissions
With List<String>Grant Options Subset of
permissionswhich the principal can pass.- principal String
- table Property Map
- table
With Property MapColumns - catalog
Id String - catalog
Resource Boolean
Supporting Types
GetPermissionsDataLocation
- arn str
ARN that uniquely identifies the data location resource.
- catalog_
id str Identifier for the Data Catalog where the location is registered with Lake Formation. By default, it is the account ID of the caller.
GetPermissionsDatabase
- catalog_
id str Identifier for the Data Catalog. By default, it is the account ID of the caller.
- name str
Name of the database resource. Unique to the Data Catalog.
GetPermissionsLfTag
- catalog_
id str Identifier for the Data Catalog. By default, it is the account ID of the caller.
- key str
Key-name for the tag.
- values Sequence[str]
List of possible values an attribute can take.
GetPermissionsLfTagPolicy
- Catalog
Id string Identifier for the Data Catalog. By default, it is the account ID of the caller.
- Expressions
List<Get
Permissions Lf Tag Policy Expression> List of tag conditions that apply to the resource's tag policy. Configuration block for tag conditions that apply to the policy. See
expressionbelow.- Resource
Type string Resource type for which the tag policy applies. Valid values are
DATABASEandTABLE.
- Catalog
Id string Identifier for the Data Catalog. By default, it is the account ID of the caller.
- Expressions
[]Get
Permissions Lf Tag Policy Expression List of tag conditions that apply to the resource's tag policy. Configuration block for tag conditions that apply to the policy. See
expressionbelow.- Resource
Type string Resource type for which the tag policy applies. Valid values are
DATABASEandTABLE.
- catalog
Id String Identifier for the Data Catalog. By default, it is the account ID of the caller.
- expressions
List<Get
Permissions Lf Tag Policy Expression> List of tag conditions that apply to the resource's tag policy. Configuration block for tag conditions that apply to the policy. See
expressionbelow.- resource
Type String Resource type for which the tag policy applies. Valid values are
DATABASEandTABLE.
- catalog
Id string Identifier for the Data Catalog. By default, it is the account ID of the caller.
- expressions
Get
Permissions Lf Tag Policy Expression[] List of tag conditions that apply to the resource's tag policy. Configuration block for tag conditions that apply to the policy. See
expressionbelow.- resource
Type string Resource type for which the tag policy applies. Valid values are
DATABASEandTABLE.
- catalog_
id str Identifier for the Data Catalog. By default, it is the account ID of the caller.
- expressions
Sequence[Get
Permissions Lf Tag Policy Expression] List of tag conditions that apply to the resource's tag policy. Configuration block for tag conditions that apply to the policy. See
expressionbelow.- resource_
type str Resource type for which the tag policy applies. Valid values are
DATABASEandTABLE.
- catalog
Id String Identifier for the Data Catalog. By default, it is the account ID of the caller.
- expressions List<Property Map>
List of tag conditions that apply to the resource's tag policy. Configuration block for tag conditions that apply to the policy. See
expressionbelow.- resource
Type String Resource type for which the tag policy applies. Valid values are
DATABASEandTABLE.
GetPermissionsLfTagPolicyExpression
GetPermissionsTable
- Catalog
Id string Identifier for the Data Catalog. By default, it is the account ID of the caller.
- Database
Name string Name of the database for the table. Unique to a Data Catalog.
- Name string
Name of the table. At least one of
nameorwildcardis required.- Wildcard bool
Whether to use a wildcard representing every table under a database. At least one of
nameorwildcardis required. Defaults tofalse.
- Catalog
Id string Identifier for the Data Catalog. By default, it is the account ID of the caller.
- Database
Name string Name of the database for the table. Unique to a Data Catalog.
- Name string
Name of the table. At least one of
nameorwildcardis required.- Wildcard bool
Whether to use a wildcard representing every table under a database. At least one of
nameorwildcardis required. Defaults tofalse.
- catalog
Id String Identifier for the Data Catalog. By default, it is the account ID of the caller.
- database
Name String Name of the database for the table. Unique to a Data Catalog.
- name String
Name of the table. At least one of
nameorwildcardis required.- wildcard Boolean
Whether to use a wildcard representing every table under a database. At least one of
nameorwildcardis required. Defaults tofalse.
- catalog
Id string Identifier for the Data Catalog. By default, it is the account ID of the caller.
- database
Name string Name of the database for the table. Unique to a Data Catalog.
- name string
Name of the table. At least one of
nameorwildcardis required.- wildcard boolean
Whether to use a wildcard representing every table under a database. At least one of
nameorwildcardis required. Defaults tofalse.
- catalog_
id str Identifier for the Data Catalog. By default, it is the account ID of the caller.
- database_
name str Name of the database for the table. Unique to a Data Catalog.
- name str
Name of the table. At least one of
nameorwildcardis required.- wildcard bool
Whether to use a wildcard representing every table under a database. At least one of
nameorwildcardis required. Defaults tofalse.
- catalog
Id String Identifier for the Data Catalog. By default, it is the account ID of the caller.
- database
Name String Name of the database for the table. Unique to a Data Catalog.
- name String
Name of the table. At least one of
nameorwildcardis required.- wildcard Boolean
Whether to use a wildcard representing every table under a database. At least one of
nameorwildcardis required. Defaults tofalse.
GetPermissionsTableWithColumns
- Catalog
Id string Identifier for the Data Catalog. By default, it is the account ID of the caller.
- Database
Name string Name of the database for the table with columns resource. Unique to the Data Catalog.
- Name string
Name of the table resource.
- Column
Names List<string> Set of column names for the table. At least one of
column_namesorexcluded_column_namesis required.- Excluded
Column List<string>Names Set of column names for the table to exclude. At least one of
column_namesorexcluded_column_namesis required.- Wildcard bool
Whether to use a wildcard representing every table under a database. At least one of
nameorwildcardis required. Defaults tofalse.
- Catalog
Id string Identifier for the Data Catalog. By default, it is the account ID of the caller.
- Database
Name string Name of the database for the table with columns resource. Unique to the Data Catalog.
- Name string
Name of the table resource.
- Column
Names []string Set of column names for the table. At least one of
column_namesorexcluded_column_namesis required.- Excluded
Column []stringNames Set of column names for the table to exclude. At least one of
column_namesorexcluded_column_namesis required.- Wildcard bool
Whether to use a wildcard representing every table under a database. At least one of
nameorwildcardis required. Defaults tofalse.
- catalog
Id String Identifier for the Data Catalog. By default, it is the account ID of the caller.
- database
Name String Name of the database for the table with columns resource. Unique to the Data Catalog.
- name String
Name of the table resource.
- column
Names List<String> Set of column names for the table. At least one of
column_namesorexcluded_column_namesis required.- excluded
Column List<String>Names Set of column names for the table to exclude. At least one of
column_namesorexcluded_column_namesis required.- wildcard Boolean
Whether to use a wildcard representing every table under a database. At least one of
nameorwildcardis required. Defaults tofalse.
- catalog
Id string Identifier for the Data Catalog. By default, it is the account ID of the caller.
- database
Name string Name of the database for the table with columns resource. Unique to the Data Catalog.
- name string
Name of the table resource.
- column
Names string[] Set of column names for the table. At least one of
column_namesorexcluded_column_namesis required.- excluded
Column string[]Names Set of column names for the table to exclude. At least one of
column_namesorexcluded_column_namesis required.- wildcard boolean
Whether to use a wildcard representing every table under a database. At least one of
nameorwildcardis required. Defaults tofalse.
- catalog_
id str Identifier for the Data Catalog. By default, it is the account ID of the caller.
- database_
name str Name of the database for the table with columns resource. Unique to the Data Catalog.
- name str
Name of the table resource.
- column_
names Sequence[str] Set of column names for the table. At least one of
column_namesorexcluded_column_namesis required.- excluded_
column_ Sequence[str]names Set of column names for the table to exclude. At least one of
column_namesorexcluded_column_namesis required.- wildcard bool
Whether to use a wildcard representing every table under a database. At least one of
nameorwildcardis required. Defaults tofalse.
- catalog
Id String Identifier for the Data Catalog. By default, it is the account ID of the caller.
- database
Name String Name of the database for the table with columns resource. Unique to the Data Catalog.
- name String
Name of the table resource.
- column
Names List<String> Set of column names for the table. At least one of
column_namesorexcluded_column_namesis required.- excluded
Column List<String>Names Set of column names for the table to exclude. At least one of
column_namesorexcluded_column_namesis required.- wildcard Boolean
Whether to use a wildcard representing every table under a database. At least one of
nameorwildcardis required. Defaults tofalse.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
awsTerraform Provider.