@aws-sdk/client-lakeformation 3.969.0 → 3.971.0

package/dist-types/commands/GetTemporaryDataLocationCredentialsCommand.d.ts

@@ -0,0 +1,132 @@
+import { Command as $Command } from "@smithy/smithy-client";
+import type { MetadataBearer as __MetadataBearer } from "@smithy/types";
+import type { LakeFormationClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../LakeFormationClient";
+import type { GetTemporaryDataLocationCredentialsRequest, GetTemporaryDataLocationCredentialsResponse } from "../models/models_0";
+/**
+ * @public
+ */
+export type { __MetadataBearer };
+export { $Command };
+/**
+ * @public
+ *
+ * The input for {@link GetTemporaryDataLocationCredentialsCommand}.
+ */
+export interface GetTemporaryDataLocationCredentialsCommandInput extends GetTemporaryDataLocationCredentialsRequest {
+}
+/**
+ * @public
+ *
+ * The output of {@link GetTemporaryDataLocationCredentialsCommand}.
+ */
+export interface GetTemporaryDataLocationCredentialsCommandOutput extends GetTemporaryDataLocationCredentialsResponse, __MetadataBearer {
+}
+declare const GetTemporaryDataLocationCredentialsCommand_base: {
+    new (input: GetTemporaryDataLocationCredentialsCommandInput): import("@smithy/smithy-client").CommandImpl<GetTemporaryDataLocationCredentialsCommandInput, GetTemporaryDataLocationCredentialsCommandOutput, LakeFormationClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    new (...[input]: [] | [GetTemporaryDataLocationCredentialsCommandInput]): import("@smithy/smithy-client").CommandImpl<GetTemporaryDataLocationCredentialsCommandInput, GetTemporaryDataLocationCredentialsCommandOutput, LakeFormationClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
+};
+/**
+ * <p>Allows a user or application in a secure environment to access data in a specific Amazon S3 location registered with Lake Formation by providing temporary scoped credentials that are limited to the requested data location and
+ *       the caller's authorized access level.</p>
+ *          <p> The API operation returns an error in the following scenarios:</p>
+ *          <ul>
+ *             <li>
+ *                <p>The data location is not registered with Lake Formation. </p>
+ *             </li>
+ *             <li>
+ *                <p>No Glue table is associated with the data location.</p>
+ *             </li>
+ *             <li>
+ *                <p>The caller doesn't have required permissions on the associated table. The caller must have
+ *             <code>SELECT</code> or <code>SUPER</code> permissions on the associated table, and
+ *           credential vending for full table access must be enabled in the data lake settings. </p>
+ *                <p>For more information, see <a href="https://docs.aws.amazon.com/lake-formation/latest/dg/full-table-credential-vending.html">Application integration for full table access</a>.</p>
+ *             </li>
+ *             <li>
+ *                <p>The data location is in a different Amazon Web Services Region. Lake Formation doesn't
+ *           support cross-Region access when vending credentials for a data location. Lake Formation only supports Amazon S3 paths registered within the same Region as the API
+ *           call. </p>
+ *             </li>
+ *          </ul>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { LakeFormationClient, GetTemporaryDataLocationCredentialsCommand } from "@aws-sdk/client-lakeformation"; // ES Modules import
+ * // const { LakeFormationClient, GetTemporaryDataLocationCredentialsCommand } = require("@aws-sdk/client-lakeformation"); // CommonJS import
+ * // import type { LakeFormationClientConfig } from "@aws-sdk/client-lakeformation";
+ * const config = {}; // type is LakeFormationClientConfig
+ * const client = new LakeFormationClient(config);
+ * const input = { // GetTemporaryDataLocationCredentialsRequest
+ *   DurationSeconds: Number("int"),
+ *   AuditContext: { // AuditContext
+ *     AdditionalAuditContext: "STRING_VALUE",
+ *   },
+ *   DataLocations: [ // PathStringList
+ *     "STRING_VALUE",
+ *   ],
+ *   CredentialsScope: "READ" || "READWRITE",
+ * };
+ * const command = new GetTemporaryDataLocationCredentialsCommand(input);
+ * const response = await client.send(command);
+ * // { // GetTemporaryDataLocationCredentialsResponse
+ * //   Credentials: { // TemporaryCredentials
+ * //     AccessKeyId: "STRING_VALUE",
+ * //     SecretAccessKey: "STRING_VALUE",
+ * //     SessionToken: "STRING_VALUE",
+ * //     Expiration: new Date("TIMESTAMP"),
+ * //   },
+ * //   AccessibleDataLocations: [ // PathStringList
+ * //     "STRING_VALUE",
+ * //   ],
+ * //   CredentialsScope: "READ" || "READWRITE",
+ * // };
+ *
+ * ```
+ *
+ * @param GetTemporaryDataLocationCredentialsCommandInput - {@link GetTemporaryDataLocationCredentialsCommandInput}
+ * @returns {@link GetTemporaryDataLocationCredentialsCommandOutput}
+ * @see {@link GetTemporaryDataLocationCredentialsCommandInput} for command's `input` shape.
+ * @see {@link GetTemporaryDataLocationCredentialsCommandOutput} for command's `response` shape.
+ * @see {@link LakeFormationClientResolvedConfig | config} for LakeFormationClient's `config` shape.
+ *
+ * @throws {@link AccessDeniedException} (client fault)
+ *  <p>Access to a resource was denied.</p>
+ *
+ * @throws {@link ConflictException} (client fault)
+ *  <p>Multiple resources exist with the same Amazon S3 location</p>
+ *
+ * @throws {@link EntityNotFoundException} (client fault)
+ *  <p>A specified entity does not exist.</p>
+ *
+ * @throws {@link GlueEncryptionException} (client fault)
+ *  <p>An encryption operation failed.</p>
+ *
+ * @throws {@link InternalServiceException} (server fault)
+ *  <p>An internal service error occurred.</p>
+ *
+ * @throws {@link InvalidInputException} (client fault)
+ *  <p>The input provided was not valid.</p>
+ *
+ * @throws {@link OperationTimeoutException} (client fault)
+ *  <p>The operation timed out.</p>
+ *
+ * @throws {@link LakeFormationServiceException}
+ * <p>Base exception class for all service exceptions from LakeFormation service.</p>
+ *
+ *
+ * @public
+ */
+export declare class GetTemporaryDataLocationCredentialsCommand extends GetTemporaryDataLocationCredentialsCommand_base {
+    /** @internal type navigation helper, not in runtime. */
+    protected static __types: {
+        api: {
+            input: GetTemporaryDataLocationCredentialsRequest;
+            output: GetTemporaryDataLocationCredentialsResponse;
+        };
+        sdk: {
+            input: GetTemporaryDataLocationCredentialsCommandInput;
+            output: GetTemporaryDataLocationCredentialsCommandOutput;
+        };
+    };
+}

package/dist-types/commands/ListResourcesCommand.d.ts

@@ -60,6 +60,8 @@ declare const ListResourcesCommand_base: {
  * //       WithFederation: true || false,
  * //       HybridAccessEnabled: true || false,
  * //       WithPrivilegedAccess: true || false,
+ * //       VerificationStatus: "VERIFIED" || "VERIFICATION_FAILED" || "NOT_VERIFIED",
+ * //       ExpectedResourceOwnerAccount: "STRING_VALUE",
  * //     },
  * //   ],
  * //   NextToken: "STRING_VALUE",

package/dist-types/commands/RegisterResourceCommand.d.ts

@@ -53,6 +53,7 @@ declare const RegisterResourceCommand_base: {
  *   WithFederation: true || false,
  *   HybridAccessEnabled: true || false,
  *   WithPrivilegedAccess: true || false,
+ *   ExpectedResourceOwnerAccount: "STRING_VALUE",
  * };
  * const command = new RegisterResourceCommand(input);
  * const response = await client.send(command);

package/dist-types/commands/UpdateResourceCommand.d.ts

@@ -41,6 +41,7 @@ declare const UpdateResourceCommand_base: {
  *   ResourceArn: "STRING_VALUE", // required
  *   WithFederation: true || false,
  *   HybridAccessEnabled: true || false,
+ *   ExpectedResourceOwnerAccount: "STRING_VALUE",
  * };
  * const command = new UpdateResourceCommand(input);
  * const response = await client.send(command);

package/dist-types/commands/index.d.ts

@@ -30,6 +30,7 @@ export * from "./GetQueryStateCommand";
 export * from "./GetQueryStatisticsCommand";
 export * from "./GetResourceLFTagsCommand";
 export * from "./GetTableObjectsCommand";
+export * from "./GetTemporaryDataLocationCredentialsCommand";
 export * from "./GetTemporaryGluePartitionCredentialsCommand";
 export * from "./GetTemporaryGlueTableCredentialsCommand";
 export * from "./GetWorkUnitResultsCommand";

package/dist-types/models/enums.d.ts

@@ -86,6 +86,19 @@ export declare const ServiceAuthorization: {
  * @public
  */
 export type ServiceAuthorization = (typeof ServiceAuthorization)[keyof typeof ServiceAuthorization];
+/**
+ * @public
+ * @enum
+ */
+export declare const VerificationStatus: {
+    readonly NOT_VERIFIED: "NOT_VERIFIED";
+    readonly VERIFICATION_FAILED: "VERIFICATION_FAILED";
+    readonly VERIFIED: "VERIFIED";
+};
+/**
+ * @public
+ */
+export type VerificationStatus = (typeof VerificationStatus)[keyof typeof VerificationStatus];
 /**
  * @public
  * @enum
@@ -101,6 +114,18 @@ export declare const QueryStateString: {
  * @public
  */
 export type QueryStateString = (typeof QueryStateString)[keyof typeof QueryStateString];
+/**
+ * @public
+ * @enum
+ */
+export declare const CredentialsScope: {
+    readonly READ: "READ";
+    readonly READWRITE: "READWRITE";
+};
+/**
+ * @public
+ */
+export type CredentialsScope = (typeof CredentialsScope)[keyof typeof CredentialsScope];
 /**
  * @public
  * @enum

package/dist-types/models/errors.d.ts

@@ -275,6 +275,23 @@ export declare class GlueEncryptionException extends __BaseException {
      */
     constructor(opts: __ExceptionOptionType<GlueEncryptionException, __BaseException>);
 }
+/**
+ * <p>Multiple resources exist with the same Amazon S3 location</p>
+ * @public
+ */
+export declare class ConflictException extends __BaseException {
+    readonly name: "ConflictException";
+    readonly $fault: "client";
+    /**
+     * <p>A message describing the problem.</p>
+     * @public
+     */
+    Message?: string | undefined;
+    /**
+     * @internal
+     */
+    constructor(opts: __ExceptionOptionType<ConflictException, __BaseException>);
+}
 /**
  * <p>The engine does not support filtering data based on the enforced permissions. For example, if you call the <code>GetTemporaryGlueTableCredentials</code> operation with <code>SupportedPermissionType</code> equal to <code>ColumnPermission</code>, but cell-level permissions exist on the table, this exception is thrown.</p>
  * @public

package/dist-types/models/models_0.d.ts

@@ -1,5 +1,5 @@
 import { StreamingBlobTypes } from "@smithy/types";
-import { ApplicationStatus, ComparisonOperator, DataLakeResourceType, EnableStatus, FieldNameString, OptimizerType, Permission, PermissionType, QueryStateString, ResourceShareType, ResourceType, ServiceAuthorization, TransactionStatus, TransactionStatusFilter, TransactionType } from "./enums";
+import { ApplicationStatus, ComparisonOperator, CredentialsScope, DataLakeResourceType, EnableStatus, FieldNameString, OptimizerType, Permission, PermissionType, QueryStateString, ResourceShareType, ResourceType, ServiceAuthorization, TransactionStatus, TransactionStatusFilter, TransactionType, VerificationStatus } from "./enums";
 /**
  * <p>A structure containing an LF-tag key-value pair.</p>
  * @public
@@ -1200,6 +1200,27 @@ export interface ResourceInfo {
      * @public
      */
     WithPrivilegedAccess?: boolean | undefined;
+    /**
+     * <p>Indicates whether the registered role has sufficient permissions to access registered Amazon S3 location. Verification Status can be one of the following: </p>
+     *          <ul>
+     *             <li>
+     *                <p>VERIFIED - Registered role has sufficient permissions to access registered Amazon S3 location.</p>
+     *             </li>
+     *             <li>
+     *                <p>NOT_VERIFIED - Registered role does not have sufficient permissions to access registered Amazon S3 location.</p>
+     *             </li>
+     *             <li>
+     *                <p>VERIFICATION_FAILED - Unable to verify if the registered role can access the registered Amazon S3 location.</p>
+     *             </li>
+     *          </ul>
+     * @public
+     */
+    VerificationStatus?: VerificationStatus | undefined;
+    /**
+     * <p>The Amazon Web Services account that owns the Glue tables associated with specific Amazon S3 locations. </p>
+     * @public
+     */
+    ExpectedResourceOwnerAccount?: string | undefined;
 }
 /**
  * @public
@@ -1878,6 +1899,96 @@ export interface GetTableObjectsResponse {
      */
     NextToken?: string | undefined;
 }
+/**
+ * @public
+ */
+export interface GetTemporaryDataLocationCredentialsRequest {
+    /**
+     * <p>The time period, between 900 and 43,200 seconds, for the timeout of the temporary credentials.</p>
+     * @public
+     */
+    DurationSeconds?: number | undefined;
+    /**
+     * <p>A structure used to include auditing information on the privileged API. </p>
+     * @public
+     */
+    AuditContext?: AuditContext | undefined;
+    /**
+     * <p>The Amazon S3 data location that you want to access.</p>
+     * @public
+     */
+    DataLocations?: string[] | undefined;
+    /**
+     * <p>The credential scope is determined by the caller's Lake Formation permission on the associated table. Credential scope can be either:</p>
+     *          <ul>
+     *             <li>
+     *                <p>READ - Provides read-only access to the data location.</p>
+     *             </li>
+     *             <li>
+     *                <p>READ_WRITE - Provides both read and write access to the data location.</p>
+     *             </li>
+     *          </ul>
+     * @public
+     */
+    CredentialsScope?: CredentialsScope | undefined;
+}
+/**
+ * <p>A temporary set of credentials for an Lake Formation user. These credentials are scoped down to only access the raw data sources that the user has access to. </p>
+ *          <p>The temporary security credentials consist of an access key and a session token. The access key consists of an access key ID and a secret key. When the credentials are created, they are associated with an IAM access control policy that limits what the user can do when using the credentials.</p>
+ * @public
+ */
+export interface TemporaryCredentials {
+    /**
+     * <p>The access key ID for the temporary credentials.</p>
+     * @public
+     */
+    AccessKeyId?: string | undefined;
+    /**
+     * <p>The secret key for the temporary credentials.</p>
+     * @public
+     */
+    SecretAccessKey?: string | undefined;
+    /**
+     * <p>The session token for the temporary credentials.</p>
+     * @public
+     */
+    SessionToken?: string | undefined;
+    /**
+     * <p>The date and time when the temporary credentials expire.</p>
+     * @public
+     */
+    Expiration?: Date | undefined;
+}
+/**
+ * @public
+ */
+export interface GetTemporaryDataLocationCredentialsResponse {
+    /**
+     * <p>A temporary set of credentials for an Lake Formation user. These credentials are scoped down to only access the raw data sources that the user has access to. </p>
+     *          <p>The temporary security credentials consist of an access key and a session token. The access key consists of an access key ID and a secret key. When the credentials are created, they are associated with an IAM access control policy that limits what the user can do when using the credentials.</p>
+     * @public
+     */
+    Credentials?: TemporaryCredentials | undefined;
+    /**
+     * <p>Refers to the Amazon S3 locations that can be
+     *       accessed through the <code>GetTemporaryCredentialsForLocation</code> API operation.</p>
+     * @public
+     */
+    AccessibleDataLocations?: string[] | undefined;
+    /**
+     * <p>The credential scope is determined by the caller's Lake Formation permission on the associated table. Credential scope can be either:</p>
+     *          <ul>
+     *             <li>
+     *                <p>READ - Provides read-only access to the data location.</p>
+     *             </li>
+     *             <li>
+     *                <p>READ_WRITE - Provides both read and write access to the data location.</p>
+     *             </li>
+     *          </ul>
+     * @public
+     */
+    CredentialsScope?: CredentialsScope | undefined;
+}
 /**
  * <p>Contains a list of values defining partitions.</p>
  * @public
@@ -2688,6 +2799,12 @@ export interface RegisterResourceRequest {
      * @public
      */
     WithPrivilegedAccess?: boolean | undefined;
+    /**
+     * <p>The Amazon Web Services account that owns the Glue tables associated with specific Amazon S3 locations.
+     *     </p>
+     * @public
+     */
+    ExpectedResourceOwnerAccount?: string | undefined;
 }
 /**
  * @public
@@ -3110,6 +3227,12 @@ export interface UpdateResourceRequest {
      * @public
      */
     HybridAccessEnabled?: boolean | undefined;
+    /**
+     * <p>The Amazon Web Services account that owns the Glue tables associated with specific Amazon S3 locations.
+     *     </p>
+     * @public
+     */
+    ExpectedResourceOwnerAccount?: string | undefined;
 }
 /**
  * @public

package/dist-types/schemas/schemas_0.d.ts

@@ -23,6 +23,7 @@ export declare var CommitTransactionRequest$: StaticStructureSchema;
 export declare var CommitTransactionResponse$: StaticStructureSchema;
 export declare var ConcurrentModificationException$: StaticErrorSchema;
 export declare var Condition$: StaticStructureSchema;
+export declare var ConflictException$: StaticErrorSchema;
 export declare var CreateDataCellsFilterRequest$: StaticStructureSchema;
 export declare var CreateDataCellsFilterResponse$: StaticStructureSchema;
 export declare var CreateLakeFormationIdentityCenterConfigurationRequest$: StaticStructureSchema;
@@ -89,6 +90,8 @@ export declare var GetResourceLFTagsRequest$: StaticStructureSchema;
 export declare var GetResourceLFTagsResponse$: StaticStructureSchema;
 export declare var GetTableObjectsRequest$: StaticStructureSchema;
 export declare var GetTableObjectsResponse$: StaticStructureSchema;
+export declare var GetTemporaryDataLocationCredentialsRequest$: StaticStructureSchema;
+export declare var GetTemporaryDataLocationCredentialsResponse$: StaticStructureSchema;
 export declare var GetTemporaryGluePartitionCredentialsRequest$: StaticStructureSchema;
 export declare var GetTemporaryGluePartitionCredentialsResponse$: StaticStructureSchema;
 export declare var GetTemporaryGlueTableCredentialsRequest$: StaticStructureSchema;
@@ -165,6 +168,7 @@ export declare var TableWildcard$: StaticStructureSchema;
 export declare var TableWithColumnsResource$: StaticStructureSchema;
 export declare var TaggedDatabase$: StaticStructureSchema;
 export declare var TaggedTable$: StaticStructureSchema;
+export declare var TemporaryCredentials$: StaticStructureSchema;
 export declare var ThrottledException$: StaticErrorSchema;
 export declare var TransactionCanceledException$: StaticErrorSchema;
 export declare var TransactionCommitInProgressException$: StaticErrorSchema;
@@ -223,6 +227,7 @@ export declare var GetQueryState$: StaticOperationSchema;
 export declare var GetQueryStatistics$: StaticOperationSchema;
 export declare var GetResourceLFTags$: StaticOperationSchema;
 export declare var GetTableObjects$: StaticOperationSchema;
+export declare var GetTemporaryDataLocationCredentials$: StaticOperationSchema;
 export declare var GetTemporaryGluePartitionCredentials$: StaticOperationSchema;
 export declare var GetTemporaryGlueTableCredentials$: StaticOperationSchema;
 export declare var GetWorkUnitResults$: StaticOperationSchema;

package/dist-types/ts3.4/LakeFormation.d.ts

@@ -127,6 +127,10 @@ import {
   GetTableObjectsCommandInput,
   GetTableObjectsCommandOutput,
 } from "./commands/GetTableObjectsCommand";
+import {
+  GetTemporaryDataLocationCredentialsCommandInput,
+  GetTemporaryDataLocationCredentialsCommandOutput,
+} from "./commands/GetTemporaryDataLocationCredentialsCommand";
 import {
   GetTemporaryGluePartitionCredentialsCommandInput,
   GetTemporaryGluePartitionCredentialsCommandOutput,
@@ -682,6 +686,26 @@ export interface LakeFormation {
     options: __HttpHandlerOptions,
     cb: (err: any, data?: GetTableObjectsCommandOutput) => void
   ): void;
+  getTemporaryDataLocationCredentials(): Promise<GetTemporaryDataLocationCredentialsCommandOutput>;
+  getTemporaryDataLocationCredentials(
+    args: GetTemporaryDataLocationCredentialsCommandInput,
+    options?: __HttpHandlerOptions
+  ): Promise<GetTemporaryDataLocationCredentialsCommandOutput>;
+  getTemporaryDataLocationCredentials(
+    args: GetTemporaryDataLocationCredentialsCommandInput,
+    cb: (
+      err: any,
+      data?: GetTemporaryDataLocationCredentialsCommandOutput
+    ) => void
+  ): void;
+  getTemporaryDataLocationCredentials(
+    args: GetTemporaryDataLocationCredentialsCommandInput,
+    options: __HttpHandlerOptions,
+    cb: (
+      err: any,
+      data?: GetTemporaryDataLocationCredentialsCommandOutput
+    ) => void
+  ): void;
   getTemporaryGluePartitionCredentials(
     args: GetTemporaryGluePartitionCredentialsCommandInput,
     options?: __HttpHandlerOptions

package/dist-types/ts3.4/LakeFormationClient.d.ts

@@ -174,6 +174,10 @@ import {
   GetTableObjectsCommandInput,
   GetTableObjectsCommandOutput,
 } from "./commands/GetTableObjectsCommand";
+import {
+  GetTemporaryDataLocationCredentialsCommandInput,
+  GetTemporaryDataLocationCredentialsCommandOutput,
+} from "./commands/GetTemporaryDataLocationCredentialsCommand";
 import {
   GetTemporaryGluePartitionCredentialsCommandInput,
   GetTemporaryGluePartitionCredentialsCommandOutput,
@@ -326,6 +330,7 @@ export type ServiceInputTypes =
   | GetQueryStatisticsCommandInput
   | GetResourceLFTagsCommandInput
   | GetTableObjectsCommandInput
+  | GetTemporaryDataLocationCredentialsCommandInput
   | GetTemporaryGluePartitionCredentialsCommandInput
   | GetTemporaryGlueTableCredentialsCommandInput
   | GetWorkUnitResultsCommandInput
@@ -387,6 +392,7 @@ export type ServiceOutputTypes =
   | GetQueryStatisticsCommandOutput
   | GetResourceLFTagsCommandOutput
   | GetTableObjectsCommandOutput
+  | GetTemporaryDataLocationCredentialsCommandOutput
   | GetTemporaryGluePartitionCredentialsCommandOutput
   | GetTemporaryGlueTableCredentialsCommandOutput
   | GetWorkUnitResultsCommandOutput

package/dist-types/ts3.4/commands/GetTemporaryDataLocationCredentialsCommand.d.ts

@@ -0,0 +1,51 @@
+import { Command as $Command } from "@smithy/smithy-client";
+import { MetadataBearer as __MetadataBearer } from "@smithy/types";
+import {
+  LakeFormationClientResolvedConfig,
+  ServiceInputTypes,
+  ServiceOutputTypes,
+} from "../LakeFormationClient";
+import {
+  GetTemporaryDataLocationCredentialsRequest,
+  GetTemporaryDataLocationCredentialsResponse,
+} from "../models/models_0";
+export { __MetadataBearer };
+export { $Command };
+export interface GetTemporaryDataLocationCredentialsCommandInput
+  extends GetTemporaryDataLocationCredentialsRequest {}
+export interface GetTemporaryDataLocationCredentialsCommandOutput
+  extends GetTemporaryDataLocationCredentialsResponse,
+    __MetadataBearer {}
+declare const GetTemporaryDataLocationCredentialsCommand_base: {
+  new (
+    input: GetTemporaryDataLocationCredentialsCommandInput
+  ): import("@smithy/smithy-client").CommandImpl<
+    GetTemporaryDataLocationCredentialsCommandInput,
+    GetTemporaryDataLocationCredentialsCommandOutput,
+    LakeFormationClientResolvedConfig,
+    ServiceInputTypes,
+    ServiceOutputTypes
+  >;
+  new (
+    ...[input]: [] | [GetTemporaryDataLocationCredentialsCommandInput]
+  ): import("@smithy/smithy-client").CommandImpl<
+    GetTemporaryDataLocationCredentialsCommandInput,
+    GetTemporaryDataLocationCredentialsCommandOutput,
+    LakeFormationClientResolvedConfig,
+    ServiceInputTypes,
+    ServiceOutputTypes
+  >;
+  getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
+};
+export declare class GetTemporaryDataLocationCredentialsCommand extends GetTemporaryDataLocationCredentialsCommand_base {
+  protected static __types: {
+    api: {
+      input: GetTemporaryDataLocationCredentialsRequest;
+      output: GetTemporaryDataLocationCredentialsResponse;
+    };
+    sdk: {
+      input: GetTemporaryDataLocationCredentialsCommandInput;
+      output: GetTemporaryDataLocationCredentialsCommandOutput;
+    };
+  };
+}

package/dist-types/ts3.4/commands/index.d.ts

@@ -30,6 +30,7 @@ export * from "./GetQueryStateCommand";
 export * from "./GetQueryStatisticsCommand";
 export * from "./GetResourceLFTagsCommand";
 export * from "./GetTableObjectsCommand";
+export * from "./GetTemporaryDataLocationCredentialsCommand";
 export * from "./GetTemporaryGluePartitionCredentialsCommand";
 export * from "./GetTemporaryGlueTableCredentialsCommand";
 export * from "./GetWorkUnitResultsCommand";

package/dist-types/ts3.4/models/enums.d.ts

@@ -47,6 +47,13 @@ export declare const ServiceAuthorization: {
 };
 export type ServiceAuthorization =
   (typeof ServiceAuthorization)[keyof typeof ServiceAuthorization];
+export declare const VerificationStatus: {
+  readonly NOT_VERIFIED: "NOT_VERIFIED";
+  readonly VERIFICATION_FAILED: "VERIFICATION_FAILED";
+  readonly VERIFIED: "VERIFIED";
+};
+export type VerificationStatus =
+  (typeof VerificationStatus)[keyof typeof VerificationStatus];
 export declare const QueryStateString: {
   readonly ERROR: "ERROR";
   readonly EXPIRED: "EXPIRED";
@@ -56,6 +63,12 @@ export declare const QueryStateString: {
 };
 export type QueryStateString =
   (typeof QueryStateString)[keyof typeof QueryStateString];
+export declare const CredentialsScope: {
+  readonly READ: "READ";
+  readonly READWRITE: "READWRITE";
+};
+export type CredentialsScope =
+  (typeof CredentialsScope)[keyof typeof CredentialsScope];
 export declare const PermissionType: {
   readonly CELL_FILTER_PERMISSION: "CELL_FILTER_PERMISSION";
   readonly COLUMN_PERMISSION: "COLUMN_PERMISSION";

package/dist-types/ts3.4/models/errors.d.ts

@@ -136,6 +136,12 @@ export declare class GlueEncryptionException extends __BaseException {
     opts: __ExceptionOptionType<GlueEncryptionException, __BaseException>
   );
 }
+export declare class ConflictException extends __BaseException {
+  readonly name: "ConflictException";
+  readonly $fault: "client";
+  Message?: string | undefined;
+  constructor(opts: __ExceptionOptionType<ConflictException, __BaseException>);
+}
 export declare class PermissionTypeMismatchException extends __BaseException {
   readonly name: "PermissionTypeMismatchException";
   readonly $fault: "client";

package/dist-types/ts3.4/models/models_0.d.ts

@@ -2,6 +2,7 @@ import { StreamingBlobTypes } from "@smithy/types";
 import {
   ApplicationStatus,
   ComparisonOperator,
+  CredentialsScope,
   DataLakeResourceType,
   EnableStatus,
   FieldNameString,
@@ -15,6 +16,7 @@ import {
   TransactionStatus,
   TransactionStatusFilter,
   TransactionType,
+  VerificationStatus,
 } from "./enums";
 export interface LFTagPair {
   CatalogId?: string | undefined;
@@ -318,6 +320,8 @@ export interface ResourceInfo {
   WithFederation?: boolean | undefined;
   HybridAccessEnabled?: boolean | undefined;
   WithPrivilegedAccess?: boolean | undefined;
+  VerificationStatus?: VerificationStatus | undefined;
+  ExpectedResourceOwnerAccount?: string | undefined;
 }
 export interface DescribeResourceResponse {
   ResourceInfo?: ResourceInfo | undefined;
@@ -478,6 +482,23 @@ export interface GetTableObjectsResponse {
   Objects?: PartitionObjects[] | undefined;
   NextToken?: string | undefined;
 }
+export interface GetTemporaryDataLocationCredentialsRequest {
+  DurationSeconds?: number | undefined;
+  AuditContext?: AuditContext | undefined;
+  DataLocations?: string[] | undefined;
+  CredentialsScope?: CredentialsScope | undefined;
+}
+export interface TemporaryCredentials {
+  AccessKeyId?: string | undefined;
+  SecretAccessKey?: string | undefined;
+  SessionToken?: string | undefined;
+  Expiration?: Date | undefined;
+}
+export interface GetTemporaryDataLocationCredentialsResponse {
+  Credentials?: TemporaryCredentials | undefined;
+  AccessibleDataLocations?: string[] | undefined;
+  CredentialsScope?: CredentialsScope | undefined;
+}
 export interface PartitionValueList {
   Values: string[] | undefined;
 }
@@ -669,6 +690,7 @@ export interface RegisterResourceRequest {
   WithFederation?: boolean | undefined;
   HybridAccessEnabled?: boolean | undefined;
   WithPrivilegedAccess?: boolean | undefined;
+  ExpectedResourceOwnerAccount?: string | undefined;
 }
 export interface RegisterResourceResponse {}
 export interface RemoveLFTagsFromResourceRequest {
@@ -769,6 +791,7 @@ export interface UpdateResourceRequest {
   ResourceArn: string | undefined;
   WithFederation?: boolean | undefined;
   HybridAccessEnabled?: boolean | undefined;
+  ExpectedResourceOwnerAccount?: string | undefined;
 }
 export interface UpdateResourceResponse {}
 export interface DeleteObjectInput {