You are viewing documentation for version 2 of the AWS SDK for Ruby. Version 3 documentation can be found here.
Class: Aws::LakeFormation::Client OverviewAn API client for AWS Lake Formation. To construct a client, you need to configure a :region and :credentials.
lakeformation = Aws::LakeFormation::Client.new(
region: region_name,
credentials: credentials,
)
See #initialize for a full list of supported configuration options.
RegionYou can configure a default region in the following locations:
ENV['AWS_REGION']Aws.config[:region]Go here for a list of supported regions.
CredentialsDefault credentials are loaded automatically from the following locations:
ENV['AWS_ACCESS_KEY_ID'] and ENV['AWS_SECRET_ACCESS_KEY']Aws.config[:credentials]~/.aws/credentials (more information)You can also construct a credentials object from one of the following classes:
Alternatively, you configure credentials with :access_key_id and :secret_access_key:
creds = YAML.load(File.read('/path/to/secrets'))
Aws::LakeFormation::Client.new(
access_key_id: creds['access_key_id'],
secret_access_key: creds['secret_access_key']
)
Always load your credentials from outside your application. Avoid configuring credentials statically and never commit them to source control.
Attribute Summary collapseConstructs an API client.
Batch operation to grant permissions to the principal.
.
Batch operation to revoke permissions from the principal.
.
Deregisters the resource as managed by the Data Catalog.
When you deregister a path, Lake Formation removes the path from the inline policy attached to your service-linked role.
.
Retrieves the current data access role for the given resource registered in AWS Lake Formation.
.
Retrieves the list of the data lake administrators of a Lake Formation-managed data lake.
Returns the Lake Formation permissions for a specified table or database resource located at a path in Amazon S3.
Returns a list of the principal permissions on the resource, filtered by the permissions of the caller.
Lists the resources registered to be managed by the Data Catalog.
.
Sets the list of data lake administrators who have admin privileges on all resources managed by Lake Formation.
Registers the resource as managed by the Data Catalog.
To add or update data, Lake Formation needs read/write access to the chosen Amazon S3 path.
Revokes permissions to the principal to access metadata in the Data Catalog and data organized in underlying data storage such as Amazon S3.
.
Updates the data access role used for vending access to the given (registered) resource in AWS Lake Formation.
Waiters polls an API operation until a resource enters a desired state.
Returns the list of supported waiters.
add_plugin, api, #build_request, clear_plugins, define, new, #operation, #operation_names, plugins, remove_plugin, set_api, set_plugins
Methods included from Seahorse::Client::HandlerBuilder#handle, #handle_request, #handle_response
Instance Method Details #deregister_resource(options = {}) ⇒ StructDeregisters the resource as managed by the Data Catalog.
When you deregister a path, Lake Formation removes the path from the inline policy attached to your service-linked role.
#describe_resource(options = {}) ⇒ Types::DescribeResourceResponseRetrieves the current data access role for the given resource registered in AWS Lake Formation.
#get_effective_permissions_for_path(options = {}) ⇒ Types::GetEffectivePermissionsForPathResponseReturns the Lake Formation permissions for a specified table or database resource located at a path in Amazon S3. GetEffectivePermissionsForPath will not return databases and tables if the catalog is encrypted.
Returns a list of the principal permissions on the resource, filtered by the permissions of the caller. For example, if you are granted an ALTER permission, you are able to see only the principal permissions for ALTER.
This operation returns only those permissions that have been explicitly granted.
For information about permissions, see Security and Access Control to Metadata and Data.
#put_data_lake_settings(options = {}) ⇒ StructSets the list of data lake administrators who have admin privileges on all resources managed by Lake Formation. For more information on admin privileges, see Granting Lake Formation Permissions.
This API replaces the current list of data lake admins with the new list being passed. To add an admin, fetch the current list and add the new admin to that list and pass that list in this API.
#register_resource(options = {}) ⇒ StructRegisters the resource as managed by the Data Catalog.
To add or update data, Lake Formation needs read/write access to the chosen Amazon S3 path. Choose a role that you know has permission to do this, or choose the AWSServiceRoleForLakeFormationDataAccess service-linked role. When you register the first Amazon S3 path, the service-linked role and a new inline policy are created on your behalf. Lake Formation adds the first path to the inline policy and attaches it to the service-linked role. When you register subsequent paths, Lake Formation adds the path to the existing policy.
The following request registers a new location and gives AWS Lake Formation permission to use the service-linked role to access that location.
ResourceArn = arn:aws:s3:::my-bucket UseServiceLinkedRole = true
If UseServiceLinkedRole is not set to true, you must provide or set the RoleArn:
arn:aws:iam::12345:role/my-data-access-role
Revokes permissions to the principal to access metadata in the Data Catalog and data organized in underlying data storage such as Amazon S3.
#update_resource(options = {}) ⇒ StructUpdates the data access role used for vending access to the given (registered) resource in AWS Lake Formation.
#wait_until(waiter_name, params = {}) {|waiter| ... } ⇒ BooleanWaiters polls an API operation until a resource enters a desired state.
Basic UsageWaiters will poll until they are succesful, they fail by entering a terminal state, or until a maximum number of attempts are made.
# polls in a loop, sleeping between attempts client.waiter_until(waiter_name, params)
ConfigurationYou can configure the maximum number of polling attempts, and the delay (in seconds) between each polling attempt. You configure waiters by passing a block to #wait_until:
# poll for ~25 seconds
client.wait_until(...) do |w|
w.max_attempts = 5
w.delay = 5
end
You can be notified before each polling attempt and before each delay. If you throw :success or :failure from these callbacks, it will terminate the waiter.
started_at = Time.now
client.wait_until(...) do |w|
# disable max attempts
w.max_attempts = nil
# poll for 1 hour, instead of a number of attempts
w.before_wait do |attempts, response|
throw :failure if Time.now - started_at > 3600
end
end
When a waiter is successful, it returns true. When a waiter fails, it raises an error. All errors raised extend from Waiters::Errors::WaiterFailed.
begin
client.wait_until(...)
rescue Aws::Waiters::Errors::WaiterFailed
# resource did not enter the desired state in time
end
Returns the list of supported waiters. The following table lists the supported waiters and the client method they call:
Waiter Name Client Method Default Delay: Default Max Attempts:RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4