aws-sdk-lakeformation 1.24.0 → 1.27.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: fb073a55f5d3bbb2367e2bec0e2098bdbfeffee2c3de98ecd4d617666e6c99ba
4
- data.tar.gz: de27f11d619065336a3b34bc8de06b91b9a82d7a1302df5d40cb54912fb14869
3
+ metadata.gz: f408a75a960c931b6a2b4c88eae1dd513ad341c7bc8aea2ec42cf7ea8a1dbf90
4
+ data.tar.gz: d90872ab11a0a748f4ca8991e19bcb749f655d4b333f378f9fc04984abe824e1
5
5
  SHA512:
6
- metadata.gz: 7b3d49d7a508e59fb7b9693e52cf225608fdc60ba894a55a3467e525d541066507bcab746ce2048fb1c624bdea934e189de20e09bcaeaae095932d1d8e869b1b
7
- data.tar.gz: 36c33099f13425f9faa85eb62bd97a63bc2c9a6f071d894b72c7deed1d11741140fe082579ec3d8a9c05544a12c7bd82c1cc067e6faf32bd1a50790a657804c7
6
+ metadata.gz: 76de4c2bc9732757c8992d8a85b44cb73d040dfc549007b62aa46557c497f138a3e14de6d437a2364b60672437b2a7100cef2b2e7c97303db992fcdc80b25c63
7
+ data.tar.gz: 68f9c009e40d4cda9a6c5dc43ab3767c49fc662fcb66fc95ae7ee06a429d4000f5ee551491732c8de3b97c31a33cd5b8f75ba143ee76a2686a077853632b20c5
data/CHANGELOG.md CHANGED
@@ -1,6 +1,21 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.27.0 (2022-08-17)
5
+ ------------------
6
+
7
+ * Feature - This release adds a new API support "AssumeDecoratedRoleWithSAML" and also release updates the corresponding documentation.
8
+
9
+ 1.26.0 (2022-03-22)
10
+ ------------------
11
+
12
+ * Feature - The release fixes the incorrect permissions called out in the documentation - DESCRIBE_TAG, ASSOCIATE_TAG, DELETE_TAG, ALTER_TAG. This trebuchet release fixes the corresponding SDK and documentation.
13
+
14
+ 1.25.0 (2022-02-24)
15
+ ------------------
16
+
17
+ * Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
18
+
4
19
  1.24.0 (2022-02-04)
5
20
  ------------------
6
21
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.24.0
1
+ 1.27.0
@@ -27,6 +27,7 @@ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
27
27
  require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
28
28
  require 'aws-sdk-core/plugins/transfer_encoding.rb'
29
29
  require 'aws-sdk-core/plugins/http_checksum.rb'
30
+ require 'aws-sdk-core/plugins/checksum_algorithm.rb'
30
31
  require 'aws-sdk-core/plugins/defaults_mode.rb'
31
32
  require 'aws-sdk-core/plugins/recursion_detection.rb'
32
33
  require 'aws-sdk-core/plugins/signature_v4.rb'
@@ -75,6 +76,7 @@ module Aws::LakeFormation
75
76
  add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
76
77
  add_plugin(Aws::Plugins::TransferEncoding)
77
78
  add_plugin(Aws::Plugins::HttpChecksum)
79
+ add_plugin(Aws::Plugins::ChecksumAlgorithm)
78
80
  add_plugin(Aws::Plugins::DefaultsMode)
79
81
  add_plugin(Aws::Plugins::RecursionDetection)
80
82
  add_plugin(Aws::Plugins::SignatureV4)
@@ -448,6 +450,73 @@ module Aws::LakeFormation
448
450
  req.send_request(options)
449
451
  end
450
452
 
453
+ # Allows a caller to assume an IAM role decorated as the SAML user
454
+ # specified in the SAML assertion included in the request. This
455
+ # decoration allows Lake Formation to enforce access policies against
456
+ # the SAML users and groups. This API operation requires SAML federation
457
+ # setup in the caller’s account as it can only be called with valid SAML
458
+ # assertions. Lake Formation does not scope down the permission of the
459
+ # assumed role. All permissions attached to the role via the SAML
460
+ # federation setup will be included in the role session.
461
+ #
462
+ # This decorated role is expected to access data in Amazon S3 by getting
463
+ # temporary access from Lake Formation which is authorized via the
464
+ # virtual API `GetDataAccess`. Therefore, all SAML roles that can be
465
+ # assumed via `AssumeDecoratedRoleWithSAML` must at a minimum include
466
+ # `lakeformation:GetDataAccess` in their role policies. A typical IAM
467
+ # policy attached to such a role would look as follows:
468
+ #
469
+ # @option params [required, String] :saml_assertion
470
+ # A SAML assertion consisting of an assertion statement for the user who
471
+ # needs temporary credentials. This must match the SAML assertion that
472
+ # was issued to IAM. This must be Base64 encoded.
473
+ #
474
+ # @option params [required, String] :role_arn
475
+ # The role that represents an IAM principal whose scope down policy
476
+ # allows it to call credential vending APIs such as
477
+ # `GetTemporaryTableCredentials`. The caller must also have iam:PassRole
478
+ # permission on this role.
479
+ #
480
+ # @option params [required, String] :principal_arn
481
+ # The Amazon Resource Name (ARN) of the SAML provider in IAM that
482
+ # describes the IdP.
483
+ #
484
+ # @option params [Integer] :duration_seconds
485
+ # The time period, between 900 and 43,200 seconds, for the timeout of
486
+ # the temporary credentials.
487
+ #
488
+ # @return [Types::AssumeDecoratedRoleWithSAMLResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
489
+ #
490
+ # * {Types::AssumeDecoratedRoleWithSAMLResponse#access_key_id #access_key_id} => String
491
+ # * {Types::AssumeDecoratedRoleWithSAMLResponse#secret_access_key #secret_access_key} => String
492
+ # * {Types::AssumeDecoratedRoleWithSAMLResponse#session_token #session_token} => String
493
+ # * {Types::AssumeDecoratedRoleWithSAMLResponse#expiration #expiration} => Time
494
+ #
495
+ # @example Request syntax with placeholder values
496
+ #
497
+ # resp = client.assume_decorated_role_with_saml({
498
+ # saml_assertion: "SAMLAssertionString", # required
499
+ # role_arn: "IAMRoleArn", # required
500
+ # principal_arn: "IAMSAMLProviderArn", # required
501
+ # duration_seconds: 1,
502
+ # })
503
+ #
504
+ # @example Response structure
505
+ #
506
+ # resp.access_key_id #=> String
507
+ # resp.secret_access_key #=> String
508
+ # resp.session_token #=> String
509
+ # resp.expiration #=> Time
510
+ #
511
+ # @see http://docs.aws.amazon.com/goto/WebAPI/lakeformation-2017-03-31/AssumeDecoratedRoleWithSAML AWS API Documentation
512
+ #
513
+ # @overload assume_decorated_role_with_saml(params = {})
514
+ # @param [Hash] params ({})
515
+ def assume_decorated_role_with_saml(params = {}, options = {})
516
+ req = build_request(:assume_decorated_role_with_saml, params)
517
+ req.send_request(options)
518
+ end
519
+
451
520
  # Batch operation to grant permissions to the principal.
452
521
  #
453
522
  # @option params [String] :catalog_id
@@ -523,8 +592,8 @@ module Aws::LakeFormation
523
592
  # ],
524
593
  # },
525
594
  # },
526
- # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
527
- # permissions_with_grant_option: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
595
+ # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
596
+ # permissions_with_grant_option: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
528
597
  # },
529
598
  # ],
530
599
  # })
@@ -563,9 +632,9 @@ module Aws::LakeFormation
563
632
  # resp.failures[0].request_entry.resource.lf_tag_policy.expression[0].tag_values #=> Array
564
633
  # resp.failures[0].request_entry.resource.lf_tag_policy.expression[0].tag_values[0] #=> String
565
634
  # resp.failures[0].request_entry.permissions #=> Array
566
- # resp.failures[0].request_entry.permissions[0] #=> String, one of "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_TAG", "ALTER_TAG", "DELETE_TAG", "DESCRIBE_TAG", "ASSOCIATE_TAG"
635
+ # resp.failures[0].request_entry.permissions[0] #=> String, one of "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_TAG", "ASSOCIATE"
567
636
  # resp.failures[0].request_entry.permissions_with_grant_option #=> Array
568
- # resp.failures[0].request_entry.permissions_with_grant_option[0] #=> String, one of "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_TAG", "ALTER_TAG", "DELETE_TAG", "DESCRIBE_TAG", "ASSOCIATE_TAG"
637
+ # resp.failures[0].request_entry.permissions_with_grant_option[0] #=> String, one of "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_TAG", "ASSOCIATE"
569
638
  # resp.failures[0].error.error_code #=> String
570
639
  # resp.failures[0].error.error_message #=> String
571
640
  #
@@ -653,8 +722,8 @@ module Aws::LakeFormation
653
722
  # ],
654
723
  # },
655
724
  # },
656
- # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
657
- # permissions_with_grant_option: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
725
+ # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
726
+ # permissions_with_grant_option: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
658
727
  # },
659
728
  # ],
660
729
  # })
@@ -693,9 +762,9 @@ module Aws::LakeFormation
693
762
  # resp.failures[0].request_entry.resource.lf_tag_policy.expression[0].tag_values #=> Array
694
763
  # resp.failures[0].request_entry.resource.lf_tag_policy.expression[0].tag_values[0] #=> String
695
764
  # resp.failures[0].request_entry.permissions #=> Array
696
- # resp.failures[0].request_entry.permissions[0] #=> String, one of "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_TAG", "ALTER_TAG", "DELETE_TAG", "DESCRIBE_TAG", "ASSOCIATE_TAG"
765
+ # resp.failures[0].request_entry.permissions[0] #=> String, one of "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_TAG", "ASSOCIATE"
697
766
  # resp.failures[0].request_entry.permissions_with_grant_option #=> Array
698
- # resp.failures[0].request_entry.permissions_with_grant_option[0] #=> String, one of "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_TAG", "ALTER_TAG", "DELETE_TAG", "DESCRIBE_TAG", "ASSOCIATE_TAG"
767
+ # resp.failures[0].request_entry.permissions_with_grant_option[0] #=> String, one of "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_TAG", "ASSOCIATE"
699
768
  # resp.failures[0].error.error_code #=> String
700
769
  # resp.failures[0].error.error_message #=> String
701
770
  #
@@ -866,13 +935,12 @@ module Aws::LakeFormation
866
935
  req.send_request(options)
867
936
  end
868
937
 
869
- # Deletes the specified LF-tag key name. If the attribute key does not
870
- # exist or the LF-tag does not exist, then the operation will not do
871
- # anything. If the attribute key exists, then the operation checks if
872
- # any resources are tagged with this attribute key, if yes, the API
873
- # throws a 400 Exception with the message "Delete not allowed" as the
874
- # LF-tag key is still attached with resources. You can consider
875
- # untagging resources with this LF-tag key.
938
+ # Deletes the specified LF-tag given a key name. If the input parameter
939
+ # tag key was not found, then the operation will throw an exception.
940
+ # When you delete an LF-tag, the `LFTagPolicy` attached to the LF-tag
941
+ # becomes invalid. If the deleted LF-tag was still assigned to any
942
+ # resource, the tag policy attach to the deleted LF-tag will no longer
943
+ # be applied to the resource.
876
944
  #
877
945
  # @option params [String] :catalog_id
878
946
  # The identifier for the Data Catalog. By default, the account ID. The
@@ -1099,11 +1167,11 @@ module Aws::LakeFormation
1099
1167
  # resp.data_lake_settings.create_database_default_permissions #=> Array
1100
1168
  # resp.data_lake_settings.create_database_default_permissions[0].principal.data_lake_principal_identifier #=> String
1101
1169
  # resp.data_lake_settings.create_database_default_permissions[0].permissions #=> Array
1102
- # resp.data_lake_settings.create_database_default_permissions[0].permissions[0] #=> String, one of "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_TAG", "ALTER_TAG", "DELETE_TAG", "DESCRIBE_TAG", "ASSOCIATE_TAG"
1170
+ # resp.data_lake_settings.create_database_default_permissions[0].permissions[0] #=> String, one of "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_TAG", "ASSOCIATE"
1103
1171
  # resp.data_lake_settings.create_table_default_permissions #=> Array
1104
1172
  # resp.data_lake_settings.create_table_default_permissions[0].principal.data_lake_principal_identifier #=> String
1105
1173
  # resp.data_lake_settings.create_table_default_permissions[0].permissions #=> Array
1106
- # resp.data_lake_settings.create_table_default_permissions[0].permissions[0] #=> String, one of "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_TAG", "ALTER_TAG", "DELETE_TAG", "DESCRIBE_TAG", "ASSOCIATE_TAG"
1174
+ # resp.data_lake_settings.create_table_default_permissions[0].permissions[0] #=> String, one of "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_TAG", "ASSOCIATE"
1107
1175
  # resp.data_lake_settings.trusted_resource_owners #=> Array
1108
1176
  # resp.data_lake_settings.trusted_resource_owners[0] #=> String
1109
1177
  # resp.data_lake_settings.allow_external_data_filtering #=> Boolean
@@ -1192,9 +1260,9 @@ module Aws::LakeFormation
1192
1260
  # resp.permissions[0].resource.lf_tag_policy.expression[0].tag_values #=> Array
1193
1261
  # resp.permissions[0].resource.lf_tag_policy.expression[0].tag_values[0] #=> String
1194
1262
  # resp.permissions[0].permissions #=> Array
1195
- # resp.permissions[0].permissions[0] #=> String, one of "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_TAG", "ALTER_TAG", "DELETE_TAG", "DESCRIBE_TAG", "ASSOCIATE_TAG"
1263
+ # resp.permissions[0].permissions[0] #=> String, one of "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_TAG", "ASSOCIATE"
1196
1264
  # resp.permissions[0].permissions_with_grant_option #=> Array
1197
- # resp.permissions[0].permissions_with_grant_option[0] #=> String, one of "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_TAG", "ALTER_TAG", "DELETE_TAG", "DESCRIBE_TAG", "ASSOCIATE_TAG"
1265
+ # resp.permissions[0].permissions_with_grant_option[0] #=> String, one of "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_TAG", "ASSOCIATE"
1198
1266
  # resp.permissions[0].additional_details.resource_share #=> Array
1199
1267
  # resp.permissions[0].additional_details.resource_share[0] #=> String
1200
1268
  # resp.next_token #=> String
@@ -1551,7 +1619,7 @@ module Aws::LakeFormation
1551
1619
  # partition: { # required
1552
1620
  # values: ["ValueString"], # required
1553
1621
  # },
1554
- # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
1622
+ # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
1555
1623
  # duration_seconds: 1,
1556
1624
  # audit_context: {
1557
1625
  # additional_audit_context: "AuditContextString",
@@ -1612,7 +1680,7 @@ module Aws::LakeFormation
1612
1680
  #
1613
1681
  # resp = client.get_temporary_glue_table_credentials({
1614
1682
  # table_arn: "ResourceArnString", # required
1615
- # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
1683
+ # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
1616
1684
  # duration_seconds: 1,
1617
1685
  # audit_context: {
1618
1686
  # additional_audit_context: "AuditContextString",
@@ -1827,8 +1895,8 @@ module Aws::LakeFormation
1827
1895
  # ],
1828
1896
  # },
1829
1897
  # },
1830
- # permissions: ["ALL"], # required, accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
1831
- # permissions_with_grant_option: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
1898
+ # permissions: ["ALL"], # required, accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
1899
+ # permissions_with_grant_option: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
1832
1900
  # })
1833
1901
  #
1834
1902
  # @see http://docs.aws.amazon.com/goto/WebAPI/lakeformation-2017-03-31/GrantPermissions AWS API Documentation
@@ -2097,9 +2165,9 @@ module Aws::LakeFormation
2097
2165
  # resp.principal_resource_permissions[0].resource.lf_tag_policy.expression[0].tag_values #=> Array
2098
2166
  # resp.principal_resource_permissions[0].resource.lf_tag_policy.expression[0].tag_values[0] #=> String
2099
2167
  # resp.principal_resource_permissions[0].permissions #=> Array
2100
- # resp.principal_resource_permissions[0].permissions[0] #=> String, one of "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_TAG", "ALTER_TAG", "DELETE_TAG", "DESCRIBE_TAG", "ASSOCIATE_TAG"
2168
+ # resp.principal_resource_permissions[0].permissions[0] #=> String, one of "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_TAG", "ASSOCIATE"
2101
2169
  # resp.principal_resource_permissions[0].permissions_with_grant_option #=> Array
2102
- # resp.principal_resource_permissions[0].permissions_with_grant_option[0] #=> String, one of "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_TAG", "ALTER_TAG", "DELETE_TAG", "DESCRIBE_TAG", "ASSOCIATE_TAG"
2170
+ # resp.principal_resource_permissions[0].permissions_with_grant_option[0] #=> String, one of "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_TAG", "ASSOCIATE"
2103
2171
  # resp.principal_resource_permissions[0].additional_details.resource_share #=> Array
2104
2172
  # resp.principal_resource_permissions[0].additional_details.resource_share[0] #=> String
2105
2173
  # resp.next_token #=> String
@@ -2320,7 +2388,7 @@ module Aws::LakeFormation
2320
2388
  # principal: {
2321
2389
  # data_lake_principal_identifier: "DataLakePrincipalString",
2322
2390
  # },
2323
- # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
2391
+ # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
2324
2392
  # },
2325
2393
  # ],
2326
2394
  # create_table_default_permissions: [
@@ -2328,7 +2396,7 @@ module Aws::LakeFormation
2328
2396
  # principal: {
2329
2397
  # data_lake_principal_identifier: "DataLakePrincipalString",
2330
2398
  # },
2331
- # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
2399
+ # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
2332
2400
  # },
2333
2401
  # ],
2334
2402
  # trusted_resource_owners: ["CatalogIdString"],
@@ -2601,8 +2669,8 @@ module Aws::LakeFormation
2601
2669
  # ],
2602
2670
  # },
2603
2671
  # },
2604
- # permissions: ["ALL"], # required, accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
2605
- # permissions_with_grant_option: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
2672
+ # permissions: ["ALL"], # required, accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
2673
+ # permissions_with_grant_option: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
2606
2674
  # })
2607
2675
  #
2608
2676
  # @see http://docs.aws.amazon.com/goto/WebAPI/lakeformation-2017-03-31/RevokePermissions AWS API Documentation
@@ -3016,7 +3084,7 @@ module Aws::LakeFormation
3016
3084
  params: params,
3017
3085
  config: config)
3018
3086
  context[:gem_name] = 'aws-sdk-lakeformation'
3019
- context[:gem_version] = '1.24.0'
3087
+ context[:gem_version] = '1.27.0'
3020
3088
  Seahorse::Client::Request.new(handlers, context)
3021
3089
  end
3022
3090
 
@@ -20,6 +20,8 @@ module Aws::LakeFormation
20
20
  AddObjectInput = Shapes::StructureShape.new(name: 'AddObjectInput')
21
21
  AllRowsWildcard = Shapes::StructureShape.new(name: 'AllRowsWildcard')
22
22
  AlreadyExistsException = Shapes::StructureShape.new(name: 'AlreadyExistsException')
23
+ AssumeDecoratedRoleWithSAMLRequest = Shapes::StructureShape.new(name: 'AssumeDecoratedRoleWithSAMLRequest')
24
+ AssumeDecoratedRoleWithSAMLResponse = Shapes::StructureShape.new(name: 'AssumeDecoratedRoleWithSAMLResponse')
23
25
  AuditContext = Shapes::StructureShape.new(name: 'AuditContext')
24
26
  AuditContextString = Shapes::StringShape.new(name: 'AuditContextString')
25
27
  AuthorizedSessionTagValueList = Shapes::ListShape.new(name: 'AuthorizedSessionTagValueList')
@@ -120,6 +122,7 @@ module Aws::LakeFormation
120
122
  GrantPermissionsRequest = Shapes::StructureShape.new(name: 'GrantPermissionsRequest')
121
123
  GrantPermissionsResponse = Shapes::StructureShape.new(name: 'GrantPermissionsResponse')
122
124
  IAMRoleArn = Shapes::StringShape.new(name: 'IAMRoleArn')
125
+ IAMSAMLProviderArn = Shapes::StringShape.new(name: 'IAMSAMLProviderArn')
123
126
  Identifier = Shapes::StringShape.new(name: 'Identifier')
124
127
  Integer = Shapes::IntegerShape.new(name: 'Integer')
125
128
  InternalServiceException = Shapes::StructureShape.new(name: 'InternalServiceException')
@@ -198,6 +201,7 @@ module Aws::LakeFormation
198
201
  RevokePermissionsRequest = Shapes::StructureShape.new(name: 'RevokePermissionsRequest')
199
202
  RevokePermissionsResponse = Shapes::StructureShape.new(name: 'RevokePermissionsResponse')
200
203
  RowFilter = Shapes::StructureShape.new(name: 'RowFilter')
204
+ SAMLAssertionString = Shapes::StringShape.new(name: 'SAMLAssertionString')
201
205
  SearchDatabasesByLFTagsRequest = Shapes::StructureShape.new(name: 'SearchDatabasesByLFTagsRequest')
202
206
  SearchDatabasesByLFTagsResponse = Shapes::StructureShape.new(name: 'SearchDatabasesByLFTagsResponse')
203
207
  SearchTablesByLFTagsRequest = Shapes::StructureShape.new(name: 'SearchTablesByLFTagsRequest')
@@ -287,6 +291,18 @@ module Aws::LakeFormation
287
291
  AlreadyExistsException.add_member(:message, Shapes::ShapeRef.new(shape: MessageString, location_name: "Message"))
288
292
  AlreadyExistsException.struct_class = Types::AlreadyExistsException
289
293
 
294
+ AssumeDecoratedRoleWithSAMLRequest.add_member(:saml_assertion, Shapes::ShapeRef.new(shape: SAMLAssertionString, required: true, location_name: "SAMLAssertion"))
295
+ AssumeDecoratedRoleWithSAMLRequest.add_member(:role_arn, Shapes::ShapeRef.new(shape: IAMRoleArn, required: true, location_name: "RoleArn"))
296
+ AssumeDecoratedRoleWithSAMLRequest.add_member(:principal_arn, Shapes::ShapeRef.new(shape: IAMSAMLProviderArn, required: true, location_name: "PrincipalArn"))
297
+ AssumeDecoratedRoleWithSAMLRequest.add_member(:duration_seconds, Shapes::ShapeRef.new(shape: CredentialTimeoutDurationSecondInteger, location_name: "DurationSeconds"))
298
+ AssumeDecoratedRoleWithSAMLRequest.struct_class = Types::AssumeDecoratedRoleWithSAMLRequest
299
+
300
+ AssumeDecoratedRoleWithSAMLResponse.add_member(:access_key_id, Shapes::ShapeRef.new(shape: AccessKeyIdString, location_name: "AccessKeyId"))
301
+ AssumeDecoratedRoleWithSAMLResponse.add_member(:secret_access_key, Shapes::ShapeRef.new(shape: SecretAccessKeyString, location_name: "SecretAccessKey"))
302
+ AssumeDecoratedRoleWithSAMLResponse.add_member(:session_token, Shapes::ShapeRef.new(shape: SessionTokenString, location_name: "SessionToken"))
303
+ AssumeDecoratedRoleWithSAMLResponse.add_member(:expiration, Shapes::ShapeRef.new(shape: ExpirationTimestamp, location_name: "Expiration"))
304
+ AssumeDecoratedRoleWithSAMLResponse.struct_class = Types::AssumeDecoratedRoleWithSAMLResponse
305
+
290
306
  AuditContext.add_member(:additional_audit_context, Shapes::ShapeRef.new(shape: AuditContextString, location_name: "AdditionalAuditContext"))
291
307
  AuditContext.struct_class = Types::AuditContext
292
308
 
@@ -1007,6 +1023,19 @@ module Aws::LakeFormation
1007
1023
  o.errors << Shapes::ShapeRef.new(shape: ConcurrentModificationException)
1008
1024
  end)
1009
1025
 
1026
+ api.add_operation(:assume_decorated_role_with_saml, Seahorse::Model::Operation.new.tap do |o|
1027
+ o.name = "AssumeDecoratedRoleWithSAML"
1028
+ o.http_method = "POST"
1029
+ o.http_request_uri = "/AssumeDecoratedRoleWithSAML"
1030
+ o.input = Shapes::ShapeRef.new(shape: AssumeDecoratedRoleWithSAMLRequest)
1031
+ o.output = Shapes::ShapeRef.new(shape: AssumeDecoratedRoleWithSAMLResponse)
1032
+ o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
1033
+ o.errors << Shapes::ShapeRef.new(shape: InternalServiceException)
1034
+ o.errors << Shapes::ShapeRef.new(shape: OperationTimeoutException)
1035
+ o.errors << Shapes::ShapeRef.new(shape: EntityNotFoundException)
1036
+ o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
1037
+ end)
1038
+
1010
1039
  api.add_operation(:batch_grant_permissions, Seahorse::Model::Operation.new.tap do |o|
1011
1040
  o.name = "BatchGrantPermissions"
1012
1041
  o.http_method = "POST"
@@ -192,6 +192,79 @@ module Aws::LakeFormation
192
192
  include Aws::Structure
193
193
  end
194
194
 
195
+ # @note When making an API call, you may pass AssumeDecoratedRoleWithSAMLRequest
196
+ # data as a hash:
197
+ #
198
+ # {
199
+ # saml_assertion: "SAMLAssertionString", # required
200
+ # role_arn: "IAMRoleArn", # required
201
+ # principal_arn: "IAMSAMLProviderArn", # required
202
+ # duration_seconds: 1,
203
+ # }
204
+ #
205
+ # @!attribute [rw] saml_assertion
206
+ # A SAML assertion consisting of an assertion statement for the user
207
+ # who needs temporary credentials. This must match the SAML assertion
208
+ # that was issued to IAM. This must be Base64 encoded.
209
+ # @return [String]
210
+ #
211
+ # @!attribute [rw] role_arn
212
+ # The role that represents an IAM principal whose scope down policy
213
+ # allows it to call credential vending APIs such as
214
+ # `GetTemporaryTableCredentials`. The caller must also have
215
+ # iam:PassRole permission on this role.
216
+ # @return [String]
217
+ #
218
+ # @!attribute [rw] principal_arn
219
+ # The Amazon Resource Name (ARN) of the SAML provider in IAM that
220
+ # describes the IdP.
221
+ # @return [String]
222
+ #
223
+ # @!attribute [rw] duration_seconds
224
+ # The time period, between 900 and 43,200 seconds, for the timeout of
225
+ # the temporary credentials.
226
+ # @return [Integer]
227
+ #
228
+ # @see http://docs.aws.amazon.com/goto/WebAPI/lakeformation-2017-03-31/AssumeDecoratedRoleWithSAMLRequest AWS API Documentation
229
+ #
230
+ class AssumeDecoratedRoleWithSAMLRequest < Struct.new(
231
+ :saml_assertion,
232
+ :role_arn,
233
+ :principal_arn,
234
+ :duration_seconds)
235
+ SENSITIVE = []
236
+ include Aws::Structure
237
+ end
238
+
239
+ # @!attribute [rw] access_key_id
240
+ # The access key ID for the temporary credentials. (The access key
241
+ # consists of an access key ID and a secret key).
242
+ # @return [String]
243
+ #
244
+ # @!attribute [rw] secret_access_key
245
+ # The secret key for the temporary credentials. (The access key
246
+ # consists of an access key ID and a secret key).
247
+ # @return [String]
248
+ #
249
+ # @!attribute [rw] session_token
250
+ # The session token for the temporary credentials.
251
+ # @return [String]
252
+ #
253
+ # @!attribute [rw] expiration
254
+ # The date and time when the temporary credentials expire.
255
+ # @return [Time]
256
+ #
257
+ # @see http://docs.aws.amazon.com/goto/WebAPI/lakeformation-2017-03-31/AssumeDecoratedRoleWithSAMLResponse AWS API Documentation
258
+ #
259
+ class AssumeDecoratedRoleWithSAMLResponse < Struct.new(
260
+ :access_key_id,
261
+ :secret_access_key,
262
+ :session_token,
263
+ :expiration)
264
+ SENSITIVE = []
265
+ include Aws::Structure
266
+ end
267
+
195
268
  # A structure used to include auditing information on the privileged
196
269
  # API.
197
270
  #
@@ -276,8 +349,8 @@ module Aws::LakeFormation
276
349
  # ],
277
350
  # },
278
351
  # },
279
- # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
280
- # permissions_with_grant_option: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
352
+ # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
353
+ # permissions_with_grant_option: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
281
354
  # },
282
355
  # ],
283
356
  # }
@@ -395,8 +468,8 @@ module Aws::LakeFormation
395
468
  # ],
396
469
  # },
397
470
  # },
398
- # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
399
- # permissions_with_grant_option: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
471
+ # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
472
+ # permissions_with_grant_option: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
400
473
  # }
401
474
  #
402
475
  # @!attribute [rw] id
@@ -491,8 +564,8 @@ module Aws::LakeFormation
491
564
  # ],
492
565
  # },
493
566
  # },
494
- # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
495
- # permissions_with_grant_option: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
567
+ # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
568
+ # permissions_with_grant_option: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
496
569
  # },
497
570
  # ],
498
571
  # }
@@ -870,7 +943,7 @@ module Aws::LakeFormation
870
943
  # principal: {
871
944
  # data_lake_principal_identifier: "DataLakePrincipalString",
872
945
  # },
873
- # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
946
+ # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
874
947
  # },
875
948
  # ],
876
949
  # create_table_default_permissions: [
@@ -878,7 +951,7 @@ module Aws::LakeFormation
878
951
  # principal: {
879
952
  # data_lake_principal_identifier: "DataLakePrincipalString",
880
953
  # },
881
- # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
954
+ # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
882
955
  # },
883
956
  # ],
884
957
  # trusted_resource_owners: ["CatalogIdString"],
@@ -1902,7 +1975,7 @@ module Aws::LakeFormation
1902
1975
  # partition: { # required
1903
1976
  # values: ["ValueString"], # required
1904
1977
  # },
1905
- # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
1978
+ # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
1906
1979
  # duration_seconds: 1,
1907
1980
  # audit_context: {
1908
1981
  # additional_audit_context: "AuditContextString",
@@ -1983,7 +2056,7 @@ module Aws::LakeFormation
1983
2056
  #
1984
2057
  # {
1985
2058
  # table_arn: "ResourceArnString", # required
1986
- # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
2059
+ # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
1987
2060
  # duration_seconds: 1,
1988
2061
  # audit_context: {
1989
2062
  # additional_audit_context: "AuditContextString",
@@ -2237,8 +2310,8 @@ module Aws::LakeFormation
2237
2310
  # ],
2238
2311
  # },
2239
2312
  # },
2240
- # permissions: ["ALL"], # required, accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
2241
- # permissions_with_grant_option: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
2313
+ # permissions: ["ALL"], # required, accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
2314
+ # permissions_with_grant_option: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
2242
2315
  # }
2243
2316
  #
2244
2317
  # @!attribute [rw] catalog_id
@@ -3033,7 +3106,7 @@ module Aws::LakeFormation
3033
3106
  # principal: {
3034
3107
  # data_lake_principal_identifier: "DataLakePrincipalString",
3035
3108
  # },
3036
- # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
3109
+ # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
3037
3110
  # }
3038
3111
  #
3039
3112
  # @!attribute [rw] principal
@@ -3106,7 +3179,7 @@ module Aws::LakeFormation
3106
3179
  # principal: {
3107
3180
  # data_lake_principal_identifier: "DataLakePrincipalString",
3108
3181
  # },
3109
- # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
3182
+ # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
3110
3183
  # },
3111
3184
  # ],
3112
3185
  # create_table_default_permissions: [
@@ -3114,7 +3187,7 @@ module Aws::LakeFormation
3114
3187
  # principal: {
3115
3188
  # data_lake_principal_identifier: "DataLakePrincipalString",
3116
3189
  # },
3117
- # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
3190
+ # permissions: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
3118
3191
  # },
3119
3192
  # ],
3120
3193
  # trusted_resource_owners: ["CatalogIdString"],
@@ -3579,8 +3652,8 @@ module Aws::LakeFormation
3579
3652
  # ],
3580
3653
  # },
3581
3654
  # },
3582
- # permissions: ["ALL"], # required, accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
3583
- # permissions_with_grant_option: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ALTER_TAG, DELETE_TAG, DESCRIBE_TAG, ASSOCIATE_TAG
3655
+ # permissions: ["ALL"], # required, accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
3656
+ # permissions_with_grant_option: ["ALL"], # accepts ALL, SELECT, ALTER, DROP, DELETE, INSERT, DESCRIBE, CREATE_DATABASE, CREATE_TABLE, DATA_LOCATION_ACCESS, CREATE_TAG, ASSOCIATE
3584
3657
  # }
3585
3658
  #
3586
3659
  # @!attribute [rw] catalog_id
@@ -48,6 +48,6 @@ require_relative 'aws-sdk-lakeformation/customizations'
48
48
  # @!group service
49
49
  module Aws::LakeFormation
50
50
 
51
- GEM_VERSION = '1.24.0'
51
+ GEM_VERSION = '1.27.0'
52
52
 
53
53
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-lakeformation
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.24.0
4
+ version: 1.27.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-02-04 00:00:00.000000000 Z
11
+ date: 2022-08-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core
@@ -19,7 +19,7 @@ dependencies:
19
19
  version: '3'
20
20
  - - ">="
21
21
  - !ruby/object:Gem::Version
22
- version: 3.126.0
22
+ version: 3.127.0
23
23
  type: :runtime
24
24
  prerelease: false
25
25
  version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
29
29
  version: '3'
30
30
  - - ">="
31
31
  - !ruby/object:Gem::Version
32
- version: 3.126.0
32
+ version: 3.127.0
33
33
  - !ruby/object:Gem::Dependency
34
34
  name: aws-sigv4
35
35
  requirement: !ruby/object:Gem::Requirement