2024/11/14 - Amazon Redshift - 3 updated api methods
Changes Adds support for Amazon Redshift S3AccessGrants
{'ServiceIntegrations': {'S3AccessGrants': [{'ReadWriteAccess': {'Authorization': 'Enabled '
'| '
'Disabled'}}]}}
Response {'RedshiftIdcApplication': {'ServiceIntegrations': {'S3AccessGrants': [{'ReadWriteAccess': {'Authorization': 'Enabled '
'| '
'Disabled'}}]}}}
Creates an Amazon Redshift application for use with IAM Identity Center.
See also: AWS API Documentation
Request Syntax
client.create_redshift_idc_application(
IdcInstanceArn='string',
RedshiftIdcApplicationName='string',
IdentityNamespace='string',
IdcDisplayName='string',
IamRoleArn='string',
AuthorizedTokenIssuerList=[
{
'TrustedTokenIssuerArn': 'string',
'AuthorizedAudiencesList': [
'string',
]
},
],
ServiceIntegrations=[
{
'LakeFormation': [
{
'LakeFormationQuery': {
'Authorization': 'Enabled'|'Disabled'
}
},
],
'S3AccessGrants': [
{
'ReadWriteAccess': {
'Authorization': 'Enabled'|'Disabled'
}
},
]
},
]
)
string
[REQUIRED]
The Amazon resource name (ARN) of the IAM Identity Center instance where Amazon Redshift creates a new managed application.
string
[REQUIRED]
The name of the Redshift application in IAM Identity Center.
string
The namespace for the Amazon Redshift IAM Identity Center application instance. It determines which managed application verifies the connection token.
string
[REQUIRED]
The display name for the Amazon Redshift IAM Identity Center application instance. It appears in the console.
string
[REQUIRED]
The IAM role ARN for the Amazon Redshift IAM Identity Center application instance. It has the required permissions to be assumed and invoke the IDC Identity Center API.
list
The token issuer list for the Amazon Redshift IAM Identity Center application instance.
(dict) --
The authorized token issuer for the Amazon Redshift IAM Identity Center application.
TrustedTokenIssuerArn (string) --
The ARN for the authorized token issuer for integrating Amazon Redshift with IDC Identity Center.
AuthorizedAudiencesList (list) --
The list of audiences for the authorized token issuer for integrating Amazon Redshift with IDC Identity Center.
(string) --
list
A collection of service integrations for the Redshift IAM Identity Center application.
(dict) --
A list of service integrations.
LakeFormation (list) --
A list of scopes set up for Lake Formation integration.
(dict) --
A list of scopes set up for Lake Formation integration.
LakeFormationQuery (dict) --
The Lake Formation scope.
Authorization (string) -- [REQUIRED]
Determines whether the query scope is enabled or disabled.
S3AccessGrants (list) --
A list of scopes set up for S3 Access Grants integration.
(dict) --
A list of scopes set up for S3 Access Grants integration.
ReadWriteAccess (dict) --
The S3 Access Grants scope.
Authorization (string) -- [REQUIRED]
Determines whether the read/write scope is enabled or disabled.
dict
Response Syntax
{
'RedshiftIdcApplication': {
'IdcInstanceArn': 'string',
'RedshiftIdcApplicationName': 'string',
'RedshiftIdcApplicationArn': 'string',
'IdentityNamespace': 'string',
'IdcDisplayName': 'string',
'IamRoleArn': 'string',
'IdcManagedApplicationArn': 'string',
'IdcOnboardStatus': 'string',
'AuthorizedTokenIssuerList': [
{
'TrustedTokenIssuerArn': 'string',
'AuthorizedAudiencesList': [
'string',
]
},
],
'ServiceIntegrations': [
{
'LakeFormation': [
{
'LakeFormationQuery': {
'Authorization': 'Enabled'|'Disabled'
}
},
],
'S3AccessGrants': [
{
'ReadWriteAccess': {
'Authorization': 'Enabled'|'Disabled'
}
},
]
},
]
}
}
Response Structure
(dict) --
RedshiftIdcApplication (dict) --
Contains properties for the Redshift IDC application.
IdcInstanceArn (string) --
The ARN for the IAM Identity Center instance that Redshift integrates with.
RedshiftIdcApplicationName (string) --
The name of the Redshift application in IAM Identity Center.
RedshiftIdcApplicationArn (string) --
The ARN for the Redshift application that integrates with IAM Identity Center.
IdentityNamespace (string) --
The identity namespace for the Amazon Redshift IAM Identity Center application. It determines which managed application verifies the connection token.
IdcDisplayName (string) --
The display name for the Amazon Redshift IAM Identity Center application. It appears on the console.
IamRoleArn (string) --
The ARN for the Amazon Redshift IAM Identity Center application. It has the required permissions to be assumed and invoke the IDC Identity Center API.
IdcManagedApplicationArn (string) --
The ARN for the Amazon Redshift IAM Identity Center application.
IdcOnboardStatus (string) --
The onboarding status for the Amazon Redshift IAM Identity Center application.
AuthorizedTokenIssuerList (list) --
The authorized token issuer list for the Amazon Redshift IAM Identity Center application.
(dict) --
The authorized token issuer for the Amazon Redshift IAM Identity Center application.
TrustedTokenIssuerArn (string) --
The ARN for the authorized token issuer for integrating Amazon Redshift with IDC Identity Center.
AuthorizedAudiencesList (list) --
The list of audiences for the authorized token issuer for integrating Amazon Redshift with IDC Identity Center.
(string) --
ServiceIntegrations (list) --
A list of service integrations for the Redshift IAM Identity Center application.
(dict) --
A list of service integrations.
LakeFormation (list) --
A list of scopes set up for Lake Formation integration.
(dict) --
A list of scopes set up for Lake Formation integration.
LakeFormationQuery (dict) --
The Lake Formation scope.
Authorization (string) --
Determines whether the query scope is enabled or disabled.
S3AccessGrants (list) --
A list of scopes set up for S3 Access Grants integration.
(dict) --
A list of scopes set up for S3 Access Grants integration.
ReadWriteAccess (dict) --
The S3 Access Grants scope.
Authorization (string) --
Determines whether the read/write scope is enabled or disabled.
{'RedshiftIdcApplications': {'ServiceIntegrations': {'S3AccessGrants': [{'ReadWriteAccess': {'Authorization': 'Enabled '
'| '
'Disabled'}}]}}}
Lists the Amazon Redshift IAM Identity Center applications.
See also: AWS API Documentation
Request Syntax
client.describe_redshift_idc_applications(
RedshiftIdcApplicationArn='string',
MaxRecords=123,
Marker='string'
)
string
The ARN for the Redshift application that integrates with IAM Identity Center.
integer
The maximum number of response records to return in each call. If the number of remaining response records exceeds the specified MaxRecords value, a value is returned in a marker field of the response. You can retrieve the next set of records by retrying the command with the returned marker value.
string
A value that indicates the starting point for the next set of response records in a subsequent request. If a value is returned in a response, you can retrieve the next set of records by providing this returned marker value in the Marker parameter and retrying the command. If the Marker field is empty, all response records have been retrieved for the request.
dict
Response Syntax
{
'RedshiftIdcApplications': [
{
'IdcInstanceArn': 'string',
'RedshiftIdcApplicationName': 'string',
'RedshiftIdcApplicationArn': 'string',
'IdentityNamespace': 'string',
'IdcDisplayName': 'string',
'IamRoleArn': 'string',
'IdcManagedApplicationArn': 'string',
'IdcOnboardStatus': 'string',
'AuthorizedTokenIssuerList': [
{
'TrustedTokenIssuerArn': 'string',
'AuthorizedAudiencesList': [
'string',
]
},
],
'ServiceIntegrations': [
{
'LakeFormation': [
{
'LakeFormationQuery': {
'Authorization': 'Enabled'|'Disabled'
}
},
],
'S3AccessGrants': [
{
'ReadWriteAccess': {
'Authorization': 'Enabled'|'Disabled'
}
},
]
},
]
},
],
'Marker': 'string'
}
Response Structure
(dict) --
RedshiftIdcApplications (list) --
The list of Amazon Redshift IAM Identity Center applications.
(dict) --
Contains properties for the Redshift IDC application.
IdcInstanceArn (string) --
The ARN for the IAM Identity Center instance that Redshift integrates with.
RedshiftIdcApplicationName (string) --
The name of the Redshift application in IAM Identity Center.
RedshiftIdcApplicationArn (string) --
The ARN for the Redshift application that integrates with IAM Identity Center.
IdentityNamespace (string) --
The identity namespace for the Amazon Redshift IAM Identity Center application. It determines which managed application verifies the connection token.
IdcDisplayName (string) --
The display name for the Amazon Redshift IAM Identity Center application. It appears on the console.
IamRoleArn (string) --
The ARN for the Amazon Redshift IAM Identity Center application. It has the required permissions to be assumed and invoke the IDC Identity Center API.
IdcManagedApplicationArn (string) --
The ARN for the Amazon Redshift IAM Identity Center application.
IdcOnboardStatus (string) --
The onboarding status for the Amazon Redshift IAM Identity Center application.
AuthorizedTokenIssuerList (list) --
The authorized token issuer list for the Amazon Redshift IAM Identity Center application.
(dict) --
The authorized token issuer for the Amazon Redshift IAM Identity Center application.
TrustedTokenIssuerArn (string) --
The ARN for the authorized token issuer for integrating Amazon Redshift with IDC Identity Center.
AuthorizedAudiencesList (list) --
The list of audiences for the authorized token issuer for integrating Amazon Redshift with IDC Identity Center.
(string) --
ServiceIntegrations (list) --
A list of service integrations for the Redshift IAM Identity Center application.
(dict) --
A list of service integrations.
LakeFormation (list) --
A list of scopes set up for Lake Formation integration.
(dict) --
A list of scopes set up for Lake Formation integration.
LakeFormationQuery (dict) --
The Lake Formation scope.
Authorization (string) --
Determines whether the query scope is enabled or disabled.
S3AccessGrants (list) --
A list of scopes set up for S3 Access Grants integration.
(dict) --
A list of scopes set up for S3 Access Grants integration.
ReadWriteAccess (dict) --
The S3 Access Grants scope.
Authorization (string) --
Determines whether the read/write scope is enabled or disabled.
Marker (string) --
A value that indicates the starting point for the next set of response records in a subsequent request. If a value is returned in a response, you can retrieve the next set of records by providing this returned marker value in the Marker parameter and retrying the command. If the Marker field is empty, all response records have been retrieved for the request.
{'ServiceIntegrations': {'S3AccessGrants': [{'ReadWriteAccess': {'Authorization': 'Enabled '
'| '
'Disabled'}}]}}
Response {'RedshiftIdcApplication': {'ServiceIntegrations': {'S3AccessGrants': [{'ReadWriteAccess': {'Authorization': 'Enabled '
'| '
'Disabled'}}]}}}
Changes an existing Amazon Redshift IAM Identity Center application.
See also: AWS API Documentation
Request Syntax
client.modify_redshift_idc_application(
RedshiftIdcApplicationArn='string',
IdentityNamespace='string',
IamRoleArn='string',
IdcDisplayName='string',
AuthorizedTokenIssuerList=[
{
'TrustedTokenIssuerArn': 'string',
'AuthorizedAudiencesList': [
'string',
]
},
],
ServiceIntegrations=[
{
'LakeFormation': [
{
'LakeFormationQuery': {
'Authorization': 'Enabled'|'Disabled'
}
},
],
'S3AccessGrants': [
{
'ReadWriteAccess': {
'Authorization': 'Enabled'|'Disabled'
}
},
]
},
]
)
string
[REQUIRED]
The ARN for the Redshift application that integrates with IAM Identity Center.
string
The namespace for the Amazon Redshift IAM Identity Center application to change. It determines which managed application verifies the connection token.
string
The IAM role ARN associated with the Amazon Redshift IAM Identity Center application to change. It has the required permissions to be assumed and invoke the IDC Identity Center API.
string
The display name for the Amazon Redshift IAM Identity Center application to change. It appears on the console.
list
The authorized token issuer list for the Amazon Redshift IAM Identity Center application to change.
(dict) --
The authorized token issuer for the Amazon Redshift IAM Identity Center application.
TrustedTokenIssuerArn (string) --
The ARN for the authorized token issuer for integrating Amazon Redshift with IDC Identity Center.
AuthorizedAudiencesList (list) --
The list of audiences for the authorized token issuer for integrating Amazon Redshift with IDC Identity Center.
(string) --
list
A collection of service integrations associated with the application.
(dict) --
A list of service integrations.
LakeFormation (list) --
A list of scopes set up for Lake Formation integration.
(dict) --
A list of scopes set up for Lake Formation integration.
LakeFormationQuery (dict) --
The Lake Formation scope.
Authorization (string) -- [REQUIRED]
Determines whether the query scope is enabled or disabled.
S3AccessGrants (list) --
A list of scopes set up for S3 Access Grants integration.
(dict) --
A list of scopes set up for S3 Access Grants integration.
ReadWriteAccess (dict) --
The S3 Access Grants scope.
Authorization (string) -- [REQUIRED]
Determines whether the read/write scope is enabled or disabled.
dict
Response Syntax
{
'RedshiftIdcApplication': {
'IdcInstanceArn': 'string',
'RedshiftIdcApplicationName': 'string',
'RedshiftIdcApplicationArn': 'string',
'IdentityNamespace': 'string',
'IdcDisplayName': 'string',
'IamRoleArn': 'string',
'IdcManagedApplicationArn': 'string',
'IdcOnboardStatus': 'string',
'AuthorizedTokenIssuerList': [
{
'TrustedTokenIssuerArn': 'string',
'AuthorizedAudiencesList': [
'string',
]
},
],
'ServiceIntegrations': [
{
'LakeFormation': [
{
'LakeFormationQuery': {
'Authorization': 'Enabled'|'Disabled'
}
},
],
'S3AccessGrants': [
{
'ReadWriteAccess': {
'Authorization': 'Enabled'|'Disabled'
}
},
]
},
]
}
}
Response Structure
(dict) --
RedshiftIdcApplication (dict) --
Contains properties for the Redshift IDC application.
IdcInstanceArn (string) --
The ARN for the IAM Identity Center instance that Redshift integrates with.
RedshiftIdcApplicationName (string) --
The name of the Redshift application in IAM Identity Center.
RedshiftIdcApplicationArn (string) --
The ARN for the Redshift application that integrates with IAM Identity Center.
IdentityNamespace (string) --
The identity namespace for the Amazon Redshift IAM Identity Center application. It determines which managed application verifies the connection token.
IdcDisplayName (string) --
The display name for the Amazon Redshift IAM Identity Center application. It appears on the console.
IamRoleArn (string) --
The ARN for the Amazon Redshift IAM Identity Center application. It has the required permissions to be assumed and invoke the IDC Identity Center API.
IdcManagedApplicationArn (string) --
The ARN for the Amazon Redshift IAM Identity Center application.
IdcOnboardStatus (string) --
The onboarding status for the Amazon Redshift IAM Identity Center application.
AuthorizedTokenIssuerList (list) --
The authorized token issuer list for the Amazon Redshift IAM Identity Center application.
(dict) --
The authorized token issuer for the Amazon Redshift IAM Identity Center application.
TrustedTokenIssuerArn (string) --
The ARN for the authorized token issuer for integrating Amazon Redshift with IDC Identity Center.
AuthorizedAudiencesList (list) --
The list of audiences for the authorized token issuer for integrating Amazon Redshift with IDC Identity Center.
(string) --
ServiceIntegrations (list) --
A list of service integrations for the Redshift IAM Identity Center application.
(dict) --
A list of service integrations.
LakeFormation (list) --
A list of scopes set up for Lake Formation integration.
(dict) --
A list of scopes set up for Lake Formation integration.
LakeFormationQuery (dict) --
The Lake Formation scope.
Authorization (string) --
Determines whether the query scope is enabled or disabled.
S3AccessGrants (list) --
A list of scopes set up for S3 Access Grants integration.
(dict) --
A list of scopes set up for S3 Access Grants integration.
ReadWriteAccess (dict) --
The S3 Access Grants scope.
Authorization (string) --
Determines whether the read/write scope is enabled or disabled.