1 | import {Request} from '../lib/request';
|
2 | import {Response} from '../lib/response';
|
3 | import {AWSError} from '../lib/error';
|
4 | import {Service} from '../lib/service';
|
5 | import {ServiceConfigurationOptions} from '../lib/service';
|
6 | import {ConfigBase as Config} from '../lib/config';
|
7 | interface Blob {}
|
8 | declare class LakeFormation extends Service {
|
9 | |
10 |
|
11 |
|
12 | constructor(options?: LakeFormation.Types.ClientConfiguration)
|
13 | config: Config & LakeFormation.Types.ClientConfiguration;
|
14 | /**
|
15 | * Batch operation to grant permissions to the principal.
|
16 | */
|
17 | batchGrantPermissions(params: LakeFormation.Types.BatchGrantPermissionsRequest, callback?: (err: AWSError, data: LakeFormation.Types.BatchGrantPermissionsResponse) => void): Request<LakeFormation.Types.BatchGrantPermissionsResponse, AWSError>;
|
18 | /**
|
19 | * Batch operation to grant permissions to the principal.
|
20 | */
|
21 | batchGrantPermissions(callback?: (err: AWSError, data: LakeFormation.Types.BatchGrantPermissionsResponse) => void): Request<LakeFormation.Types.BatchGrantPermissionsResponse, AWSError>;
|
22 | /**
|
23 | * Batch operation to revoke permissions from the principal.
|
24 | */
|
25 | batchRevokePermissions(params: LakeFormation.Types.BatchRevokePermissionsRequest, callback?: (err: AWSError, data: LakeFormation.Types.BatchRevokePermissionsResponse) => void): Request<LakeFormation.Types.BatchRevokePermissionsResponse, AWSError>;
|
26 | /**
|
27 | * Batch operation to revoke permissions from the principal.
|
28 | */
|
29 | batchRevokePermissions(callback?: (err: AWSError, data: LakeFormation.Types.BatchRevokePermissionsResponse) => void): Request<LakeFormation.Types.BatchRevokePermissionsResponse, AWSError>;
|
30 | /**
|
31 | * Deregisters the resource as managed by the Data Catalog. When you deregister a path, Lake Formation removes the path from the inline policy attached to your service-linked role.
|
32 | */
|
33 | deregisterResource(params: LakeFormation.Types.DeregisterResourceRequest, callback?: (err: AWSError, data: LakeFormation.Types.DeregisterResourceResponse) => void): Request<LakeFormation.Types.DeregisterResourceResponse, AWSError>;
|
34 | /**
|
35 | * Deregisters the resource as managed by the Data Catalog. When you deregister a path, Lake Formation removes the path from the inline policy attached to your service-linked role.
|
36 | */
|
37 | deregisterResource(callback?: (err: AWSError, data: LakeFormation.Types.DeregisterResourceResponse) => void): Request<LakeFormation.Types.DeregisterResourceResponse, AWSError>;
|
38 | /**
|
39 | * Retrieves the current data access role for the given resource registered in AWS Lake Formation.
|
40 | */
|
41 | describeResource(params: LakeFormation.Types.DescribeResourceRequest, callback?: (err: AWSError, data: LakeFormation.Types.DescribeResourceResponse) => void): Request<LakeFormation.Types.DescribeResourceResponse, AWSError>;
|
42 | /**
|
43 | * Retrieves the current data access role for the given resource registered in AWS Lake Formation.
|
44 | */
|
45 | describeResource(callback?: (err: AWSError, data: LakeFormation.Types.DescribeResourceResponse) => void): Request<LakeFormation.Types.DescribeResourceResponse, AWSError>;
|
46 | /**
|
47 | * The AWS Lake Formation principal.
|
48 | */
|
49 | getDataLakeSettings(params: LakeFormation.Types.GetDataLakeSettingsRequest, callback?: (err: AWSError, data: LakeFormation.Types.GetDataLakeSettingsResponse) => void): Request<LakeFormation.Types.GetDataLakeSettingsResponse, AWSError>;
|
50 | /**
|
51 | * The AWS Lake Formation principal.
|
52 | */
|
53 | getDataLakeSettings(callback?: (err: AWSError, data: LakeFormation.Types.GetDataLakeSettingsResponse) => void): Request<LakeFormation.Types.GetDataLakeSettingsResponse, AWSError>;
|
54 | /**
|
55 | * Returns the permissions for a specified table or database resource located at a path in Amazon S3.
|
56 | */
|
57 | getEffectivePermissionsForPath(params: LakeFormation.Types.GetEffectivePermissionsForPathRequest, callback?: (err: AWSError, data: LakeFormation.Types.GetEffectivePermissionsForPathResponse) => void): Request<LakeFormation.Types.GetEffectivePermissionsForPathResponse, AWSError>;
|
58 | /**
|
59 | * Returns the permissions for a specified table or database resource located at a path in Amazon S3.
|
60 | */
|
61 | getEffectivePermissionsForPath(callback?: (err: AWSError, data: LakeFormation.Types.GetEffectivePermissionsForPathResponse) => void): Request<LakeFormation.Types.GetEffectivePermissionsForPathResponse, AWSError>;
|
62 | /**
|
63 | * Grants permissions to the principal to access metadata in the Data Catalog and data organized in underlying data storage such as Amazon S3. For information about permissions, see Security and Access Control to Metadata and Data.
|
64 | */
|
65 | grantPermissions(params: LakeFormation.Types.GrantPermissionsRequest, callback?: (err: AWSError, data: LakeFormation.Types.GrantPermissionsResponse) => void): Request<LakeFormation.Types.GrantPermissionsResponse, AWSError>;
|
66 | /**
|
67 | * Grants permissions to the principal to access metadata in the Data Catalog and data organized in underlying data storage such as Amazon S3. For information about permissions, see Security and Access Control to Metadata and Data.
|
68 | */
|
69 | grantPermissions(callback?: (err: AWSError, data: LakeFormation.Types.GrantPermissionsResponse) => void): Request<LakeFormation.Types.GrantPermissionsResponse, AWSError>;
|
70 | /**
|
71 | * Returns a list of the principal permissions on the resource, filtered by the permissions of the caller. For example, if you are granted an ALTER permission, you are able to see only the principal permissions for ALTER. This operation returns only those permissions that have been explicitly granted. For information about permissions, see Security and Access Control to Metadata and Data.
|
72 | */
|
73 | listPermissions(params: LakeFormation.Types.ListPermissionsRequest, callback?: (err: AWSError, data: LakeFormation.Types.ListPermissionsResponse) => void): Request<LakeFormation.Types.ListPermissionsResponse, AWSError>;
|
74 | /**
|
75 | * Returns a list of the principal permissions on the resource, filtered by the permissions of the caller. For example, if you are granted an ALTER permission, you are able to see only the principal permissions for ALTER. This operation returns only those permissions that have been explicitly granted. For information about permissions, see Security and Access Control to Metadata and Data.
|
76 | */
|
77 | listPermissions(callback?: (err: AWSError, data: LakeFormation.Types.ListPermissionsResponse) => void): Request<LakeFormation.Types.ListPermissionsResponse, AWSError>;
|
78 | /**
|
79 | * Lists the resources registered to be managed by the Data Catalog.
|
80 | */
|
81 | listResources(params: LakeFormation.Types.ListResourcesRequest, callback?: (err: AWSError, data: LakeFormation.Types.ListResourcesResponse) => void): Request<LakeFormation.Types.ListResourcesResponse, AWSError>;
|
82 | /**
|
83 | * Lists the resources registered to be managed by the Data Catalog.
|
84 | */
|
85 | listResources(callback?: (err: AWSError, data: LakeFormation.Types.ListResourcesResponse) => void): Request<LakeFormation.Types.ListResourcesResponse, AWSError>;
|
86 | /**
|
87 | * The AWS Lake Formation principal.
|
88 | */
|
89 | putDataLakeSettings(params: LakeFormation.Types.PutDataLakeSettingsRequest, callback?: (err: AWSError, data: LakeFormation.Types.PutDataLakeSettingsResponse) => void): Request<LakeFormation.Types.PutDataLakeSettingsResponse, AWSError>;
|
90 | /**
|
91 | * The AWS Lake Formation principal.
|
92 | */
|
93 | putDataLakeSettings(callback?: (err: AWSError, data: LakeFormation.Types.PutDataLakeSettingsResponse) => void): Request<LakeFormation.Types.PutDataLakeSettingsResponse, AWSError>;
|
94 | /**
|
95 | * Registers the resource as managed by the Data Catalog. To add or update data, Lake Formation needs read/write access to the chosen Amazon S3 path. Choose a role that you know has permission to do this, or choose the AWSServiceRoleForLakeFormationDataAccess service-linked role. When you register the first Amazon S3 path, the service-linked role and a new inline policy are created on your behalf. Lake Formation adds the first path to the inline policy and attaches it to the service-linked role. When you register subsequent paths, Lake Formation adds the path to the existing policy.
|
96 | */
|
97 | registerResource(params: LakeFormation.Types.RegisterResourceRequest, callback?: (err: AWSError, data: LakeFormation.Types.RegisterResourceResponse) => void): Request<LakeFormation.Types.RegisterResourceResponse, AWSError>;
|
98 | /**
|
99 | * Registers the resource as managed by the Data Catalog. To add or update data, Lake Formation needs read/write access to the chosen Amazon S3 path. Choose a role that you know has permission to do this, or choose the AWSServiceRoleForLakeFormationDataAccess service-linked role. When you register the first Amazon S3 path, the service-linked role and a new inline policy are created on your behalf. Lake Formation adds the first path to the inline policy and attaches it to the service-linked role. When you register subsequent paths, Lake Formation adds the path to the existing policy.
|
100 | */
|
101 | registerResource(callback?: (err: AWSError, data: LakeFormation.Types.RegisterResourceResponse) => void): Request<LakeFormation.Types.RegisterResourceResponse, AWSError>;
|
102 | /**
|
103 | * Revokes permissions to the principal to access metadata in the Data Catalog and data organized in underlying data storage such as Amazon S3.
|
104 | */
|
105 | revokePermissions(params: LakeFormation.Types.RevokePermissionsRequest, callback?: (err: AWSError, data: LakeFormation.Types.RevokePermissionsResponse) => void): Request<LakeFormation.Types.RevokePermissionsResponse, AWSError>;
|
106 | /**
|
107 | * Revokes permissions to the principal to access metadata in the Data Catalog and data organized in underlying data storage such as Amazon S3.
|
108 | */
|
109 | revokePermissions(callback?: (err: AWSError, data: LakeFormation.Types.RevokePermissionsResponse) => void): Request<LakeFormation.Types.RevokePermissionsResponse, AWSError>;
|
110 | /**
|
111 | * Updates the data access role used for vending access to the given (registered) resource in AWS Lake Formation.
|
112 | */
|
113 | updateResource(params: LakeFormation.Types.UpdateResourceRequest, callback?: (err: AWSError, data: LakeFormation.Types.UpdateResourceResponse) => void): Request<LakeFormation.Types.UpdateResourceResponse, AWSError>;
|
114 | /**
|
115 | * Updates the data access role used for vending access to the given (registered) resource in AWS Lake Formation.
|
116 | */
|
117 | updateResource(callback?: (err: AWSError, data: LakeFormation.Types.UpdateResourceResponse) => void): Request<LakeFormation.Types.UpdateResourceResponse, AWSError>;
|
118 | }
|
119 | declare namespace LakeFormation {
|
120 | export interface BatchGrantPermissionsRequest {
|
121 | |
122 |
|
123 |
|
124 | CatalogId?: CatalogIdString;
|
125 | |
126 |
|
127 |
|
128 | Entries: BatchPermissionsRequestEntryList;
|
129 | }
|
130 | export interface BatchGrantPermissionsResponse {
|
131 | |
132 |
|
133 |
|
134 | Failures?: BatchPermissionsFailureList;
|
135 | }
|
136 | export interface BatchPermissionsFailureEntry {
|
137 | |
138 |
|
139 |
|
140 | RequestEntry?: BatchPermissionsRequestEntry;
|
141 | |
142 |
|
143 |
|
144 | Error?: ErrorDetail;
|
145 | }
|
146 | export type BatchPermissionsFailureList = BatchPermissionsFailureEntry[];
|
147 | export interface BatchPermissionsRequestEntry {
|
148 | |
149 |
|
150 |
|
151 | Id: Identifier;
|
152 | |
153 |
|
154 |
|
155 | Principal?: DataLakePrincipal;
|
156 | |
157 |
|
158 |
|
159 | Resource?: Resource;
|
160 | |
161 |
|
162 |
|
163 | Permissions?: PermissionList;
|
164 | |
165 |
|
166 |
|
167 | PermissionsWithGrantOption?: PermissionList;
|
168 | }
|
169 | export type BatchPermissionsRequestEntryList = BatchPermissionsRequestEntry[];
|
170 | export interface BatchRevokePermissionsRequest {
|
171 | |
172 |
|
173 |
|
174 | CatalogId?: CatalogIdString;
|
175 | |
176 |
|
177 |
|
178 | Entries: BatchPermissionsRequestEntryList;
|
179 | }
|
180 | export interface BatchRevokePermissionsResponse {
|
181 | |
182 |
|
183 |
|
184 | Failures?: BatchPermissionsFailureList;
|
185 | }
|
186 | export type CatalogIdString = string;
|
187 | export interface CatalogResource {
|
188 | }
|
189 | export type ColumnNames = NameString[];
|
190 | export interface ColumnWildcard {
|
191 | |
192 |
|
193 |
|
194 | ExcludedColumnNames?: ColumnNames;
|
195 | }
|
196 | export type ComparisonOperator = "EQ"|"NE"|"LE"|"LT"|"GE"|"GT"|"CONTAINS"|"NOT_CONTAINS"|"BEGINS_WITH"|"IN"|"BETWEEN"|string;
|
197 | export interface DataLakePrincipal {
|
198 | |
199 |
|
200 |
|
201 | DataLakePrincipalIdentifier?: DataLakePrincipalString;
|
202 | }
|
203 | export type DataLakePrincipalList = DataLakePrincipal[];
|
204 | export type DataLakePrincipalString = string;
|
205 | export type DataLakeResourceType = "CATALOG"|"DATABASE"|"TABLE"|"DATA_LOCATION"|string;
|
206 | export interface DataLakeSettings {
|
207 | |
208 |
|
209 |
|
210 | DataLakeAdmins?: DataLakePrincipalList;
|
211 | |
212 |
|
213 |
|
214 | CreateDatabaseDefaultPermissions?: PrincipalPermissionsList;
|
215 | |
216 |
|
217 |
|
218 | CreateTableDefaultPermissions?: PrincipalPermissionsList;
|
219 | }
|
220 | export interface DataLocationResource {
|
221 | |
222 |
|
223 |
|
224 | ResourceArn: ResourceArnString;
|
225 | }
|
226 | export interface DatabaseResource {
|
227 | |
228 |
|
229 |
|
230 | Name: NameString;
|
231 | }
|
232 | export interface DeregisterResourceRequest {
|
233 | |
234 |
|
235 |
|
236 | ResourceArn: ResourceArnString;
|
237 | }
|
238 | export interface DeregisterResourceResponse {
|
239 | }
|
240 | export interface DescribeResourceRequest {
|
241 | |
242 |
|
243 |
|
244 | ResourceArn: ResourceArnString;
|
245 | }
|
246 | export interface DescribeResourceResponse {
|
247 | |
248 |
|
249 |
|
250 | ResourceInfo?: ResourceInfo;
|
251 | }
|
252 | export type DescriptionString = string;
|
253 | export interface ErrorDetail {
|
254 | |
255 |
|
256 |
|
257 | ErrorCode?: NameString;
|
258 | |
259 |
|
260 |
|
261 | ErrorMessage?: DescriptionString;
|
262 | }
|
263 | export type FieldNameString = "RESOURCE_ARN"|"ROLE_ARN"|"LAST_MODIFIED"|string;
|
264 | export interface FilterCondition {
|
265 | |
266 |
|
267 |
|
268 | Field?: FieldNameString;
|
269 | |
270 |
|
271 |
|
272 | ComparisonOperator?: ComparisonOperator;
|
273 | |
274 |
|
275 |
|
276 | StringValueList?: StringValueList;
|
277 | }
|
278 | export type FilterConditionList = FilterCondition[];
|
279 | export interface GetDataLakeSettingsRequest {
|
280 | |
281 |
|
282 |
|
283 | CatalogId?: CatalogIdString;
|
284 | }
|
285 | export interface GetDataLakeSettingsResponse {
|
286 | |
287 |
|
288 |
|
289 | DataLakeSettings?: DataLakeSettings;
|
290 | }
|
291 | export interface GetEffectivePermissionsForPathRequest {
|
292 | |
293 |
|
294 |
|
295 | CatalogId?: CatalogIdString;
|
296 | |
297 |
|
298 |
|
299 | ResourceArn: ResourceArnString;
|
300 | |
301 |
|
302 |
|
303 | NextToken?: Token;
|
304 | |
305 |
|
306 |
|
307 | MaxResults?: PageSize;
|
308 | }
|
309 | export interface GetEffectivePermissionsForPathResponse {
|
310 | |
311 |
|
312 |
|
313 | Permissions?: PrincipalResourcePermissionsList;
|
314 | |
315 |
|
316 |
|
317 | NextToken?: Token;
|
318 | }
|
319 | export interface GrantPermissionsRequest {
|
320 | |
321 |
|
322 |
|
323 | CatalogId?: CatalogIdString;
|
324 | |
325 |
|
326 |
|
327 | Principal: DataLakePrincipal;
|
328 | |
329 |
|
330 |
|
331 | Resource: Resource;
|
332 | |
333 |
|
334 |
|
335 | Permissions: PermissionList;
|
336 | |
337 |
|
338 |
|
339 | PermissionsWithGrantOption?: PermissionList;
|
340 | }
|
341 | export interface GrantPermissionsResponse {
|
342 | }
|
343 | export type IAMRoleArn = string;
|
344 | export type Identifier = string;
|
345 | export type LastModifiedTimestamp = Date;
|
346 | export interface ListPermissionsRequest {
|
347 | |
348 |
|
349 |
|
350 | CatalogId?: CatalogIdString;
|
351 | |
352 |
|
353 |
|
354 | Principal?: DataLakePrincipal;
|
355 | |
356 |
|
357 |
|
358 | ResourceType?: DataLakeResourceType;
|
359 | |
360 |
|
361 |
|
362 | Resource?: Resource;
|
363 | |
364 |
|
365 |
|
366 | NextToken?: Token;
|
367 | |
368 |
|
369 |
|
370 | MaxResults?: PageSize;
|
371 | }
|
372 | export interface ListPermissionsResponse {
|
373 | |
374 |
|
375 |
|
376 | PrincipalResourcePermissions?: PrincipalResourcePermissionsList;
|
377 | |
378 |
|
379 |
|
380 | NextToken?: Token;
|
381 | }
|
382 | export interface ListResourcesRequest {
|
383 | |
384 |
|
385 |
|
386 | FilterConditionList?: FilterConditionList;
|
387 | |
388 |
|
389 |
|
390 | MaxResults?: PageSize;
|
391 | |
392 |
|
393 |
|
394 | NextToken?: Token;
|
395 | }
|
396 | export interface ListResourcesResponse {
|
397 | |
398 |
|
399 |
|
400 | ResourceInfoList?: ResourceInfoList;
|
401 | |
402 |
|
403 |
|
404 | NextToken?: Token;
|
405 | }
|
406 | export type NameString = string;
|
407 | export type NullableBoolean = boolean;
|
408 | export type PageSize = number;
|
409 | export type Permission = "ALL"|"SELECT"|"ALTER"|"DROP"|"DELETE"|"INSERT"|"CREATE_DATABASE"|"CREATE_TABLE"|"DATA_LOCATION_ACCESS"|string;
|
410 | export type PermissionList = Permission[];
|
411 | export interface PrincipalPermissions {
|
412 | |
413 |
|
414 |
|
415 | Principal?: DataLakePrincipal;
|
416 | |
417 |
|
418 |
|
419 | Permissions?: PermissionList;
|
420 | }
|
421 | export type PrincipalPermissionsList = PrincipalPermissions[];
|
422 | export interface PrincipalResourcePermissions {
|
423 | |
424 |
|
425 |
|
426 | Principal?: DataLakePrincipal;
|
427 | |
428 |
|
429 |
|
430 | Resource?: Resource;
|
431 | |
432 |
|
433 |
|
434 | Permissions?: PermissionList;
|
435 | |
436 |
|
437 |
|
438 | PermissionsWithGrantOption?: PermissionList;
|
439 | }
|
440 | export type PrincipalResourcePermissionsList = PrincipalResourcePermissions[];
|
441 | export interface PutDataLakeSettingsRequest {
|
442 | |
443 |
|
444 |
|
445 | CatalogId?: CatalogIdString;
|
446 | |
447 |
|
448 |
|
449 | DataLakeSettings: DataLakeSettings;
|
450 | }
|
451 | export interface PutDataLakeSettingsResponse {
|
452 | }
|
453 | export interface RegisterResourceRequest {
|
454 | |
455 |
|
456 |
|
457 | ResourceArn: ResourceArnString;
|
458 | |
459 |
|
460 |
|
461 | UseServiceLinkedRole?: NullableBoolean;
|
462 | |
463 |
|
464 |
|
465 | RoleArn?: IAMRoleArn;
|
466 | }
|
467 | export interface RegisterResourceResponse {
|
468 | }
|
469 | export interface Resource {
|
470 | |
471 |
|
472 |
|
473 | Catalog?: CatalogResource;
|
474 | |
475 |
|
476 |
|
477 | Database?: DatabaseResource;
|
478 | |
479 |
|
480 |
|
481 | Table?: TableResource;
|
482 | |
483 |
|
484 |
|
485 | TableWithColumns?: TableWithColumnsResource;
|
486 | |
487 |
|
488 |
|
489 | DataLocation?: DataLocationResource;
|
490 | }
|
491 | export type ResourceArnString = string;
|
492 | export interface ResourceInfo {
|
493 | |
494 |
|
495 |
|
496 | ResourceArn?: ResourceArnString;
|
497 | |
498 |
|
499 |
|
500 | RoleArn?: IAMRoleArn;
|
501 | |
502 |
|
503 |
|
504 | LastModified?: LastModifiedTimestamp;
|
505 | }
|
506 | export type ResourceInfoList = ResourceInfo[];
|
507 | export interface RevokePermissionsRequest {
|
508 | |
509 |
|
510 |
|
511 | CatalogId?: CatalogIdString;
|
512 | |
513 |
|
514 |
|
515 | Principal: DataLakePrincipal;
|
516 | |
517 |
|
518 |
|
519 | Resource: Resource;
|
520 | |
521 |
|
522 |
|
523 | Permissions: PermissionList;
|
524 | |
525 |
|
526 |
|
527 | PermissionsWithGrantOption?: PermissionList;
|
528 | }
|
529 | export interface RevokePermissionsResponse {
|
530 | }
|
531 | export type StringValue = string;
|
532 | export type StringValueList = StringValue[];
|
533 | export interface TableResource {
|
534 | |
535 |
|
536 |
|
537 | DatabaseName: NameString;
|
538 | |
539 |
|
540 |
|
541 | Name: NameString;
|
542 | }
|
543 | export interface TableWithColumnsResource {
|
544 | |
545 |
|
546 |
|
547 | DatabaseName?: NameString;
|
548 | |
549 |
|
550 |
|
551 | Name?: NameString;
|
552 | |
553 |
|
554 |
|
555 | ColumnNames?: ColumnNames;
|
556 | |
557 |
|
558 |
|
559 | ColumnWildcard?: ColumnWildcard;
|
560 | }
|
561 | export type Token = string;
|
562 | export interface UpdateResourceRequest {
|
563 | |
564 |
|
565 |
|
566 | RoleArn: IAMRoleArn;
|
567 | |
568 |
|
569 |
|
570 | ResourceArn: ResourceArnString;
|
571 | }
|
572 | export interface UpdateResourceResponse {
|
573 | }
|
574 | |
575 |
|
576 |
|
577 | export type apiVersion = "2017-03-31"|"latest"|string;
|
578 | export interface ClientApiVersions {
|
579 | |
580 |
|
581 |
|
582 | apiVersion?: apiVersion;
|
583 | }
|
584 | export type ClientConfiguration = ServiceConfigurationOptions & ClientApiVersions;
|
585 | |
586 |
|
587 |
|
588 | export import Types = LakeFormation;
|
589 | }
|
590 | export = LakeFormation;
|