2023/06/27 - AppFabric - 26 new api methods
Changes Initial release of AWS AppFabric for connecting SaaS applications for better productivity and security.
Returns a list of app bundles.
See also: AWS API Documentation
Request Syntax
client.list_app_bundles(
maxResults=123,
nextToken='string'
)
integer
The maximum number of results that are returned per call. You can use nextToken to obtain further pages of results.
This is only an upper limit. The actual number of results returned per call might be fewer than the specified maximum.
string
If nextToken is returned, there are more results available. The value of nextToken is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination token will return an HTTP 400 InvalidToken error .
dict
Response Syntax
{
'appBundleSummaryList': [
{
'arn': 'string'
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
appBundleSummaryList (list) --
Contains a list of app bundle summaries.
(dict) --
Contains a summary of an app bundle.
arn (string) --
The Amazon Resource Name (ARN) of the app bundle.
nextToken (string) --
If nextToken is returned, there are more results available. The value of nextToken is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination token will return an HTTP 400 InvalidToken error .
Creates an ingestion destination, which specifies how an application's ingested data is processed by Amazon Web Services AppFabric and where it's delivered.
See also: AWS API Documentation
Request Syntax
client.create_ingestion_destination(
appBundleIdentifier='string',
ingestionIdentifier='string',
processingConfiguration={
'auditLog': {
'schema': 'ocsf'|'raw',
'format': 'json'|'parquet'
}
},
destinationConfiguration={
'auditLog': {
'destination': {
's3Bucket': {
'bucketName': 'string',
'prefix': 'string'
},
'firehoseStream': {
'streamName': 'string'
}
}
}
},
clientToken='string',
tags=[
{
'key': 'string',
'value': 'string'
},
]
)
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion to use for the request.
dict
[REQUIRED]
Contains information about how ingested data is processed.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: auditLog.
auditLog (dict) --
Contains information about an audit log processing configuration.
schema (string) -- [REQUIRED]
The event schema in which the audit logs need to be formatted.
format (string) -- [REQUIRED]
The format in which the audit logs need to be formatted.
dict
[REQUIRED]
Contains information about the destination of ingested data.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: auditLog.
auditLog (dict) --
Contains information about an audit log destination configuration.
destination (dict) -- [REQUIRED]
Contains information about an audit log destination.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: s3Bucket, firehoseStream.
s3Bucket (dict) --
Contains information about an Amazon S3 bucket.
bucketName (string) -- [REQUIRED]
The name of the Amazon S3 bucket.
prefix (string) --
The object key to use.
firehoseStream (dict) --
Contains information about an Amazon Kinesis Data Firehose delivery stream.
streamName (string) -- [REQUIRED]
The name of the Amazon Kinesis Data Firehose delivery stream.
string
Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a UUID type of value.
If you don't provide this value, then Amazon Web Services generates a random one for you.
If you retry the operation with the same ClientToken , but with different parameters, the retry fails with an IdempotentParameterMismatch error.
This field is autopopulated if not provided.
list
A map of the key-value pairs of the tag or tags to assign to the resource.
(dict) --
The key or keys of the key-value pairs for the tag or tags assigned to a resource.
key (string) -- [REQUIRED]
Tag key.
value (string) -- [REQUIRED]
Tag value.
dict
Response Syntax
{
'ingestionDestination': {
'arn': 'string',
'ingestionArn': 'string',
'processingConfiguration': {
'auditLog': {
'schema': 'ocsf'|'raw',
'format': 'json'|'parquet'
}
},
'destinationConfiguration': {
'auditLog': {
'destination': {
's3Bucket': {
'bucketName': 'string',
'prefix': 'string'
},
'firehoseStream': {
'streamName': 'string'
}
}
}
},
'status': 'Active'|'Failed',
'statusReason': 'string',
'createdAt': datetime(2015, 1, 1),
'updatedAt': datetime(2015, 1, 1)
}
}
Response Structure
(dict) --
ingestionDestination (dict) --
Contains information about an ingestion destination.
arn (string) --
The Amazon Resource Name (ARN) of the ingestion destination.
ingestionArn (string) --
The Amazon Resource Name (ARN) of the ingestion.
processingConfiguration (dict) --
Contains information about how ingested data is processed.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: auditLog. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
auditLog (dict) --
Contains information about an audit log processing configuration.
schema (string) --
The event schema in which the audit logs need to be formatted.
format (string) --
The format in which the audit logs need to be formatted.
destinationConfiguration (dict) --
Contains information about the destination of ingested data.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: auditLog. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
auditLog (dict) --
Contains information about an audit log destination configuration.
destination (dict) --
Contains information about an audit log destination.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: s3Bucket, firehoseStream. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
s3Bucket (dict) --
Contains information about an Amazon S3 bucket.
bucketName (string) --
The name of the Amazon S3 bucket.
prefix (string) --
The object key to use.
firehoseStream (dict) --
Contains information about an Amazon Kinesis Data Firehose delivery stream.
streamName (string) --
The name of the Amazon Kinesis Data Firehose delivery stream.
status (string) --
The state of the ingestion destination.
The following states are possible:
Active : The ingestion destination is active and is ready to be used.
Failed : The ingestion destination has failed. If the ingestion destination is in this state, you should verify the ingestion destination configuration and try again.
statusReason (string) --
The reason for the current status of the ingestion destination.
Only present when the status of ingestion destination is Failed .
createdAt (datetime) --
The timestamp of when the ingestion destination was created.
updatedAt (datetime) --
The timestamp of when the ingestion destination was last updated.
Returns information about an app authorization.
See also: AWS API Documentation
Request Syntax
client.get_app_authorization(
appBundleIdentifier='string',
appAuthorizationIdentifier='string'
)
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app authorization to use for the request.
dict
Response Syntax
{
'appAuthorization': {
'appAuthorizationArn': 'string',
'appBundleArn': 'string',
'app': 'string',
'tenant': {
'tenantIdentifier': 'string',
'tenantDisplayName': 'string'
},
'authType': 'oauth2'|'apiKey',
'status': 'PendingConnect'|'Connected'|'ConnectionValidationFailed'|'TokenAutoRotationFailed',
'createdAt': datetime(2015, 1, 1),
'updatedAt': datetime(2015, 1, 1),
'persona': 'admin'|'endUser',
'authUrl': 'string'
}
}
Response Structure
(dict) --
appAuthorization (dict) --
Contains information about an app authorization.
appAuthorizationArn (string) --
The Amazon Resource Name (ARN) of the app authorization.
appBundleArn (string) --
The Amazon Resource Name (ARN) of the app bundle for the app authorization.
app (string) --
The name of the application.
tenant (dict) --
Contains information about an application tenant, such as the application display name and identifier.
tenantIdentifier (string) --
The ID of the application tenant.
tenantDisplayName (string) --
The display name of the tenant.
authType (string) --
The authorization type.
status (string) --
The state of the app authorization.
The following states are possible:
PendingConnect : The initial state of the app authorization. The app authorization is created but not yet connected.
Connected : The app authorization is connected to the application, and is ready to be used.
ConnectionValidationFailed : The app authorization received a validation exception when trying to connect to the application. If the app authorization is in this state, you should verify the configured credentials and try to connect the app authorization again.
TokenAutoRotationFailed : AppFabric failed to refresh the access token. If the app authorization is in this state, you should try to reconnect the app authorization.
createdAt (datetime) --
The timestamp of when the app authorization was created.
updatedAt (datetime) --
The timestamp of when the app authorization was last updated.
persona (string) --
The user persona of the app authorization.
This field should always be admin .
authUrl (string) --
The application URL for the OAuth flow.
Deletes an app bundle. You must delete all associated app authorizations before you can delete an app bundle.
See also: AWS API Documentation
Request Syntax
client.delete_app_bundle(
appBundleIdentifier='string'
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the app bundle that needs to be deleted.
dict
Response Syntax
{}
Response Structure
(dict) --
Updates an app authorization within an app bundle, which allows AppFabric to connect to an application.
If the app authorization was in a connected state, updating the app authorization will set it back to a PendingConnect state.
See also: AWS API Documentation
Request Syntax
client.update_app_authorization(
appBundleIdentifier='string',
appAuthorizationIdentifier='string',
credential={
'oauth2Credential': {
'clientId': 'string',
'clientSecret': 'string'
},
'apiKeyCredential': {
'apiKey': 'string'
}
},
tenant={
'tenantIdentifier': 'string',
'tenantDisplayName': 'string'
}
)
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app authorization to use for the request.
dict
Contains credentials for the application, such as an API key or OAuth2 client ID and secret.
Specify credentials that match the authorization type of the app authorization to update. For example, if the authorization type of the app authorization is OAuth2 ( oauth2 ), then you should provide only the OAuth2 credentials.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: oauth2Credential, apiKeyCredential.
oauth2Credential (dict) --
Contains OAuth2 client credential information.
clientId (string) -- [REQUIRED]
The client ID of the client application.
clientSecret (string) -- [REQUIRED]
The client secret of the client application.
apiKeyCredential (dict) --
Contains API key credential information.
apiKey (string) -- [REQUIRED]
An API key for an application.
dict
Contains information about an application tenant, such as the application display name and identifier.
tenantIdentifier (string) -- [REQUIRED]
The ID of the application tenant.
tenantDisplayName (string) -- [REQUIRED]
The display name of the tenant.
dict
Response Syntax
{
'appAuthorization': {
'appAuthorizationArn': 'string',
'appBundleArn': 'string',
'app': 'string',
'tenant': {
'tenantIdentifier': 'string',
'tenantDisplayName': 'string'
},
'authType': 'oauth2'|'apiKey',
'status': 'PendingConnect'|'Connected'|'ConnectionValidationFailed'|'TokenAutoRotationFailed',
'createdAt': datetime(2015, 1, 1),
'updatedAt': datetime(2015, 1, 1),
'persona': 'admin'|'endUser',
'authUrl': 'string'
}
}
Response Structure
(dict) --
appAuthorization (dict) --
Contains information about an app authorization.
appAuthorizationArn (string) --
The Amazon Resource Name (ARN) of the app authorization.
appBundleArn (string) --
The Amazon Resource Name (ARN) of the app bundle for the app authorization.
app (string) --
The name of the application.
tenant (dict) --
Contains information about an application tenant, such as the application display name and identifier.
tenantIdentifier (string) --
The ID of the application tenant.
tenantDisplayName (string) --
The display name of the tenant.
authType (string) --
The authorization type.
status (string) --
The state of the app authorization.
The following states are possible:
PendingConnect : The initial state of the app authorization. The app authorization is created but not yet connected.
Connected : The app authorization is connected to the application, and is ready to be used.
ConnectionValidationFailed : The app authorization received a validation exception when trying to connect to the application. If the app authorization is in this state, you should verify the configured credentials and try to connect the app authorization again.
TokenAutoRotationFailed : AppFabric failed to refresh the access token. If the app authorization is in this state, you should try to reconnect the app authorization.
createdAt (datetime) --
The timestamp of when the app authorization was created.
updatedAt (datetime) --
The timestamp of when the app authorization was last updated.
persona (string) --
The user persona of the app authorization.
This field should always be admin .
authUrl (string) --
The application URL for the OAuth flow.
Removes a tag or tags from a resource.
See also: AWS API Documentation
Request Syntax
client.untag_resource(
resourceArn='string',
tagKeys=[
'string',
]
)
string
[REQUIRED]
The Amazon Resource Name (ARN) of the resource that you want to untag.
list
[REQUIRED]
The keys of the key-value pairs for the tag or tags you want to remove from the specified resource.
(string) --
dict
Response Syntax
{}
Response Structure
(dict) --
Deletes an app authorization. You must delete the associated ingestion before you can delete an app authorization.
See also: AWS API Documentation
Request Syntax
client.delete_app_authorization(
appBundleIdentifier='string',
appAuthorizationIdentifier='string'
)
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app authorization to use for the request.
dict
Response Syntax
{}
Response Structure
(dict) --
Establishes a connection between Amazon Web Services AppFabric and an application, which allows AppFabric to call the APIs of the application.
See also: AWS API Documentation
Request Syntax
client.connect_app_authorization(
appBundleIdentifier='string',
appAuthorizationIdentifier='string',
authRequest={
'redirectUri': 'string',
'code': 'string'
}
)
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle that contains the app authorization to use for the request.
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app authorization to use for the request.
dict
Contains OAuth2 authorization information.
This is required if the app authorization for the request is configured with an OAuth2 ( oauth2 ) authorization type.
redirectUri (string) -- [REQUIRED]
The redirect URL that is specified in the AuthURL and the application client.
code (string) -- [REQUIRED]
The authorization code returned by the application after permission is granted in the application OAuth page (after clicking on the AuthURL).
dict
Response Syntax
{
'appAuthorizationSummary': {
'appAuthorizationArn': 'string',
'appBundleArn': 'string',
'app': 'string',
'tenant': {
'tenantIdentifier': 'string',
'tenantDisplayName': 'string'
},
'status': 'PendingConnect'|'Connected'|'ConnectionValidationFailed'|'TokenAutoRotationFailed',
'updatedAt': datetime(2015, 1, 1)
}
}
Response Structure
(dict) --
appAuthorizationSummary (dict) --
Contains a summary of the app authorization.
appAuthorizationArn (string) --
The Amazon Resource Name (ARN) of the app authorization.
appBundleArn (string) --
The Amazon Resource Name (ARN) of the app bundle for the app authorization.
app (string) --
The name of the application.
tenant (dict) --
Contains information about an application tenant, such as the application display name and identifier.
tenantIdentifier (string) --
The ID of the application tenant.
tenantDisplayName (string) --
The display name of the tenant.
status (string) --
The state of the app authorization.
The following states are possible:
PendingConnect : The initial state of the app authorization. The app authorization is created but not yet connected.
Connected : The app authorization is connected to the application, and is ready to be used.
ConnectionValidationFailed : The app authorization received a validation exception when trying to connect to the application. If the app authorization is in this state, you should verify the configured credentials and try to connect the app authorization again.
TokenAutoRotationFailed : AppFabric failed to refresh the access token. If the app authorization is in this state, you should try to reconnect the app authorization.
updatedAt (datetime) --
Timestamp for when the app authorization was last updated.
Stops (disables) an ingestion.
See also: AWS API Documentation
Request Syntax
client.stop_ingestion(
ingestionIdentifier='string',
appBundleIdentifier='string'
)
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion to use for the request.
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
dict
Response Syntax
{}
Response Structure
(dict) --
Returns information about an ingestion.
See also: AWS API Documentation
Request Syntax
client.get_ingestion(
appBundleIdentifier='string',
ingestionIdentifier='string'
)
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion to use for the request.
dict
Response Syntax
{
'ingestion': {
'arn': 'string',
'appBundleArn': 'string',
'app': 'string',
'tenantId': 'string',
'createdAt': datetime(2015, 1, 1),
'updatedAt': datetime(2015, 1, 1),
'state': 'enabled'|'disabled',
'ingestionType': 'auditLog'
}
}
Response Structure
(dict) --
ingestion (dict) --
Contains information about an ingestion.
arn (string) --
The Amazon Resource Name (ARN) of the ingestion.
appBundleArn (string) --
The Amazon Resource Name (ARN) of the app bundle for the ingestion.
app (string) --
The name of the application.
tenantId (string) --
The ID of the application tenant.
createdAt (datetime) --
The timestamp of when the ingestion was created.
updatedAt (datetime) --
The timestamp of when the ingestion was last updated.
state (string) --
The status of the ingestion.
ingestionType (string) --
The type of the ingestion.
Deletes an ingestion destination.
This deletes the association between an ingestion and it's destination. It doesn't delete previously ingested data or the storage destination, such as the Amazon S3 bucket where the data is delivered. If the ingestion destination is deleted while the associated ingestion is enabled, the ingestion will fail and is eventually disabled.
See also: AWS API Documentation
Request Syntax
client.delete_ingestion_destination(
appBundleIdentifier='string',
ingestionIdentifier='string',
ingestionDestinationIdentifier='string'
)
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion to use for the request.
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion destination to use for the request.
dict
Response Syntax
{}
Response Structure
(dict) --
Deletes an ingestion. You must stop (disable) the ingestion and you must delete all associated ingestion destinations before you can delete an app ingestion.
See also: AWS API Documentation
Request Syntax
client.delete_ingestion(
appBundleIdentifier='string',
ingestionIdentifier='string'
)
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion to use for the request.
dict
Response Syntax
{}
Response Structure
(dict) --
Returns information about an ingestion destination.
See also: AWS API Documentation
Request Syntax
client.get_ingestion_destination(
appBundleIdentifier='string',
ingestionIdentifier='string',
ingestionDestinationIdentifier='string'
)
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion to use for the request.
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion destination to use for the request.
dict
Response Syntax
{
'ingestionDestination': {
'arn': 'string',
'ingestionArn': 'string',
'processingConfiguration': {
'auditLog': {
'schema': 'ocsf'|'raw',
'format': 'json'|'parquet'
}
},
'destinationConfiguration': {
'auditLog': {
'destination': {
's3Bucket': {
'bucketName': 'string',
'prefix': 'string'
},
'firehoseStream': {
'streamName': 'string'
}
}
}
},
'status': 'Active'|'Failed',
'statusReason': 'string',
'createdAt': datetime(2015, 1, 1),
'updatedAt': datetime(2015, 1, 1)
}
}
Response Structure
(dict) --
ingestionDestination (dict) --
Contains information about an ingestion destination.
arn (string) --
The Amazon Resource Name (ARN) of the ingestion destination.
ingestionArn (string) --
The Amazon Resource Name (ARN) of the ingestion.
processingConfiguration (dict) --
Contains information about how ingested data is processed.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: auditLog. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
auditLog (dict) --
Contains information about an audit log processing configuration.
schema (string) --
The event schema in which the audit logs need to be formatted.
format (string) --
The format in which the audit logs need to be formatted.
destinationConfiguration (dict) --
Contains information about the destination of ingested data.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: auditLog. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
auditLog (dict) --
Contains information about an audit log destination configuration.
destination (dict) --
Contains information about an audit log destination.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: s3Bucket, firehoseStream. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
s3Bucket (dict) --
Contains information about an Amazon S3 bucket.
bucketName (string) --
The name of the Amazon S3 bucket.
prefix (string) --
The object key to use.
firehoseStream (dict) --
Contains information about an Amazon Kinesis Data Firehose delivery stream.
streamName (string) --
The name of the Amazon Kinesis Data Firehose delivery stream.
status (string) --
The state of the ingestion destination.
The following states are possible:
Active : The ingestion destination is active and is ready to be used.
Failed : The ingestion destination has failed. If the ingestion destination is in this state, you should verify the ingestion destination configuration and try again.
statusReason (string) --
The reason for the current status of the ingestion destination.
Only present when the status of ingestion destination is Failed .
createdAt (datetime) --
The timestamp of when the ingestion destination was created.
updatedAt (datetime) --
The timestamp of when the ingestion destination was last updated.
Starts the tasks to search user access status for a specific email address.
The tasks are stopped when the user access status data is found. The tasks are terminated when the API calls to the application time out.
See also: AWS API Documentation
Request Syntax
client.start_user_access_tasks(
appBundleIdentifier='string',
email='string'
)
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
string
[REQUIRED]
The email address of the target user.
dict
Response Syntax
{
'userAccessTasksList': [
{
'app': 'string',
'tenantId': 'string',
'taskId': 'string',
'error': {
'errorCode': 'string',
'errorMessage': 'string'
}
},
]
}
Response Structure
(dict) --
userAccessTasksList (list) --
Contains a list of user access task information.
(dict) --
Contains information about a user access task.
app (string) --
The name of the application.
tenantId (string) --
The ID of the application tenant.
taskId (string) --
The unique ID of the task.
error (dict) --
Error from the task, if any.
errorCode (string) --
The code of the error.
errorMessage (string) --
The message of the error.
Returns a list of all ingestions configured for an app bundle.
See also: AWS API Documentation
Request Syntax
client.list_ingestions(
appBundleIdentifier='string',
maxResults=123,
nextToken='string'
)
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
integer
The maximum number of results that are returned per call. You can use nextToken to obtain further pages of results.
This is only an upper limit. The actual number of results returned per call might be fewer than the specified maximum.
string
If nextToken is returned, there are more results available. The value of nextToken is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination token will return an HTTP 400 InvalidToken error .
dict
Response Syntax
{
'ingestions': [
{
'arn': 'string',
'app': 'string',
'tenantId': 'string',
'state': 'enabled'|'disabled'
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
ingestions (list) --
Contains a list of ingestion summaries.
(dict) --
Contains a summary of an ingestion.
arn (string) --
The Amazon Resource Name (ARN) of the ingestion.
app (string) --
The name of the application.
tenantId (string) --
The ID of the application tenant.
state (string) --
The status of the ingestion.
nextToken (string) --
If nextToken is returned, there are more results available. The value of nextToken is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination token will return an HTTP 400 InvalidToken error .
Returns a list of all ingestion destinations configured for an ingestion.
See also: AWS API Documentation
Request Syntax
client.list_ingestion_destinations(
appBundleIdentifier='string',
ingestionIdentifier='string',
maxResults=123,
nextToken='string'
)
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion to use for the request.
integer
The maximum number of results that are returned per call. You can use nextToken to obtain further pages of results.
This is only an upper limit. The actual number of results returned per call might be fewer than the specified maximum.
string
If nextToken is returned, there are more results available. The value of nextToken is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination token will return an HTTP 400 InvalidToken error .
dict
Response Syntax
{
'ingestionDestinations': [
{
'arn': 'string'
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
ingestionDestinations (list) --
Contains a list of ingestion destination summaries.
(dict) --
Contains a summary of an ingestion destination.
arn (string) --
The Amazon Resource Name (ARN) of the ingestion destination.
nextToken (string) --
If nextToken is returned, there are more results available. The value of nextToken is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination token will return an HTTP 400 InvalidToken error .
Creates an app authorization within an app bundle, which allows AppFabric to connect to an application.
See also: AWS API Documentation
Request Syntax
client.create_app_authorization(
appBundleIdentifier='string',
app='string',
credential={
'oauth2Credential': {
'clientId': 'string',
'clientSecret': 'string'
},
'apiKeyCredential': {
'apiKey': 'string'
}
},
tenant={
'tenantIdentifier': 'string',
'tenantDisplayName': 'string'
},
authType='oauth2'|'apiKey',
clientToken='string',
tags=[
{
'key': 'string',
'value': 'string'
},
]
)
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
string
[REQUIRED]
The name of the application.
Valid values are:
SLACK
ASANA
JIRA
M365
M365AUDITLOGS
ZOOM
ZENDESK
OKTA
DROPBOX
SMARTSHEET
CISCO
dict
[REQUIRED]
Contains credentials for the application, such as an API key or OAuth2 client ID and secret.
Specify credentials that match the authorization type for your request. For example, if the authorization type for your request is OAuth2 ( oauth2 ), then you should provide only the OAuth2 credentials.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: oauth2Credential, apiKeyCredential.
oauth2Credential (dict) --
Contains OAuth2 client credential information.
clientId (string) -- [REQUIRED]
The client ID of the client application.
clientSecret (string) -- [REQUIRED]
The client secret of the client application.
apiKeyCredential (dict) --
Contains API key credential information.
apiKey (string) -- [REQUIRED]
An API key for an application.
dict
[REQUIRED]
Contains information about an application tenant, such as the application display name and identifier.
tenantIdentifier (string) -- [REQUIRED]
The ID of the application tenant.
tenantDisplayName (string) -- [REQUIRED]
The display name of the tenant.
string
[REQUIRED]
The authorization type for the app authorization.
string
Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a UUID type of value.
If you don't provide this value, then Amazon Web Services generates a random one for you.
If you retry the operation with the same ClientToken , but with different parameters, the retry fails with an IdempotentParameterMismatch error.
This field is autopopulated if not provided.
list
A map of the key-value pairs of the tag or tags to assign to the resource.
(dict) --
The key or keys of the key-value pairs for the tag or tags assigned to a resource.
key (string) -- [REQUIRED]
Tag key.
value (string) -- [REQUIRED]
Tag value.
dict
Response Syntax
{
'appAuthorization': {
'appAuthorizationArn': 'string',
'appBundleArn': 'string',
'app': 'string',
'tenant': {
'tenantIdentifier': 'string',
'tenantDisplayName': 'string'
},
'authType': 'oauth2'|'apiKey',
'status': 'PendingConnect'|'Connected'|'ConnectionValidationFailed'|'TokenAutoRotationFailed',
'createdAt': datetime(2015, 1, 1),
'updatedAt': datetime(2015, 1, 1),
'persona': 'admin'|'endUser',
'authUrl': 'string'
}
}
Response Structure
(dict) --
appAuthorization (dict) --
Contains information about an app authorization.
appAuthorizationArn (string) --
The Amazon Resource Name (ARN) of the app authorization.
appBundleArn (string) --
The Amazon Resource Name (ARN) of the app bundle for the app authorization.
app (string) --
The name of the application.
tenant (dict) --
Contains information about an application tenant, such as the application display name and identifier.
tenantIdentifier (string) --
The ID of the application tenant.
tenantDisplayName (string) --
The display name of the tenant.
authType (string) --
The authorization type.
status (string) --
The state of the app authorization.
The following states are possible:
PendingConnect : The initial state of the app authorization. The app authorization is created but not yet connected.
Connected : The app authorization is connected to the application, and is ready to be used.
ConnectionValidationFailed : The app authorization received a validation exception when trying to connect to the application. If the app authorization is in this state, you should verify the configured credentials and try to connect the app authorization again.
TokenAutoRotationFailed : AppFabric failed to refresh the access token. If the app authorization is in this state, you should try to reconnect the app authorization.
createdAt (datetime) --
The timestamp of when the app authorization was created.
updatedAt (datetime) --
The timestamp of when the app authorization was last updated.
persona (string) --
The user persona of the app authorization.
This field should always be admin .
authUrl (string) --
The application URL for the OAuth flow.
Starts (enables) an ingestion, which collects data from an application.
See also: AWS API Documentation
Request Syntax
client.start_ingestion(
ingestionIdentifier='string',
appBundleIdentifier='string'
)
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion to use for the request.
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
dict
Response Syntax
{}
Response Structure
(dict) --
Updates an ingestion destination, which specifies how an application's ingested data is processed by Amazon Web Services AppFabric and where it's delivered.
See also: AWS API Documentation
Request Syntax
client.update_ingestion_destination(
appBundleIdentifier='string',
ingestionIdentifier='string',
ingestionDestinationIdentifier='string',
destinationConfiguration={
'auditLog': {
'destination': {
's3Bucket': {
'bucketName': 'string',
'prefix': 'string'
},
'firehoseStream': {
'streamName': 'string'
}
}
}
}
)
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion to use for the request.
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion destination to use for the request.
dict
[REQUIRED]
Contains information about the destination of ingested data.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: auditLog.
auditLog (dict) --
Contains information about an audit log destination configuration.
destination (dict) -- [REQUIRED]
Contains information about an audit log destination.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: s3Bucket, firehoseStream.
s3Bucket (dict) --
Contains information about an Amazon S3 bucket.
bucketName (string) -- [REQUIRED]
The name of the Amazon S3 bucket.
prefix (string) --
The object key to use.
firehoseStream (dict) --
Contains information about an Amazon Kinesis Data Firehose delivery stream.
streamName (string) -- [REQUIRED]
The name of the Amazon Kinesis Data Firehose delivery stream.
dict
Response Syntax
{
'ingestionDestination': {
'arn': 'string',
'ingestionArn': 'string',
'processingConfiguration': {
'auditLog': {
'schema': 'ocsf'|'raw',
'format': 'json'|'parquet'
}
},
'destinationConfiguration': {
'auditLog': {
'destination': {
's3Bucket': {
'bucketName': 'string',
'prefix': 'string'
},
'firehoseStream': {
'streamName': 'string'
}
}
}
},
'status': 'Active'|'Failed',
'statusReason': 'string',
'createdAt': datetime(2015, 1, 1),
'updatedAt': datetime(2015, 1, 1)
}
}
Response Structure
(dict) --
ingestionDestination (dict) --
Contains information about an ingestion destination.
arn (string) --
The Amazon Resource Name (ARN) of the ingestion destination.
ingestionArn (string) --
The Amazon Resource Name (ARN) of the ingestion.
processingConfiguration (dict) --
Contains information about how ingested data is processed.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: auditLog. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
auditLog (dict) --
Contains information about an audit log processing configuration.
schema (string) --
The event schema in which the audit logs need to be formatted.
format (string) --
The format in which the audit logs need to be formatted.
destinationConfiguration (dict) --
Contains information about the destination of ingested data.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: auditLog. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
auditLog (dict) --
Contains information about an audit log destination configuration.
destination (dict) --
Contains information about an audit log destination.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: s3Bucket, firehoseStream. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
s3Bucket (dict) --
Contains information about an Amazon S3 bucket.
bucketName (string) --
The name of the Amazon S3 bucket.
prefix (string) --
The object key to use.
firehoseStream (dict) --
Contains information about an Amazon Kinesis Data Firehose delivery stream.
streamName (string) --
The name of the Amazon Kinesis Data Firehose delivery stream.
status (string) --
The state of the ingestion destination.
The following states are possible:
Active : The ingestion destination is active and is ready to be used.
Failed : The ingestion destination has failed. If the ingestion destination is in this state, you should verify the ingestion destination configuration and try again.
statusReason (string) --
The reason for the current status of the ingestion destination.
Only present when the status of ingestion destination is Failed .
createdAt (datetime) --
The timestamp of when the ingestion destination was created.
updatedAt (datetime) --
The timestamp of when the ingestion destination was last updated.
Creates a data ingestion for an application.
See also: AWS API Documentation
Request Syntax
client.create_ingestion(
appBundleIdentifier='string',
app='string',
tenantId='string',
ingestionType='auditLog',
clientToken='string',
tags=[
{
'key': 'string',
'value': 'string'
},
]
)
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
string
[REQUIRED]
The name of the application.
Valid values are:
SLACK
ASANA
JIRA
M365
M365AUDITLOGS
ZOOM
ZENDESK
OKTA
DROPBOX
SMARTSHEET
CISCO
string
[REQUIRED]
The ID of the application tenant.
string
[REQUIRED]
The ingestion type.
string
Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a UUID type of value.
If you don't provide this value, then Amazon Web Services generates a random one for you.
If you retry the operation with the same ClientToken , but with different parameters, the retry fails with an IdempotentParameterMismatch error.
This field is autopopulated if not provided.
list
A map of the key-value pairs of the tag or tags to assign to the resource.
(dict) --
The key or keys of the key-value pairs for the tag or tags assigned to a resource.
key (string) -- [REQUIRED]
Tag key.
value (string) -- [REQUIRED]
Tag value.
dict
Response Syntax
{
'ingestion': {
'arn': 'string',
'appBundleArn': 'string',
'app': 'string',
'tenantId': 'string',
'createdAt': datetime(2015, 1, 1),
'updatedAt': datetime(2015, 1, 1),
'state': 'enabled'|'disabled',
'ingestionType': 'auditLog'
}
}
Response Structure
(dict) --
ingestion (dict) --
Contains information about an ingestion.
arn (string) --
The Amazon Resource Name (ARN) of the ingestion.
appBundleArn (string) --
The Amazon Resource Name (ARN) of the app bundle for the ingestion.
app (string) --
The name of the application.
tenantId (string) --
The ID of the application tenant.
createdAt (datetime) --
The timestamp of when the ingestion was created.
updatedAt (datetime) --
The timestamp of when the ingestion was last updated.
state (string) --
The status of the ingestion.
ingestionType (string) --
The type of the ingestion.
Assigns one or more tags (key-value pairs) to the specified resource.
See also: AWS API Documentation
Request Syntax
client.tag_resource(
resourceArn='string',
tags=[
{
'key': 'string',
'value': 'string'
},
]
)
string
[REQUIRED]
The Amazon Resource Name (ARN) of the resource that you want to tag.
list
[REQUIRED]
A map of the key-value pairs of the tag or tags to assign to the resource.
(dict) --
The key or keys of the key-value pairs for the tag or tags assigned to a resource.
key (string) -- [REQUIRED]
Tag key.
value (string) -- [REQUIRED]
Tag value.
dict
Response Syntax
{}
Response Structure
(dict) --
Returns a list of all app authorizations configured for an app bundle.
See also: AWS API Documentation
Request Syntax
client.list_app_authorizations(
appBundleIdentifier='string',
maxResults=123,
nextToken='string'
)
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
integer
The maximum number of results that are returned per call. You can use nextToken to obtain further pages of results.
This is only an upper limit. The actual number of results returned per call might be fewer than the specified maximum.
string
If nextToken is returned, there are more results available. The value of nextToken is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination token will return an HTTP 400 InvalidToken error .
dict
Response Syntax
{
'appAuthorizationSummaryList': [
{
'appAuthorizationArn': 'string',
'appBundleArn': 'string',
'app': 'string',
'tenant': {
'tenantIdentifier': 'string',
'tenantDisplayName': 'string'
},
'status': 'PendingConnect'|'Connected'|'ConnectionValidationFailed'|'TokenAutoRotationFailed',
'updatedAt': datetime(2015, 1, 1)
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
appAuthorizationSummaryList (list) --
Contains a list of app authorization summaries.
(dict) --
Contains a summary of an app authorization.
appAuthorizationArn (string) --
The Amazon Resource Name (ARN) of the app authorization.
appBundleArn (string) --
The Amazon Resource Name (ARN) of the app bundle for the app authorization.
app (string) --
The name of the application.
tenant (dict) --
Contains information about an application tenant, such as the application display name and identifier.
tenantIdentifier (string) --
The ID of the application tenant.
tenantDisplayName (string) --
The display name of the tenant.
status (string) --
The state of the app authorization.
The following states are possible:
PendingConnect : The initial state of the app authorization. The app authorization is created but not yet connected.
Connected : The app authorization is connected to the application, and is ready to be used.
ConnectionValidationFailed : The app authorization received a validation exception when trying to connect to the application. If the app authorization is in this state, you should verify the configured credentials and try to connect the app authorization again.
TokenAutoRotationFailed : AppFabric failed to refresh the access token. If the app authorization is in this state, you should try to reconnect the app authorization.
updatedAt (datetime) --
Timestamp for when the app authorization was last updated.
nextToken (string) --
If nextToken is returned, there are more results available. The value of nextToken is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination token will return an HTTP 400 InvalidToken error .
Gets user access details in a batch request.
This action polls data from the tasks that are kicked off by the StartUserAccessTasks action.
See also: AWS API Documentation
Request Syntax
client.batch_get_user_access_tasks(
appBundleIdentifier='string',
taskIdList=[
'string',
]
)
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
list
[REQUIRED]
The tasks IDs to use for the request.
(string) --
dict
Response Syntax
{
'userAccessResultsList': [
{
'app': 'string',
'tenantId': 'string',
'tenantDisplayName': 'string',
'taskId': 'string',
'resultStatus': 'IN_PROGRESS'|'COMPLETED'|'FAILED'|'EXPIRED',
'email': 'string',
'userId': 'string',
'userFullName': 'string',
'userFirstName': 'string',
'userLastName': 'string',
'userStatus': 'string',
'taskError': {
'errorCode': 'string',
'errorMessage': 'string'
}
},
]
}
Response Structure
(dict) --
userAccessResultsList (list) --
Contains a list of user access results.
(dict) --
Contains information about a user's access to an application.
app (string) --
The name of the application.
tenantId (string) --
The ID of the application tenant.
tenantDisplayName (string) --
The display name of the tenant.
taskId (string) --
The unique ID of the task.
resultStatus (string) --
The status of the user access result item.
The following states are possible:
IN_PROGRESS : The user access task is in progress.
COMPLETED : The user access task completed successfully.
FAILED : The user access task failed.
EXPIRED : The user access task expired.
email (string) --
The email address of the target user.
userId (string) --
The unique ID of user.
userFullName (string) --
The full name of the user.
userFirstName (string) --
The first name of the user.
userLastName (string) --
The last name of the user.
userStatus (string) --
The status of the user returned by the application.
taskError (dict) --
Contains information about an error returned from a user access task.
errorCode (string) --
The code of the error.
errorMessage (string) --
The message of the error.
Creates an app bundle to collect data from an application using AppFabric.
See also: AWS API Documentation
Request Syntax
client.create_app_bundle(
clientToken='string',
customerManagedKeyIdentifier='string',
tags=[
{
'key': 'string',
'value': 'string'
},
]
)
string
Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a UUID type of value.
If you don't provide this value, then Amazon Web Services generates a random one for you.
If you retry the operation with the same ClientToken , but with different parameters, the retry fails with an IdempotentParameterMismatch error.
This field is autopopulated if not provided.
string
The Amazon Resource Name (ARN) of the Key Management Service (KMS) key to use to encrypt the application data. If this is not specified, an Amazon Web Services owned key is used for encryption.
list
A map of the key-value pairs of the tag or tags to assign to the resource.
(dict) --
The key or keys of the key-value pairs for the tag or tags assigned to a resource.
key (string) -- [REQUIRED]
Tag key.
value (string) -- [REQUIRED]
Tag value.
dict
Response Syntax
{
'appBundle': {
'arn': 'string',
'customerManagedKeyArn': 'string'
}
}
Response Structure
(dict) --
appBundle (dict) --
Contains information about an app bundle.
arn (string) --
The Amazon Resource Name (ARN) of the app bundle.
customerManagedKeyArn (string) --
The Amazon Resource Name (ARN) of the Key Management Service (KMS) key used to encrypt the application data.
Returns a list of tags for a resource.
See also: AWS API Documentation
Request Syntax
client.list_tags_for_resource(
resourceArn='string'
)
string
[REQUIRED]
The Amazon Resource Name (ARN) of the resource for which you want to retrieve tags.
dict
Response Syntax
{
'tags': [
{
'key': 'string',
'value': 'string'
},
]
}
Response Structure
(dict) --
tags (list) --
A map of the key-value pairs for the tag or tags assigned to the specified resource.
(dict) --
The key or keys of the key-value pairs for the tag or tags assigned to a resource.
key (string) --
Tag key.
value (string) --
Tag value.
Returns information about an app bundle.
See also: AWS API Documentation
Request Syntax
client.get_app_bundle(
appBundleIdentifier='string'
)
string
[REQUIRED]
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
dict
Response Syntax
{
'appBundle': {
'arn': 'string',
'customerManagedKeyArn': 'string'
}
}
Response Structure
(dict) --
appBundle (dict) --
Contains information about an app bundle.
arn (string) --
The Amazon Resource Name (ARN) of the app bundle.
customerManagedKeyArn (string) --
The Amazon Resource Name (ARN) of the Key Management Service (KMS) key used to encrypt the application data.