AWS Clean Rooms Service

2023/03/21 - AWS Clean Rooms Service - 3 new 4 updated api methods

Changes  GA Release of AWS Clean Rooms, Added Tagging Functionality

ListTagsForResource (new) Link ¶

Lists all of the tags that have been added to a resource.

See also: AWS API Documentation

Request Syntax

client.list_tags_for_resource(
    resourceArn='string'
)
type resourceArn

string

param resourceArn

[REQUIRED]

The Amazon Resource Name (ARN) associated with the resource you want to list tags on.

rtype

dict

returns

Response Syntax

{
    'tags': {
        'string': 'string'
    }
}

Response Structure

  • (dict) --

    • tags (dict) --

      A map of objects specifying each key name and value.

      • (string) --

        • (string) --

TagResource (new) Link ¶

Tags a resource.

See also: AWS API Documentation

Request Syntax

client.tag_resource(
    resourceArn='string',
    tags={
        'string': 'string'
    }
)
type resourceArn

string

param resourceArn

[REQUIRED]

The Amazon Resource Name (ARN) associated with the resource you want to tag.

type tags

dict

param tags

[REQUIRED]

A map of objects specifying each key name and value.

  • (string) --

    • (string) --

rtype

dict

returns

Response Syntax

{}

Response Structure

  • (dict) --

UntagResource (new) Link ¶

Removes a tag or list of tags from a resource.

See also: AWS API Documentation

Request Syntax

client.untag_resource(
    resourceArn='string',
    tagKeys=[
        'string',
    ]
)
type resourceArn

string

param resourceArn

[REQUIRED]

The Amazon Resource Name (ARN) associated with the resource you want to remove the tag from.

type tagKeys

list

param tagKeys

[REQUIRED]

A list of key names of tags to be removed.

  • (string) --

rtype

dict

returns

Response Syntax

{}

Response Structure

  • (dict) --

CreateCollaboration (updated) Link ¶
Changes (request) 
{'tags': {'string': 'string'}}

Creates a new collaboration.

See also: AWS API Documentation

Request Syntax

client.create_collaboration(
    members=[
        {
            'accountId': 'string',
            'memberAbilities': [
                'CAN_QUERY'|'CAN_RECEIVE_RESULTS',
            ],
            'displayName': 'string'
        },
    ],
    name='string',
    description='string',
    creatorMemberAbilities=[
        'CAN_QUERY'|'CAN_RECEIVE_RESULTS',
    ],
    creatorDisplayName='string',
    dataEncryptionMetadata={
        'allowCleartext': True|False,
        'allowDuplicates': True|False,
        'allowJoinsOnColumnsWithDifferentNames': True|False,
        'preserveNulls': True|False
    },
    queryLogStatus='ENABLED'|'DISABLED',
    tags={
        'string': 'string'
    }
)
type members

list

param members

[REQUIRED]

A list of initial members, not including the creator. This list is immutable.

  • (dict) --

    Basic metadata used to construct a new member.

    • accountId (string) -- [REQUIRED]

      The identifier used to reference members of the collaboration. Currently only supports AWS Account ID.

    • memberAbilities (list) -- [REQUIRED]

      The abilities granted to the collaboration member.

      • (string) --

    • displayName (string) -- [REQUIRED]

      The member's display name.

type name

string

param name

[REQUIRED]

The display name for a collaboration.

type description

string

param description

[REQUIRED]

A description of the collaboration provided by the collaboration owner.

type creatorMemberAbilities

list

param creatorMemberAbilities

[REQUIRED]

The abilities granted to the collaboration creator.

  • (string) --

type creatorDisplayName

string

param creatorDisplayName

[REQUIRED]

The display name of the collaboration creator.

type dataEncryptionMetadata

dict

param dataEncryptionMetadata

The settings for client-side encryption with Cryptographic Computing for Clean Rooms.

  • allowCleartext (boolean) -- [REQUIRED]

    Indicates whether encrypted tables can contain cleartext data (true) or are to cryptographically process every column (false).

  • allowDuplicates (boolean) -- [REQUIRED]

    Indicates whether Fingerprint columns can contain duplicate entries (true) or are to contain only non-repeated values (false).

  • allowJoinsOnColumnsWithDifferentNames (boolean) -- [REQUIRED]

    Indicates whether Fingerprint columns can be joined on any other Fingerprint column with a different name (true) or can only be joined on Fingerprint columns of the same name (false).

  • preserveNulls (boolean) -- [REQUIRED]

    Indicates whether NULL values are to be copied as NULL to encrypted tables (true) or cryptographically processed (false).

type queryLogStatus

string

param queryLogStatus

[REQUIRED]

An indicator as to whether query logging has been enabled or disabled for the collaboration.

type tags

dict

param tags

An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.

  • (string) --

    • (string) --

rtype

dict

returns

Response Syntax

{
    'collaboration': {
        'id': 'string',
        'arn': 'string',
        'name': 'string',
        'description': 'string',
        'creatorAccountId': 'string',
        'creatorDisplayName': 'string',
        'createTime': datetime(2015, 1, 1),
        'updateTime': datetime(2015, 1, 1),
        'memberStatus': 'INVITED'|'ACTIVE'|'LEFT'|'REMOVED',
        'membershipId': 'string',
        'membershipArn': 'string',
        'dataEncryptionMetadata': {
            'allowCleartext': True|False,
            'allowDuplicates': True|False,
            'allowJoinsOnColumnsWithDifferentNames': True|False,
            'preserveNulls': True|False
        },
        'queryLogStatus': 'ENABLED'|'DISABLED'
    }
}

Response Structure

  • (dict) --

    • collaboration (dict) --

      The entire created collaboration object.

      • id (string) --

        The unique ID for the collaboration.

      • arn (string) --

        The unique ARN for the collaboration.

      • name (string) --

        A human-readable identifier provided by the collaboration owner. Display names are not unique.

      • description (string) --

        A description of the collaboration provided by the collaboration owner.

      • creatorAccountId (string) --

        The identifier used to reference members of the collaboration. Currently only supports AWS account ID.

      • creatorDisplayName (string) --

        A display name of the collaboration creator.

      • createTime (datetime) --

        The time when the collaboration was created.

      • updateTime (datetime) --

        The time the collaboration metadata was last updated.

      • memberStatus (string) --

        The status of a member in a collaboration.

      • membershipId (string) --

        The unique ID for your membership within the collaboration.

      • membershipArn (string) --

        The unique ARN for your membership within the collaboration.

      • dataEncryptionMetadata (dict) --

        The settings for client-side encryption for cryptographic computing.

        • allowCleartext (boolean) --

          Indicates whether encrypted tables can contain cleartext data (true) or are to cryptographically process every column (false).

        • allowDuplicates (boolean) --

          Indicates whether Fingerprint columns can contain duplicate entries (true) or are to contain only non-repeated values (false).

        • allowJoinsOnColumnsWithDifferentNames (boolean) --

          Indicates whether Fingerprint columns can be joined on any other Fingerprint column with a different name (true) or can only be joined on Fingerprint columns of the same name (false).

        • preserveNulls (boolean) --

          Indicates whether NULL values are to be copied as NULL to encrypted tables (true) or cryptographically processed (false).

      • queryLogStatus (string) --

        An indicator as to whether query logging has been enabled or disabled for the collaboration.

CreateConfiguredTable (updated) Link ¶
Changes (request) 
{'tags': {'string': 'string'}}

Creates a new configured table resource.

See also: AWS API Documentation

Request Syntax

client.create_configured_table(
    name='string',
    description='string',
    tableReference={
        'glue': {
            'tableName': 'string',
            'databaseName': 'string'
        }
    },
    allowedColumns=[
        'string',
    ],
    analysisMethod='DIRECT_QUERY',
    tags={
        'string': 'string'
    }
)
type name

string

param name

[REQUIRED]

The name of the configured table.

type description

string

param description

A description for the configured table.

type tableReference

dict

param tableReference

[REQUIRED]

A reference to the AWS Glue table being configured.

Note

This is a Tagged Union structure. Only one of the following top level keys can be set: glue.

  • glue (dict) --

    If present, a reference to the AWS Glue table referred to by this table reference.

    • tableName (string) -- [REQUIRED]

      The name of the AWS Glue table.

    • databaseName (string) -- [REQUIRED]

      The name of the database the AWS Glue table belongs to.

type allowedColumns

list

param allowedColumns

[REQUIRED]

The columns of the underlying table that can be used by collaborations or analysis rules.

  • (string) --

type analysisMethod

string

param analysisMethod

[REQUIRED]

The analysis method for the configured tables. The only valid value is currently DIRECT_QUERY.

type tags

dict

param tags

An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.

  • (string) --

    • (string) --

rtype

dict

returns

Response Syntax

{
    'configuredTable': {
        'id': 'string',
        'arn': 'string',
        'name': 'string',
        'description': 'string',
        'tableReference': {
            'glue': {
                'tableName': 'string',
                'databaseName': 'string'
            }
        },
        'createTime': datetime(2015, 1, 1),
        'updateTime': datetime(2015, 1, 1),
        'analysisRuleTypes': [
            'AGGREGATION'|'LIST',
        ],
        'analysisMethod': 'DIRECT_QUERY',
        'allowedColumns': [
            'string',
        ]
    }
}

Response Structure

  • (dict) --

    • configuredTable (dict) --

      The created configured table.

      • id (string) --

        The unique ID for the configured table.

      • arn (string) --

        The unique ARN for the configured table.

      • name (string) --

        A name for the configured table.

      • description (string) --

        A description for the configured table.

      • tableReference (dict) --

        The AWS Glue table that this configured table represents.

        Note

        This is a Tagged Union structure. Only one of the following top level keys will be set: glue. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:

        'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}

        • glue (dict) --

          If present, a reference to the AWS Glue table referred to by this table reference.

          • tableName (string) --

            The name of the AWS Glue table.

          • databaseName (string) --

            The name of the database the AWS Glue table belongs to.

      • createTime (datetime) --

        The time the configured table was created.

      • updateTime (datetime) --

        The time the configured table was last updated

      • analysisRuleTypes (list) --

        The types of analysis rules associated with this configured table. Valid values are AGGREGATION and LIST. Currently, only one analysis rule may be associated with a configured table.

        • (string) --

      • analysisMethod (string) --

        The analysis method for the configured table. The only valid value is currently DIRECT_QUERY.

      • allowedColumns (list) --

        The columns within the underlying AWS Glue table that can be utilized within collaborations.

        • (string) --

CreateConfiguredTableAssociation (updated) Link ¶
Changes (request) 
{'tags': {'string': 'string'}}

Creates a configured table association. A configured table association links a configured table with a collaboration.

See also: AWS API Documentation

Request Syntax

client.create_configured_table_association(
    name='string',
    description='string',
    membershipIdentifier='string',
    configuredTableIdentifier='string',
    roleArn='string',
    tags={
        'string': 'string'
    }
)
type name

string

param name

[REQUIRED]

The name of the configured table association. This name is used to query the underlying configured table.

type description

string

param description

A description for the configured table association.

type membershipIdentifier

string

param membershipIdentifier

[REQUIRED]

A unique identifier for one of your memberships for a collaboration. The configured table is associated to the collaboration that this membership belongs to. Currently accepts a membership ID.

type configuredTableIdentifier

string

param configuredTableIdentifier

[REQUIRED]

A unique identifier for the configured table to be associated to. Currently accepts a configured table ID.

type roleArn

string

param roleArn

[REQUIRED]

The service will assume this role to access catalog metadata and query the table.

type tags

dict

param tags

An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.

  • (string) --

    • (string) --

rtype

dict

returns

Response Syntax

{
    'configuredTableAssociation': {
        'arn': 'string',
        'id': 'string',
        'configuredTableId': 'string',
        'configuredTableArn': 'string',
        'membershipId': 'string',
        'membershipArn': 'string',
        'roleArn': 'string',
        'name': 'string',
        'description': 'string',
        'createTime': datetime(2015, 1, 1),
        'updateTime': datetime(2015, 1, 1)
    }
}

Response Structure

  • (dict) --

    • configuredTableAssociation (dict) --

      The entire configured table association object.

      • arn (string) --

        The unique ARN for the configured table association.

      • id (string) --

        The unique ID for the configured table association.

      • configuredTableId (string) --

        The unique ID for the configured table that the association refers to.

      • configuredTableArn (string) --

        The unique ARN for the configured table that the association refers to.

      • membershipId (string) --

        The unique ID for the membership this configured table association belongs to.

      • membershipArn (string) --

        The unique ARN for the membership this configured table association belongs to.

      • roleArn (string) --

        The service will assume this role to access catalog metadata and query the table.

      • name (string) --

        The name of the configured table association, in lowercase. The table is identified by this name when running protected queries against the underlying data.

      • description (string) --

        A description of the configured table association.

      • createTime (datetime) --

        The time the configured table association was created.

      • updateTime (datetime) --

        The time the configured table association was last updated.

CreateMembership (updated) Link ¶
Changes (request) 
{'tags': {'string': 'string'}}

Creates a membership for a specific collaboration identifier and joins the collaboration.

See also: AWS API Documentation

Request Syntax

client.create_membership(
    collaborationIdentifier='string',
    queryLogStatus='ENABLED'|'DISABLED',
    tags={
        'string': 'string'
    }
)
type collaborationIdentifier

string

param collaborationIdentifier

[REQUIRED]

The unique ID for the associated collaboration.

type queryLogStatus

string

param queryLogStatus

[REQUIRED]

An indicator as to whether query logging has been enabled or disabled for the collaboration.

type tags

dict

param tags

An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.

  • (string) --

    • (string) --

rtype

dict

returns

Response Syntax

{
    'membership': {
        'id': 'string',
        'arn': 'string',
        'collaborationArn': 'string',
        'collaborationId': 'string',
        'collaborationCreatorAccountId': 'string',
        'collaborationCreatorDisplayName': 'string',
        'collaborationName': 'string',
        'createTime': datetime(2015, 1, 1),
        'updateTime': datetime(2015, 1, 1),
        'status': 'ACTIVE'|'REMOVED'|'COLLABORATION_DELETED',
        'memberAbilities': [
            'CAN_QUERY'|'CAN_RECEIVE_RESULTS',
        ],
        'queryLogStatus': 'ENABLED'|'DISABLED'
    }
}

Response Structure

  • (dict) --

    • membership (dict) --

      The membership that was created.

      • id (string) --

        The unique ID of the membership.

      • arn (string) --

        The unique ARN for the membership.

      • collaborationArn (string) --

        The unique ARN for the membership's associated collaboration.

      • collaborationId (string) --

        The unique ID for the membership's collaboration.

      • collaborationCreatorAccountId (string) --

        The identifier used to reference members of the collaboration. Currently only supports AWS account ID.

      • collaborationCreatorDisplayName (string) --

        The display name of the collaboration creator.

      • collaborationName (string) --

        The name of the membership's collaboration.

      • createTime (datetime) --

        The time when the membership was created.

      • updateTime (datetime) --

        The time the membership metadata was last updated.

      • status (string) --

        The status of the membership. Valid values are ACTIVE, REMOVED, and COLLABORATION_DELETED.

      • memberAbilities (list) --

        The abilities granted to the collaboration member.

        • (string) --

      • queryLogStatus (string) --

        An indicator as to whether query logging has been enabled or disabled for the collaboration.