@aws-sdk/client-lakeformation 3.370.0 → 3.377.0

package/dist-cjs/models/models_0.js

@@ -110,12 +110,13 @@ exports.Permission = {
     ALTER: "ALTER",
     ASSOCIATE: "ASSOCIATE",
     CREATE_DATABASE: "CREATE_DATABASE",
+    CREATE_LF_TAG: "CREATE_LF_TAG",
     CREATE_TABLE: "CREATE_TABLE",
-    CREATE_TAG: "CREATE_TAG",
     DATA_LOCATION_ACCESS: "DATA_LOCATION_ACCESS",
     DELETE: "DELETE",
     DESCRIBE: "DESCRIBE",
     DROP: "DROP",
+    GRANT_WITH_LF_TAG_EXPRESSION: "GRANT_WITH_LF_TAG_EXPRESSION",
     INSERT: "INSERT",
     SELECT: "SELECT",
 };
@@ -264,6 +265,8 @@ exports.GlueEncryptionException = GlueEncryptionException;
 exports.PermissionType = {
     CELL_FILTER_PERMISSION: "CELL_FILTER_PERMISSION",
     COLUMN_PERMISSION: "COLUMN_PERMISSION",
+    NESTED_CELL_PERMISSION: "NESTED_CELL_PERMISSION",
+    NESTED_PERMISSION: "NESTED_PERMISSION",
 };
 class PermissionTypeMismatchException extends LakeFormationServiceException_1.LakeFormationServiceException {
     constructor(opts) {

package/dist-es/models/models_0.js

@@ -100,12 +100,13 @@ export const Permission = {
     ALTER: "ALTER",
     ASSOCIATE: "ASSOCIATE",
     CREATE_DATABASE: "CREATE_DATABASE",
+    CREATE_LF_TAG: "CREATE_LF_TAG",
     CREATE_TABLE: "CREATE_TABLE",
-    CREATE_TAG: "CREATE_TAG",
     DATA_LOCATION_ACCESS: "DATA_LOCATION_ACCESS",
     DELETE: "DELETE",
     DESCRIBE: "DESCRIBE",
     DROP: "DROP",
+    GRANT_WITH_LF_TAG_EXPRESSION: "GRANT_WITH_LF_TAG_EXPRESSION",
     INSERT: "INSERT",
     SELECT: "SELECT",
 };
@@ -245,6 +246,8 @@ export class GlueEncryptionException extends __BaseException {
 export const PermissionType = {
     CELL_FILTER_PERMISSION: "CELL_FILTER_PERMISSION",
     COLUMN_PERMISSION: "COLUMN_PERMISSION",
+    NESTED_CELL_PERMISSION: "NESTED_CELL_PERMISSION",
+    NESTED_PERMISSION: "NESTED_PERMISSION",
 };
 export class PermissionTypeMismatchException extends __BaseException {
     constructor(opts) {

package/dist-types/commands/BatchGrantPermissionsCommand.d.ts

@@ -94,10 +94,10 @@ export interface BatchGrantPermissionsCommandOutput extends BatchGrantPermission
  *         },
  *       },
  *       Permissions: [ // PermissionList
- *         "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
+ *         "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
  *       ],
  *       PermissionsWithGrantOption: [
- *         "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
+ *         "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
  *       ],
  *     },
  *   ],
@@ -168,10 +168,10 @@ export interface BatchGrantPermissionsCommandOutput extends BatchGrantPermission
  * //           },
  * //         },
  * //         Permissions: [ // PermissionList
- * //           "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
+ * //           "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
  * //         ],
  * //         PermissionsWithGrantOption: [
- * //           "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
+ * //           "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
  * //         ],
  * //       },
  * //       Error: { // ErrorDetail

package/dist-types/commands/BatchRevokePermissionsCommand.d.ts

@@ -94,10 +94,10 @@ export interface BatchRevokePermissionsCommandOutput extends BatchRevokePermissi
  *         },
  *       },
  *       Permissions: [ // PermissionList
- *         "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
+ *         "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
  *       ],
  *       PermissionsWithGrantOption: [
- *         "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
+ *         "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
  *       ],
  *     },
  *   ],
@@ -168,10 +168,10 @@ export interface BatchRevokePermissionsCommandOutput extends BatchRevokePermissi
  * //           },
  * //         },
  * //         Permissions: [ // PermissionList
- * //           "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
+ * //           "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
  * //         ],
  * //         PermissionsWithGrantOption: [
- * //           "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
+ * //           "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
  * //         ],
  * //       },
  * //       Error: { // ErrorDetail

package/dist-types/commands/GetDataLakeSettingsCommand.d.ts

@@ -42,13 +42,18 @@ export interface GetDataLakeSettingsCommandOutput extends GetDataLakeSettingsRes
  * //         DataLakePrincipalIdentifier: "STRING_VALUE",
  * //       },
  * //     ],
+ * //     ReadOnlyAdmins: [
+ * //       {
+ * //         DataLakePrincipalIdentifier: "STRING_VALUE",
+ * //       },
+ * //     ],
  * //     CreateDatabaseDefaultPermissions: [ // PrincipalPermissionsList
  * //       { // PrincipalPermissions
  * //         Principal: {
  * //           DataLakePrincipalIdentifier: "STRING_VALUE",
  * //         },
  * //         Permissions: [ // PermissionList
- * //           "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
+ * //           "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
  * //         ],
  * //       },
  * //     ],
@@ -58,7 +63,7 @@ export interface GetDataLakeSettingsCommandOutput extends GetDataLakeSettingsRes
  * //           DataLakePrincipalIdentifier: "STRING_VALUE",
  * //         },
  * //         Permissions: [
- * //           "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
+ * //           "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
  * //         ],
  * //       },
  * //     ],
@@ -69,6 +74,7 @@ export interface GetDataLakeSettingsCommandOutput extends GetDataLakeSettingsRes
  * //       "STRING_VALUE",
  * //     ],
  * //     AllowExternalDataFiltering: true || false,
+ * //     AllowFullTableExternalDataAccess: true || false,
  * //     ExternalDataFilteringAllowList: [
  * //       {
  * //         DataLakePrincipalIdentifier: "STRING_VALUE",

package/dist-types/commands/GetEffectivePermissionsForPathCommand.d.ts

@@ -101,10 +101,10 @@ export interface GetEffectivePermissionsForPathCommandOutput extends GetEffectiv
  * //         },
  * //       },
  * //       Permissions: [ // PermissionList
- * //         "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
+ * //         "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
  * //       ],
  * //       PermissionsWithGrantOption: [
- * //         "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
+ * //         "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
  * //       ],
  * //       AdditionalDetails: { // DetailsMap
  * //         ResourceShare: [ // ResourceShareList

package/dist-types/commands/GetTemporaryGluePartitionCredentialsCommand.d.ts

@@ -38,14 +38,14 @@ export interface GetTemporaryGluePartitionCredentialsCommandOutput extends GetTe
  *     ],
  *   },
  *   Permissions: [ // PermissionList
- *     "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
+ *     "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
  *   ],
  *   DurationSeconds: Number("int"),
  *   AuditContext: { // AuditContext
  *     AdditionalAuditContext: "STRING_VALUE",
  *   },
- *   SupportedPermissionTypes: [ // PermissionTypeList // required
- *     "COLUMN_PERMISSION" || "CELL_FILTER_PERMISSION",
+ *   SupportedPermissionTypes: [ // PermissionTypeList
+ *     "COLUMN_PERMISSION" || "CELL_FILTER_PERMISSION" || "NESTED_PERMISSION" || "NESTED_CELL_PERMISSION",
  *   ],
  * };
  * const command = new GetTemporaryGluePartitionCredentialsCommand(input);

package/dist-types/commands/GetTemporaryGlueTableCredentialsCommand.d.ts

@@ -33,14 +33,14 @@ export interface GetTemporaryGlueTableCredentialsCommandOutput extends GetTempor
  * const input = { // GetTemporaryGlueTableCredentialsRequest
  *   TableArn: "STRING_VALUE", // required
  *   Permissions: [ // PermissionList
- *     "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
+ *     "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
  *   ],
  *   DurationSeconds: Number("int"),
  *   AuditContext: { // AuditContext
  *     AdditionalAuditContext: "STRING_VALUE",
  *   },
- *   SupportedPermissionTypes: [ // PermissionTypeList // required
- *     "COLUMN_PERMISSION" || "CELL_FILTER_PERMISSION",
+ *   SupportedPermissionTypes: [ // PermissionTypeList
+ *     "COLUMN_PERMISSION" || "CELL_FILTER_PERMISSION" || "NESTED_PERMISSION" || "NESTED_CELL_PERMISSION",
  *   ],
  * };
  * const command = new GetTemporaryGlueTableCredentialsCommand(input);

package/dist-types/commands/GrantPermissionsCommand.d.ts

@@ -92,10 +92,10 @@ export interface GrantPermissionsCommandOutput extends GrantPermissionsResponse,
  *     },
  *   },
  *   Permissions: [ // PermissionList // required
- *     "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
+ *     "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
  *   ],
  *   PermissionsWithGrantOption: [
- *     "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
+ *     "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
  *   ],
  * };
  * const command = new GrantPermissionsCommand(input);

package/dist-types/commands/ListPermissionsCommand.d.ts

@@ -25,7 +25,7 @@ export interface ListPermissionsCommandOutput extends ListPermissionsResponse, _
  * @public
  * <p>Returns a list of the principal permissions on the resource, filtered by the permissions of the caller. For example, if you are granted an ALTER permission, you are able to see only the principal permissions for ALTER.</p>
  *          <p>This operation returns only those permissions that have been explicitly granted.</p>
- *          <p>For information about permissions, see <a href="https://docs-aws.amazon.com/lake-formation/latest/dg/security-data-access.html">Security and Access Control to Metadata and Data</a>.</p>
+ *          <p>For information about permissions, see <a href="https://docs.aws.amazon.com/lake-formation/latest/dg/security-data-access.html">Security and Access Control to Metadata and Data</a>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
@@ -161,10 +161,10 @@ export interface ListPermissionsCommandOutput extends ListPermissionsResponse, _
  * //         },
  * //       },
  * //       Permissions: [ // PermissionList
- * //         "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
+ * //         "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
  * //       ],
  * //       PermissionsWithGrantOption: [
- * //         "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
+ * //         "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
  * //       ],
  * //       AdditionalDetails: { // DetailsMap
  * //         ResourceShare: [ // ResourceShareList

package/dist-types/commands/PutDataLakeSettingsCommand.d.ts

@@ -39,13 +39,18 @@ export interface PutDataLakeSettingsCommandOutput extends PutDataLakeSettingsRes
  *         DataLakePrincipalIdentifier: "STRING_VALUE",
  *       },
  *     ],
+ *     ReadOnlyAdmins: [
+ *       {
+ *         DataLakePrincipalIdentifier: "STRING_VALUE",
+ *       },
+ *     ],
  *     CreateDatabaseDefaultPermissions: [ // PrincipalPermissionsList
  *       { // PrincipalPermissions
  *         Principal: {
  *           DataLakePrincipalIdentifier: "STRING_VALUE",
  *         },
  *         Permissions: [ // PermissionList
- *           "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
+ *           "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
  *         ],
  *       },
  *     ],
@@ -55,7 +60,7 @@ export interface PutDataLakeSettingsCommandOutput extends PutDataLakeSettingsRes
  *           DataLakePrincipalIdentifier: "STRING_VALUE",
  *         },
  *         Permissions: [
- *           "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
+ *           "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
  *         ],
  *       },
  *     ],
@@ -66,6 +71,7 @@ export interface PutDataLakeSettingsCommandOutput extends PutDataLakeSettingsRes
  *       "STRING_VALUE",
  *     ],
  *     AllowExternalDataFiltering: true || false,
+ *     AllowFullTableExternalDataAccess: true || false,
  *     ExternalDataFilteringAllowList: [
  *       {
  *         DataLakePrincipalIdentifier: "STRING_VALUE",

package/dist-types/commands/RevokePermissionsCommand.d.ts

@@ -91,10 +91,10 @@ export interface RevokePermissionsCommandOutput extends RevokePermissionsRespons
  *     },
  *   },
  *   Permissions: [ // PermissionList // required
- *     "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
+ *     "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
  *   ],
  *   PermissionsWithGrantOption: [
- *     "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_TAG" || "ASSOCIATE",
+ *     "ALL" || "SELECT" || "ALTER" || "DROP" || "DELETE" || "INSERT" || "DESCRIBE" || "CREATE_DATABASE" || "CREATE_TABLE" || "DATA_LOCATION_ACCESS" || "CREATE_LF_TAG" || "ASSOCIATE" || "GRANT_WITH_LF_TAG_EXPRESSION",
  *   ],
  * };
  * const command = new RevokePermissionsCommand(input);

package/dist-types/models/models_0.d.ts

@@ -498,12 +498,13 @@ export declare const Permission: {
     readonly ALTER: "ALTER";
     readonly ASSOCIATE: "ASSOCIATE";
     readonly CREATE_DATABASE: "CREATE_DATABASE";
+    readonly CREATE_LF_TAG: "CREATE_LF_TAG";
     readonly CREATE_TABLE: "CREATE_TABLE";
-    readonly CREATE_TAG: "CREATE_TAG";
     readonly DATA_LOCATION_ACCESS: "DATA_LOCATION_ACCESS";
     readonly DELETE: "DELETE";
     readonly DESCRIBE: "DESCRIBE";
     readonly DROP: "DROP";
+    readonly GRANT_WITH_LF_TAG_EXPRESSION: "GRANT_WITH_LF_TAG_EXPRESSION";
     readonly INSERT: "INSERT";
     readonly SELECT: "SELECT";
 };
@@ -740,7 +741,7 @@ export interface DataCellsFilter {
      */
     RowFilter?: RowFilter;
     /**
-     * <p>A list of column names.</p>
+     * <p>A list of column names and/or nested column attributes. When specifying nested attributes, use a qualified dot (.) delimited format such as "address"."zip". Nested attributes within this list may not exceed a depth of 5.</p>
      */
     ColumnNames?: string[];
     /**
@@ -1081,6 +1082,10 @@ export interface DataLakeSettings {
      * <p>A list of Lake Formation principals. Supported principals are IAM users or IAM roles.</p>
      */
     DataLakeAdmins?: DataLakePrincipal[];
+    /**
+     * <p>A list of Lake Formation principals with only view access to the resources, without the ability to make changes. Supported principals are IAM users or IAM roles.</p>
+     */
+    ReadOnlyAdmins?: DataLakePrincipal[];
     /**
      * <p>Specifies whether access control on newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.</p>
      *          <p>A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.</p>
@@ -1108,9 +1113,13 @@ export interface DataLakeSettings {
      * <p>Whether to allow Amazon EMR clusters to access data managed by Lake Formation. </p>
      *          <p>If true, you allow Amazon EMR clusters to access data in Amazon S3 locations that are registered with Lake Formation.</p>
      *          <p>If false or null, no Amazon EMR clusters will be able to access data in Amazon S3 locations that are registered with Lake Formation.</p>
-     *          <p>For more information, see <a href="https://docs-aws.amazon.com/lake-formation/latest/dg/getting-started-setup.html#emr-switch">(Optional) Allow Data Filtering on Amazon EMR</a>.</p>
+     *          <p>For more information, see <a href="https://docs.aws.amazon.com/lake-formation/latest/dg/initial-LF-setup.html#external-data-filter">(Optional) Allow external data filtering</a>.</p>
      */
     AllowExternalDataFiltering?: boolean;
+    /**
+     * <p>Whether to allow a third-party query engine to get data access credentials without session tags when a caller has full data access permissions.</p>
+     */
+    AllowFullTableExternalDataAccess?: boolean;
     /**
      * <p>A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.></p>
      */
@@ -1573,6 +1582,8 @@ export interface PartitionValueList {
 export declare const PermissionType: {
     readonly CELL_FILTER_PERMISSION: "CELL_FILTER_PERMISSION";
     readonly COLUMN_PERMISSION: "COLUMN_PERMISSION";
+    readonly NESTED_CELL_PERMISSION: "NESTED_CELL_PERMISSION";
+    readonly NESTED_PERMISSION: "NESTED_PERMISSION";
 };
 /**
  * @public
@@ -1605,7 +1616,7 @@ export interface GetTemporaryGluePartitionCredentialsRequest {
     /**
      * <p>A list of supported permission types for the partition. Valid values are <code>COLUMN_PERMISSION</code> and <code>CELL_FILTER_PERMISSION</code>.</p>
      */
-    SupportedPermissionTypes: (PermissionType | string)[] | undefined;
+    SupportedPermissionTypes?: (PermissionType | string)[];
 }
 /**
  * @public
@@ -1667,7 +1678,7 @@ export interface GetTemporaryGlueTableCredentialsRequest {
     /**
      * <p>A list of supported permission types for the table. Valid values are <code>COLUMN_PERMISSION</code> and <code>CELL_FILTER_PERMISSION</code>.</p>
      */
-    SupportedPermissionTypes: (PermissionType | string)[] | undefined;
+    SupportedPermissionTypes?: (PermissionType | string)[];
 }
 /**
  * @public

package/dist-types/ts3.4/models/models_0.d.ts

@@ -169,12 +169,13 @@ export declare const Permission: {
   readonly ALTER: "ALTER";
   readonly ASSOCIATE: "ASSOCIATE";
   readonly CREATE_DATABASE: "CREATE_DATABASE";
+  readonly CREATE_LF_TAG: "CREATE_LF_TAG";
   readonly CREATE_TABLE: "CREATE_TABLE";
-  readonly CREATE_TAG: "CREATE_TAG";
   readonly DATA_LOCATION_ACCESS: "DATA_LOCATION_ACCESS";
   readonly DELETE: "DELETE";
   readonly DESCRIBE: "DESCRIBE";
   readonly DROP: "DROP";
+  readonly GRANT_WITH_LF_TAG_EXPRESSION: "GRANT_WITH_LF_TAG_EXPRESSION";
   readonly INSERT: "INSERT";
   readonly SELECT: "SELECT";
 };
@@ -369,11 +370,13 @@ export interface PrincipalPermissions {
 }
 export interface DataLakeSettings {
   DataLakeAdmins?: DataLakePrincipal[];
+  ReadOnlyAdmins?: DataLakePrincipal[];
   CreateDatabaseDefaultPermissions?: PrincipalPermissions[];
   CreateTableDefaultPermissions?: PrincipalPermissions[];
   Parameters?: Record<string, string>;
   TrustedResourceOwners?: string[];
   AllowExternalDataFiltering?: boolean;
+  AllowFullTableExternalDataAccess?: boolean;
   ExternalDataFilteringAllowList?: DataLakePrincipal[];
   AuthorizedSessionTagValueList?: string[];
 }
@@ -518,6 +521,8 @@ export interface PartitionValueList {
 export declare const PermissionType: {
   readonly CELL_FILTER_PERMISSION: "CELL_FILTER_PERMISSION";
   readonly COLUMN_PERMISSION: "COLUMN_PERMISSION";
+  readonly NESTED_CELL_PERMISSION: "NESTED_CELL_PERMISSION";
+  readonly NESTED_PERMISSION: "NESTED_PERMISSION";
 };
 export type PermissionType =
   (typeof PermissionType)[keyof typeof PermissionType];
@@ -527,7 +532,7 @@ export interface GetTemporaryGluePartitionCredentialsRequest {
   Permissions?: (Permission | string)[];
   DurationSeconds?: number;
   AuditContext?: AuditContext;
-  SupportedPermissionTypes: (PermissionType | string)[] | undefined;
+  SupportedPermissionTypes?: (PermissionType | string)[];
 }
 export interface GetTemporaryGluePartitionCredentialsResponse {
   AccessKeyId?: string;
@@ -551,7 +556,7 @@ export interface GetTemporaryGlueTableCredentialsRequest {
   Permissions?: (Permission | string)[];
   DurationSeconds?: number;
   AuditContext?: AuditContext;
-  SupportedPermissionTypes: (PermissionType | string)[] | undefined;
+  SupportedPermissionTypes?: (PermissionType | string)[];
 }
 export interface GetTemporaryGlueTableCredentialsResponse {
   AccessKeyId?: string;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-lakeformation",
   "description": "AWS SDK for JavaScript Lakeformation Client for Node.js, Browser and React Native",
-  "version": "3.370.0",
+  "version": "3.377.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "tsc -p tsconfig.cjs.json",
@@ -21,7 +21,7 @@
   "dependencies": {
     "@aws-crypto/sha256-browser": "3.0.0",
     "@aws-crypto/sha256-js": "3.0.0",
-    "@aws-sdk/client-sts": "3.370.0",
+    "@aws-sdk/client-sts": "3.377.0",
     "@aws-sdk/credential-provider-node": "3.370.0",
     "@aws-sdk/middleware-host-header": "3.370.0",
     "@aws-sdk/middleware-logger": "3.370.0",