1. Packages
  2. AWS Classic
  3. API Docs
  4. lakeformation
  5. getPermissions

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.22.2 published on Friday, Feb 16, 2024 by Pulumi

aws.lakeformation.getPermissions

Explore with Pulumi AI

aws logo

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.22.2 published on Friday, Feb 16, 2024 by Pulumi

    Get permissions for a principal to access metadata in the Data Catalog and data organized in underlying data storage such as Amazon S3. Permissions are granted to a principal, in a Data Catalog, relative to a Lake Formation resource, which includes the Data Catalog, databases, tables, LF-tags, and LF-tag policies. For more information, see Security and Access Control to Metadata and Data in Lake Formation.

    NOTE: This data source deals with explicitly granted permissions. Lake Formation grants implicit permissions to data lake administrators, database creators, and table creators. For more information, see Implicit Lake Formation Permissions.

    Example Usage

    Permissions For A Lake Formation S3 Resource

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var test = Aws.LakeFormation.GetPermissions.Invoke(new()
        {
            Principal = aws_iam_role.Workflow_role.Arn,
            DataLocation = new Aws.LakeFormation.Inputs.GetPermissionsDataLocationInputArgs
            {
                Arn = aws_lakeformation_resource.Test.Arn,
            },
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lakeformation"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := lakeformation.LookupPermissions(ctx, &lakeformation.LookupPermissionsArgs{
    			Principal: aws_iam_role.Workflow_role.Arn,
    			DataLocation: lakeformation.GetPermissionsDataLocation{
    				Arn: aws_lakeformation_resource.Test.Arn,
    			},
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.lakeformation.LakeformationFunctions;
    import com.pulumi.aws.lakeformation.inputs.GetPermissionsArgs;
    import com.pulumi.aws.lakeformation.inputs.GetPermissionsDataLocationArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var test = LakeformationFunctions.getPermissions(GetPermissionsArgs.builder()
                .principal(aws_iam_role.workflow_role().arn())
                .dataLocation(GetPermissionsDataLocationArgs.builder()
                    .arn(aws_lakeformation_resource.test().arn())
                    .build())
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_aws as aws
    
    test = aws.lakeformation.get_permissions(principal=aws_iam_role["workflow_role"]["arn"],
        data_location=aws.lakeformation.GetPermissionsDataLocationArgs(
            arn=aws_lakeformation_resource["test"]["arn"],
        ))
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const test = aws.lakeformation.getPermissions({
        principal: aws_iam_role.workflow_role.arn,
        dataLocation: {
            arn: aws_lakeformation_resource.test.arn,
        },
    });
    
    variables:
      test:
        fn::invoke:
          Function: aws:lakeformation:getPermissions
          Arguments:
            principal: ${aws_iam_role.workflow_role.arn}
            dataLocation:
              arn: ${aws_lakeformation_resource.test.arn}
    

    Permissions For A Glue Catalog Database

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var test = Aws.LakeFormation.GetPermissions.Invoke(new()
        {
            Principal = aws_iam_role.Workflow_role.Arn,
            Database = new Aws.LakeFormation.Inputs.GetPermissionsDatabaseInputArgs
            {
                Name = aws_glue_catalog_database.Test.Name,
                CatalogId = "110376042874",
            },
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lakeformation"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := lakeformation.LookupPermissions(ctx, &lakeformation.LookupPermissionsArgs{
    			Principal: aws_iam_role.Workflow_role.Arn,
    			Database: lakeformation.GetPermissionsDatabase{
    				Name:      aws_glue_catalog_database.Test.Name,
    				CatalogId: "110376042874",
    			},
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.lakeformation.LakeformationFunctions;
    import com.pulumi.aws.lakeformation.inputs.GetPermissionsArgs;
    import com.pulumi.aws.lakeformation.inputs.GetPermissionsDatabaseArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var test = LakeformationFunctions.getPermissions(GetPermissionsArgs.builder()
                .principal(aws_iam_role.workflow_role().arn())
                .database(GetPermissionsDatabaseArgs.builder()
                    .name(aws_glue_catalog_database.test().name())
                    .catalogId("110376042874")
                    .build())
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_aws as aws
    
    test = aws.lakeformation.get_permissions(principal=aws_iam_role["workflow_role"]["arn"],
        database=aws.lakeformation.GetPermissionsDatabaseArgs(
            name=aws_glue_catalog_database["test"]["name"],
            catalog_id="110376042874",
        ))
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const test = aws.lakeformation.getPermissions({
        principal: aws_iam_role.workflow_role.arn,
        database: {
            name: aws_glue_catalog_database.test.name,
            catalogId: "110376042874",
        },
    });
    
    variables:
      test:
        fn::invoke:
          Function: aws:lakeformation:getPermissions
          Arguments:
            principal: ${aws_iam_role.workflow_role.arn}
            database:
              name: ${aws_glue_catalog_database.test.name}
              catalogId: '110376042874'
    

    Permissions For Tag-Based Access Control

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var test = Aws.LakeFormation.GetPermissions.Invoke(new()
        {
            Principal = aws_iam_role.Workflow_role.Arn,
            LfTagPolicy = new Aws.LakeFormation.Inputs.GetPermissionsLfTagPolicyInputArgs
            {
                ResourceType = "DATABASE",
                Expressions = new[]
                {
                    new Aws.LakeFormation.Inputs.GetPermissionsLfTagPolicyExpressionInputArgs
                    {
                        Key = "Team",
                        Values = new[]
                        {
                            "Sales",
                        },
                    },
                    new Aws.LakeFormation.Inputs.GetPermissionsLfTagPolicyExpressionInputArgs
                    {
                        Key = "Environment",
                        Values = new[]
                        {
                            "Dev",
                            "Production",
                        },
                    },
                },
            },
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lakeformation"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := lakeformation.LookupPermissions(ctx, &lakeformation.LookupPermissionsArgs{
    			Principal: aws_iam_role.Workflow_role.Arn,
    			LfTagPolicy: lakeformation.GetPermissionsLfTagPolicy{
    				ResourceType: "DATABASE",
    				Expressions: []lakeformation.GetPermissionsLfTagPolicyExpression{
    					{
    						Key: "Team",
    						Values: []string{
    							"Sales",
    						},
    					},
    					{
    						Key: "Environment",
    						Values: []string{
    							"Dev",
    							"Production",
    						},
    					},
    				},
    			},
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.lakeformation.LakeformationFunctions;
    import com.pulumi.aws.lakeformation.inputs.GetPermissionsArgs;
    import com.pulumi.aws.lakeformation.inputs.GetPermissionsLfTagPolicyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var test = LakeformationFunctions.getPermissions(GetPermissionsArgs.builder()
                .principal(aws_iam_role.workflow_role().arn())
                .lfTagPolicy(GetPermissionsLfTagPolicyArgs.builder()
                    .resourceType("DATABASE")
                    .expressions(                
                        GetPermissionsLfTagPolicyExpressionArgs.builder()
                            .key("Team")
                            .values("Sales")
                            .build(),
                        GetPermissionsLfTagPolicyExpressionArgs.builder()
                            .key("Environment")
                            .values(                        
                                "Dev",
                                "Production")
                            .build())
                    .build())
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_aws as aws
    
    test = aws.lakeformation.get_permissions(principal=aws_iam_role["workflow_role"]["arn"],
        lf_tag_policy=aws.lakeformation.GetPermissionsLfTagPolicyArgs(
            resource_type="DATABASE",
            expressions=[
                aws.lakeformation.GetPermissionsLfTagPolicyExpressionArgs(
                    key="Team",
                    values=["Sales"],
                ),
                aws.lakeformation.GetPermissionsLfTagPolicyExpressionArgs(
                    key="Environment",
                    values=[
                        "Dev",
                        "Production",
                    ],
                ),
            ],
        ))
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const test = aws.lakeformation.getPermissions({
        principal: aws_iam_role.workflow_role.arn,
        lfTagPolicy: {
            resourceType: "DATABASE",
            expressions: [
                {
                    key: "Team",
                    values: ["Sales"],
                },
                {
                    key: "Environment",
                    values: [
                        "Dev",
                        "Production",
                    ],
                },
            ],
        },
    });
    
    variables:
      test:
        fn::invoke:
          Function: aws:lakeformation:getPermissions
          Arguments:
            principal: ${aws_iam_role.workflow_role.arn}
            lfTagPolicy:
              resourceType: DATABASE
              expressions:
                - key: Team
                  values:
                    - Sales
                - key: Environment
                  values:
                    - Dev
                    - Production
    

    Using getPermissions

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getPermissions(args: GetPermissionsArgs, opts?: InvokeOptions): Promise<GetPermissionsResult>
    function getPermissionsOutput(args: GetPermissionsOutputArgs, opts?: InvokeOptions): Output<GetPermissionsResult>
    def get_permissions(catalog_id: Optional[str] = None,
                        catalog_resource: Optional[bool] = None,
                        data_location: Optional[GetPermissionsDataLocation] = None,
                        database: Optional[GetPermissionsDatabase] = None,
                        lf_tag: Optional[GetPermissionsLfTag] = None,
                        lf_tag_policy: Optional[GetPermissionsLfTagPolicy] = None,
                        principal: Optional[str] = None,
                        table: Optional[GetPermissionsTable] = None,
                        table_with_columns: Optional[GetPermissionsTableWithColumns] = None,
                        opts: Optional[InvokeOptions] = None) -> GetPermissionsResult
    def get_permissions_output(catalog_id: Optional[pulumi.Input[str]] = None,
                        catalog_resource: Optional[pulumi.Input[bool]] = None,
                        data_location: Optional[pulumi.Input[GetPermissionsDataLocationArgs]] = None,
                        database: Optional[pulumi.Input[GetPermissionsDatabaseArgs]] = None,
                        lf_tag: Optional[pulumi.Input[GetPermissionsLfTagArgs]] = None,
                        lf_tag_policy: Optional[pulumi.Input[GetPermissionsLfTagPolicyArgs]] = None,
                        principal: Optional[pulumi.Input[str]] = None,
                        table: Optional[pulumi.Input[GetPermissionsTableArgs]] = None,
                        table_with_columns: Optional[pulumi.Input[GetPermissionsTableWithColumnsArgs]] = None,
                        opts: Optional[InvokeOptions] = None) -> Output[GetPermissionsResult]
    func LookupPermissions(ctx *Context, args *LookupPermissionsArgs, opts ...InvokeOption) (*LookupPermissionsResult, error)
    func LookupPermissionsOutput(ctx *Context, args *LookupPermissionsOutputArgs, opts ...InvokeOption) LookupPermissionsResultOutput

    > Note: This function is named LookupPermissions in the Go SDK.

    public static class GetPermissions 
    {
        public static Task<GetPermissionsResult> InvokeAsync(GetPermissionsArgs args, InvokeOptions? opts = null)
        public static Output<GetPermissionsResult> Invoke(GetPermissionsInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetPermissionsResult> getPermissions(GetPermissionsArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: aws:lakeformation/getPermissions:getPermissions
      arguments:
        # arguments dictionary

    The following arguments are supported:

    Principal string

    Principal to be granted the permissions on the resource. Supported principals are IAM users or IAM roles.

    One of the following is required:

    CatalogId string
    Identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.
    CatalogResource bool
    Whether the permissions are to be granted for the Data Catalog. Defaults to false.
    DataLocation GetPermissionsDataLocation
    Configuration block for a data location resource. Detailed below.
    Database GetPermissionsDatabase
    Configuration block for a database resource. Detailed below.
    LfTag GetPermissionsLfTag
    Configuration block for an LF-tag resource. Detailed below.
    LfTagPolicy GetPermissionsLfTagPolicy
    Configuration block for an LF-tag policy resource. Detailed below.
    Table GetPermissionsTable
    Configuration block for a table resource. Detailed below.
    TableWithColumns GetPermissionsTableWithColumns

    Configuration block for a table with columns resource. Detailed below.

    The following arguments are optional:

    Principal string

    Principal to be granted the permissions on the resource. Supported principals are IAM users or IAM roles.

    One of the following is required:

    CatalogId string
    Identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.
    CatalogResource bool
    Whether the permissions are to be granted for the Data Catalog. Defaults to false.
    DataLocation GetPermissionsDataLocation
    Configuration block for a data location resource. Detailed below.
    Database GetPermissionsDatabase
    Configuration block for a database resource. Detailed below.
    LfTag GetPermissionsLfTag
    Configuration block for an LF-tag resource. Detailed below.
    LfTagPolicy GetPermissionsLfTagPolicy
    Configuration block for an LF-tag policy resource. Detailed below.
    Table GetPermissionsTable
    Configuration block for a table resource. Detailed below.
    TableWithColumns GetPermissionsTableWithColumns

    Configuration block for a table with columns resource. Detailed below.

    The following arguments are optional:

    principal String

    Principal to be granted the permissions on the resource. Supported principals are IAM users or IAM roles.

    One of the following is required:

    catalogId String
    Identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.
    catalogResource Boolean
    Whether the permissions are to be granted for the Data Catalog. Defaults to false.
    dataLocation GetPermissionsDataLocation
    Configuration block for a data location resource. Detailed below.
    database GetPermissionsDatabase
    Configuration block for a database resource. Detailed below.
    lfTag GetPermissionsLfTag
    Configuration block for an LF-tag resource. Detailed below.
    lfTagPolicy GetPermissionsLfTagPolicy
    Configuration block for an LF-tag policy resource. Detailed below.
    table GetPermissionsTable
    Configuration block for a table resource. Detailed below.
    tableWithColumns GetPermissionsTableWithColumns

    Configuration block for a table with columns resource. Detailed below.

    The following arguments are optional:

    principal string

    Principal to be granted the permissions on the resource. Supported principals are IAM users or IAM roles.

    One of the following is required:

    catalogId string
    Identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.
    catalogResource boolean
    Whether the permissions are to be granted for the Data Catalog. Defaults to false.
    dataLocation GetPermissionsDataLocation
    Configuration block for a data location resource. Detailed below.
    database GetPermissionsDatabase
    Configuration block for a database resource. Detailed below.
    lfTag GetPermissionsLfTag
    Configuration block for an LF-tag resource. Detailed below.
    lfTagPolicy GetPermissionsLfTagPolicy
    Configuration block for an LF-tag policy resource. Detailed below.
    table GetPermissionsTable
    Configuration block for a table resource. Detailed below.
    tableWithColumns GetPermissionsTableWithColumns

    Configuration block for a table with columns resource. Detailed below.

    The following arguments are optional:

    principal str

    Principal to be granted the permissions on the resource. Supported principals are IAM users or IAM roles.

    One of the following is required:

    catalog_id str
    Identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.
    catalog_resource bool
    Whether the permissions are to be granted for the Data Catalog. Defaults to false.
    data_location GetPermissionsDataLocation
    Configuration block for a data location resource. Detailed below.
    database GetPermissionsDatabase
    Configuration block for a database resource. Detailed below.
    lf_tag GetPermissionsLfTag
    Configuration block for an LF-tag resource. Detailed below.
    lf_tag_policy GetPermissionsLfTagPolicy
    Configuration block for an LF-tag policy resource. Detailed below.
    table GetPermissionsTable
    Configuration block for a table resource. Detailed below.
    table_with_columns GetPermissionsTableWithColumns

    Configuration block for a table with columns resource. Detailed below.

    The following arguments are optional:

    principal String

    Principal to be granted the permissions on the resource. Supported principals are IAM users or IAM roles.

    One of the following is required:

    catalogId String
    Identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.
    catalogResource Boolean
    Whether the permissions are to be granted for the Data Catalog. Defaults to false.
    dataLocation Property Map
    Configuration block for a data location resource. Detailed below.
    database Property Map
    Configuration block for a database resource. Detailed below.
    lfTag Property Map
    Configuration block for an LF-tag resource. Detailed below.
    lfTagPolicy Property Map
    Configuration block for an LF-tag policy resource. Detailed below.
    table Property Map
    Configuration block for a table resource. Detailed below.
    tableWithColumns Property Map

    Configuration block for a table with columns resource. Detailed below.

    The following arguments are optional:

    getPermissions Result

    The following output properties are available:

    DataLocation GetPermissionsDataLocation
    Database GetPermissionsDatabase
    Id string
    The provider-assigned unique ID for this managed resource.
    LfTag GetPermissionsLfTag
    LfTagPolicy GetPermissionsLfTagPolicy
    Permissions List<string>
    List of permissions granted to the principal. For details on permissions, see Lake Formation Permissions Reference.
    PermissionsWithGrantOptions List<string>
    Subset of permissions which the principal can pass.
    Principal string
    Table GetPermissionsTable
    TableWithColumns GetPermissionsTableWithColumns
    CatalogId string
    CatalogResource bool
    DataLocation GetPermissionsDataLocation
    Database GetPermissionsDatabase
    Id string
    The provider-assigned unique ID for this managed resource.
    LfTag GetPermissionsLfTag
    LfTagPolicy GetPermissionsLfTagPolicy
    Permissions []string
    List of permissions granted to the principal. For details on permissions, see Lake Formation Permissions Reference.
    PermissionsWithGrantOptions []string
    Subset of permissions which the principal can pass.
    Principal string
    Table GetPermissionsTable
    TableWithColumns GetPermissionsTableWithColumns
    CatalogId string
    CatalogResource bool
    dataLocation GetPermissionsDataLocation
    database GetPermissionsDatabase
    id String
    The provider-assigned unique ID for this managed resource.
    lfTag GetPermissionsLfTag
    lfTagPolicy GetPermissionsLfTagPolicy
    permissions List<String>
    List of permissions granted to the principal. For details on permissions, see Lake Formation Permissions Reference.
    permissionsWithGrantOptions List<String>
    Subset of permissions which the principal can pass.
    principal String
    table GetPermissionsTable
    tableWithColumns GetPermissionsTableWithColumns
    catalogId String
    catalogResource Boolean
    dataLocation GetPermissionsDataLocation
    database GetPermissionsDatabase
    id string
    The provider-assigned unique ID for this managed resource.
    lfTag GetPermissionsLfTag
    lfTagPolicy GetPermissionsLfTagPolicy
    permissions string[]
    List of permissions granted to the principal. For details on permissions, see Lake Formation Permissions Reference.
    permissionsWithGrantOptions string[]
    Subset of permissions which the principal can pass.
    principal string
    table GetPermissionsTable
    tableWithColumns GetPermissionsTableWithColumns
    catalogId string
    catalogResource boolean
    data_location GetPermissionsDataLocation
    database GetPermissionsDatabase
    id str
    The provider-assigned unique ID for this managed resource.
    lf_tag GetPermissionsLfTag
    lf_tag_policy GetPermissionsLfTagPolicy
    permissions Sequence[str]
    List of permissions granted to the principal. For details on permissions, see Lake Formation Permissions Reference.
    permissions_with_grant_options Sequence[str]
    Subset of permissions which the principal can pass.
    principal str
    table GetPermissionsTable
    table_with_columns GetPermissionsTableWithColumns
    catalog_id str
    catalog_resource bool
    dataLocation Property Map
    database Property Map
    id String
    The provider-assigned unique ID for this managed resource.
    lfTag Property Map
    lfTagPolicy Property Map
    permissions List<String>
    List of permissions granted to the principal. For details on permissions, see Lake Formation Permissions Reference.
    permissionsWithGrantOptions List<String>
    Subset of permissions which the principal can pass.
    principal String
    table Property Map
    tableWithColumns Property Map
    catalogId String
    catalogResource Boolean

    Supporting Types

    GetPermissionsDataLocation

    Arn string

    ARN that uniquely identifies the data location resource.

    The following argument is optional:

    CatalogId string
    Identifier for the Data Catalog where the location is registered with Lake Formation. By default, it is the account ID of the caller.
    Arn string

    ARN that uniquely identifies the data location resource.

    The following argument is optional:

    CatalogId string
    Identifier for the Data Catalog where the location is registered with Lake Formation. By default, it is the account ID of the caller.
    arn String

    ARN that uniquely identifies the data location resource.

    The following argument is optional:

    catalogId String
    Identifier for the Data Catalog where the location is registered with Lake Formation. By default, it is the account ID of the caller.
    arn string

    ARN that uniquely identifies the data location resource.

    The following argument is optional:

    catalogId string
    Identifier for the Data Catalog where the location is registered with Lake Formation. By default, it is the account ID of the caller.
    arn str

    ARN that uniquely identifies the data location resource.

    The following argument is optional:

    catalog_id str
    Identifier for the Data Catalog where the location is registered with Lake Formation. By default, it is the account ID of the caller.
    arn String

    ARN that uniquely identifies the data location resource.

    The following argument is optional:

    catalogId String
    Identifier for the Data Catalog where the location is registered with Lake Formation. By default, it is the account ID of the caller.

    GetPermissionsDatabase

    CatalogId string
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    Name string

    Name of the database resource. Unique to the Data Catalog.

    The following argument is optional:

    CatalogId string
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    Name string

    Name of the database resource. Unique to the Data Catalog.

    The following argument is optional:

    catalogId String
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    name String

    Name of the database resource. Unique to the Data Catalog.

    The following argument is optional:

    catalogId string
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    name string

    Name of the database resource. Unique to the Data Catalog.

    The following argument is optional:

    catalog_id str
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    name str

    Name of the database resource. Unique to the Data Catalog.

    The following argument is optional:

    catalogId String
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    name String

    Name of the database resource. Unique to the Data Catalog.

    The following argument is optional:

    GetPermissionsLfTag

    CatalogId string
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    Key string
    Key-name for the tag.
    Values List<string>

    List of possible values an attribute can take.

    The following argument is optional:

    CatalogId string
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    Key string
    Key-name for the tag.
    Values []string

    List of possible values an attribute can take.

    The following argument is optional:

    catalogId String
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    key String
    Key-name for the tag.
    values List<String>

    List of possible values an attribute can take.

    The following argument is optional:

    catalogId string
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    key string
    Key-name for the tag.
    values string[]

    List of possible values an attribute can take.

    The following argument is optional:

    catalog_id str
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    key str
    Key-name for the tag.
    values Sequence[str]

    List of possible values an attribute can take.

    The following argument is optional:

    catalogId String
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    key String
    Key-name for the tag.
    values List<String>

    List of possible values an attribute can take.

    The following argument is optional:

    GetPermissionsLfTagPolicy

    CatalogId string
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    Expressions List<GetPermissionsLfTagPolicyExpression>

    List of tag conditions that apply to the resource's tag policy. Configuration block for tag conditions that apply to the policy. See expression below.

    The following argument is optional:

    ResourceType string
    Resource type for which the tag policy applies. Valid values are DATABASE and TABLE.
    CatalogId string
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    Expressions []GetPermissionsLfTagPolicyExpression

    List of tag conditions that apply to the resource's tag policy. Configuration block for tag conditions that apply to the policy. See expression below.

    The following argument is optional:

    ResourceType string
    Resource type for which the tag policy applies. Valid values are DATABASE and TABLE.
    catalogId String
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    expressions List<GetPermissionsLfTagPolicyExpression>

    List of tag conditions that apply to the resource's tag policy. Configuration block for tag conditions that apply to the policy. See expression below.

    The following argument is optional:

    resourceType String
    Resource type for which the tag policy applies. Valid values are DATABASE and TABLE.
    catalogId string
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    expressions GetPermissionsLfTagPolicyExpression[]

    List of tag conditions that apply to the resource's tag policy. Configuration block for tag conditions that apply to the policy. See expression below.

    The following argument is optional:

    resourceType string
    Resource type for which the tag policy applies. Valid values are DATABASE and TABLE.
    catalog_id str
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    expressions Sequence[GetPermissionsLfTagPolicyExpression]

    List of tag conditions that apply to the resource's tag policy. Configuration block for tag conditions that apply to the policy. See expression below.

    The following argument is optional:

    resource_type str
    Resource type for which the tag policy applies. Valid values are DATABASE and TABLE.
    catalogId String
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    expressions List<Property Map>

    List of tag conditions that apply to the resource's tag policy. Configuration block for tag conditions that apply to the policy. See expression below.

    The following argument is optional:

    resourceType String
    Resource type for which the tag policy applies. Valid values are DATABASE and TABLE.

    GetPermissionsLfTagPolicyExpression

    Key string
    Key-name of an LF-Tag.
    Values List<string>
    List of possible values of an LF-Tag.
    Key string
    Key-name of an LF-Tag.
    Values []string
    List of possible values of an LF-Tag.
    key String
    Key-name of an LF-Tag.
    values List<String>
    List of possible values of an LF-Tag.
    key string
    Key-name of an LF-Tag.
    values string[]
    List of possible values of an LF-Tag.
    key str
    Key-name of an LF-Tag.
    values Sequence[str]
    List of possible values of an LF-Tag.
    key String
    Key-name of an LF-Tag.
    values List<String>
    List of possible values of an LF-Tag.

    GetPermissionsTable

    CatalogId string
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    DatabaseName string

    Name of the database for the table. Unique to a Data Catalog.

    The following arguments are optional:

    Name string
    Name of the table. At least one of name or wildcard is required.
    Wildcard bool
    Whether to use a wildcard representing every table under a database. At least one of name or wildcard is required. Defaults to false.
    CatalogId string
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    DatabaseName string

    Name of the database for the table. Unique to a Data Catalog.

    The following arguments are optional:

    Name string
    Name of the table. At least one of name or wildcard is required.
    Wildcard bool
    Whether to use a wildcard representing every table under a database. At least one of name or wildcard is required. Defaults to false.
    catalogId String
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    databaseName String

    Name of the database for the table. Unique to a Data Catalog.

    The following arguments are optional:

    name String
    Name of the table. At least one of name or wildcard is required.
    wildcard Boolean
    Whether to use a wildcard representing every table under a database. At least one of name or wildcard is required. Defaults to false.
    catalogId string
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    databaseName string

    Name of the database for the table. Unique to a Data Catalog.

    The following arguments are optional:

    name string
    Name of the table. At least one of name or wildcard is required.
    wildcard boolean
    Whether to use a wildcard representing every table under a database. At least one of name or wildcard is required. Defaults to false.
    catalog_id str
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    database_name str

    Name of the database for the table. Unique to a Data Catalog.

    The following arguments are optional:

    name str
    Name of the table. At least one of name or wildcard is required.
    wildcard bool
    Whether to use a wildcard representing every table under a database. At least one of name or wildcard is required. Defaults to false.
    catalogId String
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    databaseName String

    Name of the database for the table. Unique to a Data Catalog.

    The following arguments are optional:

    name String
    Name of the table. At least one of name or wildcard is required.
    wildcard Boolean
    Whether to use a wildcard representing every table under a database. At least one of name or wildcard is required. Defaults to false.

    GetPermissionsTableWithColumns

    CatalogId string
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    DatabaseName string
    Name of the database for the table with columns resource. Unique to the Data Catalog.
    Name string

    Name of the table resource.

    The following arguments are optional:

    ColumnNames List<string>
    Set of column names for the table. At least one of column_names or excluded_column_names is required.
    ExcludedColumnNames List<string>
    Set of column names for the table to exclude. At least one of column_names or excluded_column_names is required.
    Wildcard bool
    Whether to use a wildcard representing every table under a database. At least one of name or wildcard is required. Defaults to false.
    CatalogId string
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    DatabaseName string
    Name of the database for the table with columns resource. Unique to the Data Catalog.
    Name string

    Name of the table resource.

    The following arguments are optional:

    ColumnNames []string
    Set of column names for the table. At least one of column_names or excluded_column_names is required.
    ExcludedColumnNames []string
    Set of column names for the table to exclude. At least one of column_names or excluded_column_names is required.
    Wildcard bool
    Whether to use a wildcard representing every table under a database. At least one of name or wildcard is required. Defaults to false.
    catalogId String
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    databaseName String
    Name of the database for the table with columns resource. Unique to the Data Catalog.
    name String

    Name of the table resource.

    The following arguments are optional:

    columnNames List<String>
    Set of column names for the table. At least one of column_names or excluded_column_names is required.
    excludedColumnNames List<String>
    Set of column names for the table to exclude. At least one of column_names or excluded_column_names is required.
    wildcard Boolean
    Whether to use a wildcard representing every table under a database. At least one of name or wildcard is required. Defaults to false.
    catalogId string
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    databaseName string
    Name of the database for the table with columns resource. Unique to the Data Catalog.
    name string

    Name of the table resource.

    The following arguments are optional:

    columnNames string[]
    Set of column names for the table. At least one of column_names or excluded_column_names is required.
    excludedColumnNames string[]
    Set of column names for the table to exclude. At least one of column_names or excluded_column_names is required.
    wildcard boolean
    Whether to use a wildcard representing every table under a database. At least one of name or wildcard is required. Defaults to false.
    catalog_id str
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    database_name str
    Name of the database for the table with columns resource. Unique to the Data Catalog.
    name str

    Name of the table resource.

    The following arguments are optional:

    column_names Sequence[str]
    Set of column names for the table. At least one of column_names or excluded_column_names is required.
    excluded_column_names Sequence[str]
    Set of column names for the table to exclude. At least one of column_names or excluded_column_names is required.
    wildcard bool
    Whether to use a wildcard representing every table under a database. At least one of name or wildcard is required. Defaults to false.
    catalogId String
    Identifier for the Data Catalog. By default, it is the account ID of the caller.
    databaseName String
    Name of the database for the table with columns resource. Unique to the Data Catalog.
    name String

    Name of the table resource.

    The following arguments are optional:

    columnNames List<String>
    Set of column names for the table. At least one of column_names or excluded_column_names is required.
    excludedColumnNames List<String>
    Set of column names for the table to exclude. At least one of column_names or excluded_column_names is required.
    wildcard Boolean
    Whether to use a wildcard representing every table under a database. At least one of name or wildcard is required. Defaults to false.

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo

    Try AWS Native preview for resources not in the classic version.

    AWS Classic v6.22.2 published on Friday, Feb 16, 2024 by Pulumi