AWS Lake Formation

{'ResourceInfo': {'WithFederation': 'boolean'}}

Retrieves the current data access role for the given resource registered in Lake Formation.

See also: AWS API Documentation

Request Syntax

client.describe_resource(
    ResourceArn='string'
)

type ResourceArn:

string

param ResourceArn:

[REQUIRED]

The resource ARN.

rtype:

dict

returns:

Response Syntax

{
    'ResourceInfo': {
        'ResourceArn': 'string',
        'RoleArn': 'string',
        'LastModified': datetime(2015, 1, 1),
        'WithFederation': True|False
    }
}

Response Structure

• (dict) --

  • ResourceInfo (dict) --

    A structure containing information about an Lake Formation resource.

    • ResourceArn (string) --

      The Amazon Resource Name (ARN) of the resource.

    • RoleArn (string) --

      The IAM role that registered a resource.

    • LastModified (datetime) --

      The date and time the resource was last modified.

    • WithFederation (boolean) --

      Whether or not the resource is a federated resource.

{'ResourceInfoList': {'WithFederation': 'boolean'}}

Lists the resources registered to be managed by the Data Catalog.

See also: AWS API Documentation

Request Syntax

client.list_resources(
    FilterConditionList=[
        {
            'Field': 'RESOURCE_ARN'|'ROLE_ARN'|'LAST_MODIFIED',
            'ComparisonOperator': 'EQ'|'NE'|'LE'|'LT'|'GE'|'GT'|'CONTAINS'|'NOT_CONTAINS'|'BEGINS_WITH'|'IN'|'BETWEEN',
            'StringValueList': [
                'string',
            ]
        },
    ],
    MaxResults=123,
    NextToken='string'
)

type FilterConditionList:

list

param FilterConditionList:

Any applicable row-level and/or column-level filtering conditions for the resources.

• (dict) --

  This structure describes the filtering of columns in a table based on a filter condition.

  • Field (string) --

    The field to filter in the filter condition.

  • ComparisonOperator (string) --

    The comparison operator used in the filter condition.

  • StringValueList (list) --

    A string with values used in evaluating the filter condition.

    • (string) --

type MaxResults:

integer

param MaxResults:

The maximum number of resource results.

type NextToken:

string

param NextToken:

A continuation token, if this is not the first call to retrieve these resources.

rtype:

dict

returns:

Response Syntax

{
    'ResourceInfoList': [
        {
            'ResourceArn': 'string',
            'RoleArn': 'string',
            'LastModified': datetime(2015, 1, 1),
            'WithFederation': True|False
        },
    ],
    'NextToken': 'string'
}

Response Structure

• (dict) --

  • ResourceInfoList (list) --

    A summary of the data lake resources.

    • (dict) --

      A structure containing information about an Lake Formation resource.

      • ResourceArn (string) --

        The Amazon Resource Name (ARN) of the resource.

      • RoleArn (string) --

        The IAM role that registered a resource.

      • LastModified (datetime) --

        The date and time the resource was last modified.

      • WithFederation (boolean) --

        Whether or not the resource is a federated resource.

  • NextToken (string) --

    A continuation token, if this is not the first call to retrieve these resources.

{'WithFederation': 'boolean'}

Registers the resource as managed by the Data Catalog.

To add or update data, Lake Formation needs read/write access to the chosen Amazon S3 path. Choose a role that you know has permission to do this, or choose the AWSServiceRoleForLakeFormationDataAccess service-linked role. When you register the first Amazon S3 path, the service-linked role and a new inline policy are created on your behalf. Lake Formation adds the first path to the inline policy and attaches it to the service-linked role. When you register subsequent paths, Lake Formation adds the path to the existing policy.

The following request registers a new location and gives Lake Formation permission to use the service-linked role to access that location.

ResourceArn = arn:aws:s3:::my-bucket UseServiceLinkedRole = true

If UseServiceLinkedRole is not set to true, you must provide or set the RoleArn:

arn:aws:iam::12345:role/my-data-access-role

See also: AWS API Documentation

Request Syntax

client.register_resource(
    ResourceArn='string',
    UseServiceLinkedRole=True|False,
    RoleArn='string',
    WithFederation=True|False
)

type ResourceArn:

string

param ResourceArn:

[REQUIRED]

The Amazon Resource Name (ARN) of the resource that you want to register.

type UseServiceLinkedRole:

boolean

param UseServiceLinkedRole:

Designates an Identity and Access Management (IAM) service-linked role by registering this role with the Data Catalog. A service-linked role is a unique type of IAM role that is linked directly to Lake Formation.

For more information, see Using Service-Linked Roles for Lake Formation.

type RoleArn:

string

param RoleArn:

The identifier for the role that registers the resource.

type WithFederation:

boolean

param WithFederation:

Whether or not the resource is a federated resource.

rtype:

dict

returns:

Response Syntax

{}

Response Structure

• (dict) --

{'WithFederation': 'boolean'}

Updates the data access role used for vending access to the given (registered) resource in Lake Formation.

See also: AWS API Documentation

Request Syntax

client.update_resource(
    RoleArn='string',
    ResourceArn='string',
    WithFederation=True|False
)

type RoleArn:

string

param RoleArn:

[REQUIRED]

The new role to use for the given resource registered in Lake Formation.

type ResourceArn:

string

param ResourceArn:

[REQUIRED]

The resource ARN.

type WithFederation:

boolean

param WithFederation:

Whether or not the resource is a federated resource.

rtype:

dict

returns:

Response Syntax

{}

Response Structure

• (dict) --