From af6b52c6eb2e03187a4765d2ef731db258980472 Mon Sep 17 00:00:00 2001 From: awstools Date: Tue, 28 Jun 2022 18:19:49 +0000 Subject: [PATCH] feat(client-finspace-data): Release new API GetExternalDataViewAccessDetails --- .../client-finspace-data/src/FinspaceData.ts | 45 +++++ .../src/FinspaceDataClient.ts | 6 + ...GetExternalDataViewAccessDetailsCommand.ts | 112 +++++++++++ .../src/commands/index.ts | 1 + .../src/models/models_0.ts | 118 ++++++++++- .../src/protocols/Aws_restJson1.ts | 121 ++++++++++++ .../sdk-codegen/aws-models/finspace-data.json | 187 +++++++++++++++++- 7 files changed, 584 insertions(+), 6 deletions(-) create mode 100644 clients/client-finspace-data/src/commands/GetExternalDataViewAccessDetailsCommand.ts diff --git a/clients/client-finspace-data/src/FinspaceData.ts b/clients/client-finspace-data/src/FinspaceData.ts index daa2591a8bf3..526f6e4e3f3a 100644 --- a/clients/client-finspace-data/src/FinspaceData.ts +++ b/clients/client-finspace-data/src/FinspaceData.ts @@ -51,6 +51,11 @@ import { } from "./commands/GetChangesetCommand"; import { GetDatasetCommand, GetDatasetCommandInput, GetDatasetCommandOutput } from "./commands/GetDatasetCommand"; import { GetDataViewCommand, GetDataViewCommandInput, GetDataViewCommandOutput } from "./commands/GetDataViewCommand"; +import { + GetExternalDataViewAccessDetailsCommand, + GetExternalDataViewAccessDetailsCommandInput, + GetExternalDataViewAccessDetailsCommandOutput, +} from "./commands/GetExternalDataViewAccessDetailsCommand"; import { GetPermissionGroupCommand, GetPermissionGroupCommandInput, @@ -540,6 +545,46 @@ export class FinspaceData extends FinspaceDataClient { } } + /** + *

Returns the credentials to access the external Dataview from an S3 location. To call this API:

+ * + */ + public getExternalDataViewAccessDetails( + args: GetExternalDataViewAccessDetailsCommandInput, + options?: __HttpHandlerOptions + ): Promise; + public getExternalDataViewAccessDetails( + args: GetExternalDataViewAccessDetailsCommandInput, + cb: (err: any, data?: GetExternalDataViewAccessDetailsCommandOutput) => void + ): void; + public getExternalDataViewAccessDetails( + args: GetExternalDataViewAccessDetailsCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: GetExternalDataViewAccessDetailsCommandOutput) => void + ): void; + public getExternalDataViewAccessDetails( + args: GetExternalDataViewAccessDetailsCommandInput, + optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: GetExternalDataViewAccessDetailsCommandOutput) => void), + cb?: (err: any, data?: GetExternalDataViewAccessDetailsCommandOutput) => void + ): Promise | void { + const command = new GetExternalDataViewAccessDetailsCommand(args); + if (typeof optionsOrCb === "function") { + this.send(command, optionsOrCb); + } else if (typeof cb === "function") { + if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`); + this.send(command, optionsOrCb || {}, cb); + } else { + return this.send(command, optionsOrCb); + } + } + /** *

Retrieves the details of a specific permission group.

*/ diff --git a/clients/client-finspace-data/src/FinspaceDataClient.ts b/clients/client-finspace-data/src/FinspaceDataClient.ts index d2e107bc8a3c..a3d4b46a8dc6 100644 --- a/clients/client-finspace-data/src/FinspaceDataClient.ts +++ b/clients/client-finspace-data/src/FinspaceDataClient.ts @@ -79,6 +79,10 @@ import { EnableUserCommandInput, EnableUserCommandOutput } from "./commands/Enab import { GetChangesetCommandInput, GetChangesetCommandOutput } from "./commands/GetChangesetCommand"; import { GetDatasetCommandInput, GetDatasetCommandOutput } from "./commands/GetDatasetCommand"; import { GetDataViewCommandInput, GetDataViewCommandOutput } from "./commands/GetDataViewCommand"; +import { + GetExternalDataViewAccessDetailsCommandInput, + GetExternalDataViewAccessDetailsCommandOutput, +} from "./commands/GetExternalDataViewAccessDetailsCommand"; import { GetPermissionGroupCommandInput, GetPermissionGroupCommandOutput } from "./commands/GetPermissionGroupCommand"; import { GetProgrammaticAccessCredentialsCommandInput, @@ -127,6 +131,7 @@ export type ServiceInputTypes = | GetChangesetCommandInput | GetDataViewCommandInput | GetDatasetCommandInput + | GetExternalDataViewAccessDetailsCommandInput | GetPermissionGroupCommandInput | GetProgrammaticAccessCredentialsCommandInput | GetUserCommandInput @@ -159,6 +164,7 @@ export type ServiceOutputTypes = | GetChangesetCommandOutput | GetDataViewCommandOutput | GetDatasetCommandOutput + | GetExternalDataViewAccessDetailsCommandOutput | GetPermissionGroupCommandOutput | GetProgrammaticAccessCredentialsCommandOutput | GetUserCommandOutput diff --git a/clients/client-finspace-data/src/commands/GetExternalDataViewAccessDetailsCommand.ts b/clients/client-finspace-data/src/commands/GetExternalDataViewAccessDetailsCommand.ts new file mode 100644 index 000000000000..33b8d0ddcc86 --- /dev/null +++ b/clients/client-finspace-data/src/commands/GetExternalDataViewAccessDetailsCommand.ts @@ -0,0 +1,112 @@ +// smithy-typescript generated code +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { FinspaceDataClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../FinspaceDataClient"; +import { GetExternalDataViewAccessDetailsRequest, GetExternalDataViewAccessDetailsResponse } from "../models/models_0"; +import { + deserializeAws_restJson1GetExternalDataViewAccessDetailsCommand, + serializeAws_restJson1GetExternalDataViewAccessDetailsCommand, +} from "../protocols/Aws_restJson1"; + +export interface GetExternalDataViewAccessDetailsCommandInput extends GetExternalDataViewAccessDetailsRequest {} +export interface GetExternalDataViewAccessDetailsCommandOutput + extends GetExternalDataViewAccessDetailsResponse, + __MetadataBearer {} + +/** + *

Returns the credentials to access the external Dataview from an S3 location. To call this API:

+ *
    + *
  • + *

    You must retrieve the programmatic credentials.

    + *
    • + *
  • + *

    You must be a member of a FinSpace user group, where the dataset that you want to access has Read Dataset Data permissions.

    + *
    • + *
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { FinspaceDataClient, GetExternalDataViewAccessDetailsCommand } from "@aws-sdk/client-finspace-data"; // ES Modules import + * // const { FinspaceDataClient, GetExternalDataViewAccessDetailsCommand } = require("@aws-sdk/client-finspace-data"); // CommonJS import + * const client = new FinspaceDataClient(config); + * const command = new GetExternalDataViewAccessDetailsCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link GetExternalDataViewAccessDetailsCommandInput} for command's `input` shape. + * @see {@link GetExternalDataViewAccessDetailsCommandOutput} for command's `response` shape. + * @see {@link FinspaceDataClientResolvedConfig | config} for FinspaceDataClient's `config` shape. + * + */ +export class GetExternalDataViewAccessDetailsCommand extends $Command< + GetExternalDataViewAccessDetailsCommandInput, + GetExternalDataViewAccessDetailsCommandOutput, + FinspaceDataClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: GetExternalDataViewAccessDetailsCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStack, + configuration: FinspaceDataClientResolvedConfig, + options?: __HttpHandlerOptions + ): Handler { + this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); + + const stack = clientStack.concat(this.middlewareStack); + + const { logger } = configuration; + const clientName = "FinspaceDataClient"; + const commandName = "GetExternalDataViewAccessDetailsCommand"; + const handlerExecutionContext: HandlerExecutionContext = { + logger, + clientName, + commandName, + inputFilterSensitiveLog: GetExternalDataViewAccessDetailsRequest.filterSensitiveLog, + outputFilterSensitiveLog: GetExternalDataViewAccessDetailsResponse.filterSensitiveLog, + }; + const { requestHandler } = configuration; + return stack.resolve( + (request: FinalizeHandlerArguments) => + requestHandler.handle(request.request as __HttpRequest, options || {}), + handlerExecutionContext + ); + } + + private serialize( + input: GetExternalDataViewAccessDetailsCommandInput, + context: __SerdeContext + ): Promise<__HttpRequest> { + return serializeAws_restJson1GetExternalDataViewAccessDetailsCommand(input, context); + } + + private deserialize( + output: __HttpResponse, + context: __SerdeContext + ): Promise { + return deserializeAws_restJson1GetExternalDataViewAccessDetailsCommand(output, context); + } + + // Start section: command_body_extra + // End section: command_body_extra +} diff --git a/clients/client-finspace-data/src/commands/index.ts b/clients/client-finspace-data/src/commands/index.ts index ed274def3f20..654f26d804e9 100644 --- a/clients/client-finspace-data/src/commands/index.ts +++ b/clients/client-finspace-data/src/commands/index.ts @@ -13,6 +13,7 @@ export * from "./EnableUserCommand"; export * from "./GetChangesetCommand"; export * from "./GetDataViewCommand"; export * from "./GetDatasetCommand"; +export * from "./GetExternalDataViewAccessDetailsCommand"; export * from "./GetPermissionGroupCommand"; export * from "./GetProgrammaticAccessCredentialsCommand"; export * from "./GetUserCommand"; diff --git a/clients/client-finspace-data/src/models/models_0.ts b/clients/client-finspace-data/src/models/models_0.ts index 3d7cce31ec53..0d0a4ab825c6 100644 --- a/clients/client-finspace-data/src/models/models_0.ts +++ b/clients/client-finspace-data/src/models/models_0.ts @@ -181,6 +181,42 @@ export class ValidationException extends __BaseException { } } +/** + *

The credentials required to access the external Dataview from the S3 location.

+ */ +export interface AwsCredentials { + /** + *

The unique identifier for the security credentials.

+ */ + accessKeyId?: string; + + /** + *

The secret access key that can be used to sign requests.

+ */ + secretAccessKey?: string; + + /** + *

The token that users must pass to use the credentials.

+ */ + sessionToken?: string; + + /** + *

The Epoch time when the current credentials expire.

+ */ + expiration?: number; +} + +export namespace AwsCredentials { + /** + * @internal + */ + export const filterSensitiveLog = (obj: AwsCredentials): any => ({ + ...obj, + ...(obj.secretAccessKey && { secretAccessKey: SENSITIVE_STRING }), + ...(obj.sessionToken && { sessionToken: SENSITIVE_STRING }), + }); +} + export enum ChangeType { APPEND = "APPEND", MODIFY = "MODIFY", @@ -820,6 +856,9 @@ export interface CreatePermissionGroupRequest { /** *

The option to indicate FinSpace application permissions that are granted to a specific group.

+ * + *

When assigning application permissions, be aware that the permission ManageUsersAndGroups allows users to grant themselves or others access to any functionality in their FinSpace environment's application. It should only be granted to trusted users.

+ * *
    *
  • *

    @@ -831,7 +870,7 @@ export interface CreatePermissionGroupRequest { *

    • *
  • *

    - * ManageUsersAndGroups – Group members can manage users and permission groups.

    + * ManageUsersAndGroups – Group members can manage users and permission groups. This is a privileged permission that allows users to grant themselves or others access to any functionality in the application. It should only be granted to trusted users.

    *
    • *
  • *

    @@ -1695,6 +1734,73 @@ export namespace GetDataViewResponse { }); } +export interface GetExternalDataViewAccessDetailsRequest { + /** + *

    The unique identifier for the Dataview that you want to access.

    + */ + dataViewId: string | undefined; + + /** + *

    The unique identifier for the Dataset.

    + */ + datasetId: string | undefined; +} + +export namespace GetExternalDataViewAccessDetailsRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: GetExternalDataViewAccessDetailsRequest): any => ({ + ...obj, + }); +} + +/** + *

    The location of an external Dataview in an S3 bucket.

    + */ +export interface S3Location { + /** + *

    The name of the S3 bucket.

    + */ + bucket: string | undefined; + + /** + *

    The path of the folder, within the S3 bucket that contains the Dataset.

    + */ + key: string | undefined; +} + +export namespace S3Location { + /** + * @internal + */ + export const filterSensitiveLog = (obj: S3Location): any => ({ + ...obj, + }); +} + +export interface GetExternalDataViewAccessDetailsResponse { + /** + *

    The credentials required to access the external Dataview from the S3 location.

    + */ + credentials?: AwsCredentials; + + /** + *

    The location where the external Dataview is stored.

    + */ + s3Location?: S3Location; +} + +export namespace GetExternalDataViewAccessDetailsResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: GetExternalDataViewAccessDetailsResponse): any => ({ + ...obj, + ...(obj.credentials && { credentials: AwsCredentials.filterSensitiveLog(obj.credentials) }), + }); +} + export interface GetPermissionGroupRequest { /** *

    The unique identifier for the permission group.

    @@ -1738,6 +1844,9 @@ export interface PermissionGroup { /** *

    Indicates the permissions that are granted to a specific group for accessing the FinSpace application.

    + * + *

    When assigning application permissions, be aware that the permission ManageUsersAndGroups allows users to grant themselves or others access to any functionality in their FinSpace environment's application. It should only be granted to trusted users.

    + *     *
      *
    • *

      @@ -1749,7 +1858,7 @@ export interface PermissionGroup { *

      • *
    • *

      - * ManageUsersAndGroups – Group members can manage users and permission groups.

      + * ManageUsersAndGroups – Group members can manage users and permission groups. This is a privileged permission that allows users to grant themselves or others access to any functionality in the application. It should only be granted to trusted users.

      *
      • *
    • *

      @@ -3275,6 +3384,9 @@ export interface UpdatePermissionGroupRequest { /** *

      The permissions that are granted to a specific group for accessing the FinSpace application.

      + * + *

      When assigning application permissions, be aware that the permission ManageUsersAndGroups allows users to grant themselves or others access to any functionality in their FinSpace environment's application. It should only be granted to trusted users.

      + *       *
        *
      • *

        @@ -3286,7 +3398,7 @@ export interface UpdatePermissionGroupRequest { *

        • *
      • *

        - * ManageUsersAndGroups – Group members can manage users and permission groups.

        + * ManageUsersAndGroups – Group members can manage users and permission groups. This is a privileged permission that allows users to grant themselves or others access to any functionality in the application. It should only be granted to trusted users.

        *
        • *
      • *

        diff --git a/clients/client-finspace-data/src/protocols/Aws_restJson1.ts b/clients/client-finspace-data/src/protocols/Aws_restJson1.ts index 51b8a6b06955..4fb3d413bd5a 100644 --- a/clients/client-finspace-data/src/protocols/Aws_restJson1.ts +++ b/clients/client-finspace-data/src/protocols/Aws_restJson1.ts @@ -42,6 +42,10 @@ import { EnableUserCommandInput, EnableUserCommandOutput } from "../commands/Ena import { GetChangesetCommandInput, GetChangesetCommandOutput } from "../commands/GetChangesetCommand"; import { GetDatasetCommandInput, GetDatasetCommandOutput } from "../commands/GetDatasetCommand"; import { GetDataViewCommandInput, GetDataViewCommandOutput } from "../commands/GetDataViewCommand"; +import { + GetExternalDataViewAccessDetailsCommandInput, + GetExternalDataViewAccessDetailsCommandOutput, +} from "../commands/GetExternalDataViewAccessDetailsCommand"; import { GetPermissionGroupCommandInput, GetPermissionGroupCommandOutput } from "../commands/GetPermissionGroupCommand"; import { GetProgrammaticAccessCredentialsCommandInput, @@ -77,6 +81,7 @@ import { FinspaceDataServiceException as __BaseException } from "../models/Finsp import { AccessDeniedException, ApplicationPermission, + AwsCredentials, ChangesetErrorInfo, ChangesetSummary, ColumnDefinition, @@ -94,6 +99,7 @@ import { PermissionGroupParams, ResourceNotFoundException, ResourcePermission, + S3Location, SchemaDefinition, SchemaUnion, ThrottlingException, @@ -614,6 +620,45 @@ export const serializeAws_restJson1GetDataViewCommand = async ( }); }; +export const serializeAws_restJson1GetExternalDataViewAccessDetailsCommand = async ( + input: GetExternalDataViewAccessDetailsCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const { hostname, protocol = "https", port, path: basePath } = await context.endpoint(); + const headers: any = {}; + let resolvedPath = + `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + + "/datasets/{datasetId}/dataviewsv2/{dataViewId}/external-access-details"; + if (input.dataViewId !== undefined) { + const labelValue: string = input.dataViewId; + if (labelValue.length <= 0) { + throw new Error("Empty value provided for input HTTP label: dataViewId."); + } + resolvedPath = resolvedPath.replace("{dataViewId}", __extendedEncodeURIComponent(labelValue)); + } else { + throw new Error("No value provided for input HTTP label: dataViewId."); + } + if (input.datasetId !== undefined) { + const labelValue: string = input.datasetId; + if (labelValue.length <= 0) { + throw new Error("Empty value provided for input HTTP label: datasetId."); + } + resolvedPath = resolvedPath.replace("{datasetId}", __extendedEncodeURIComponent(labelValue)); + } else { + throw new Error("No value provided for input HTTP label: datasetId."); + } + let body: any; + return new __HttpRequest({ + protocol, + hostname, + port, + method: "POST", + headers, + path: resolvedPath, + body, + }); +}; + export const serializeAws_restJson1GetPermissionGroupCommand = async ( input: GetPermissionGroupCommandInput, context: __SerdeContext @@ -2108,6 +2153,66 @@ const deserializeAws_restJson1GetDataViewCommandError = async ( } }; +export const deserializeAws_restJson1GetExternalDataViewAccessDetailsCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return deserializeAws_restJson1GetExternalDataViewAccessDetailsCommandError(output, context); + } + const contents: GetExternalDataViewAccessDetailsCommandOutput = { + $metadata: deserializeMetadata(output), + credentials: undefined, + s3Location: undefined, + }; + const data: Record = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + if (data.credentials !== undefined && data.credentials !== null) { + contents.credentials = deserializeAws_restJson1AwsCredentials(data.credentials, context); + } + if (data.s3Location !== undefined && data.s3Location !== null) { + contents.s3Location = deserializeAws_restJson1S3Location(data.s3Location, context); + } + return Promise.resolve(contents); +}; + +const deserializeAws_restJson1GetExternalDataViewAccessDetailsCommandError = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + const parsedOutput: any = { + ...output, + body: await parseBody(output.body, context), + }; + let response: __BaseException; + let errorCode = "UnknownError"; + errorCode = loadRestJsonErrorCode(output, parsedOutput.body); + switch (errorCode) { + case "AccessDeniedException": + case "com.amazonaws.finspacedata#AccessDeniedException": + throw await deserializeAws_restJson1AccessDeniedExceptionResponse(parsedOutput, context); + case "InternalServerException": + case "com.amazonaws.finspacedata#InternalServerException": + throw await deserializeAws_restJson1InternalServerExceptionResponse(parsedOutput, context); + case "ResourceNotFoundException": + case "com.amazonaws.finspacedata#ResourceNotFoundException": + throw await deserializeAws_restJson1ResourceNotFoundExceptionResponse(parsedOutput, context); + case "ThrottlingException": + case "com.amazonaws.finspacedata#ThrottlingException": + throw await deserializeAws_restJson1ThrottlingExceptionResponse(parsedOutput, context); + case "ValidationException": + case "com.amazonaws.finspacedata#ValidationException": + throw await deserializeAws_restJson1ValidationExceptionResponse(parsedOutput, context); + default: + const parsedBody = parsedOutput.body; + response = new __BaseException({ + name: parsedBody.code || parsedBody.Code || errorCode, + $fault: "client", + $metadata: deserializeMetadata(output), + }); + throw __decorateServiceException(response, parsedBody); + } +}; + export const deserializeAws_restJson1GetPermissionGroupCommand = async ( output: __HttpResponse, context: __SerdeContext @@ -3422,6 +3527,15 @@ const deserializeAws_restJson1ApplicationPermissionList = ( return retVal; }; +const deserializeAws_restJson1AwsCredentials = (output: any, context: __SerdeContext): AwsCredentials => { + return { + accessKeyId: __expectString(output.accessKeyId), + expiration: __expectLong(output.expiration), + secretAccessKey: __expectString(output.secretAccessKey), + sessionToken: __expectString(output.sessionToken), + } as any; +}; + const deserializeAws_restJson1ChangesetErrorInfo = (output: any, context: __SerdeContext): ChangesetErrorInfo => { return { errorCategory: __expectString(output.errorCategory), @@ -3700,6 +3814,13 @@ const deserializeAws_restJson1S3DestinationFormatOptions = ( }, {}); }; +const deserializeAws_restJson1S3Location = (output: any, context: __SerdeContext): S3Location => { + return { + bucket: __expectString(output.bucket), + key: __expectString(output.key), + } as any; +}; + const deserializeAws_restJson1SchemaDefinition = (output: any, context: __SerdeContext): SchemaDefinition => { return { columns: diff --git a/codegen/sdk-codegen/aws-models/finspace-data.json b/codegen/sdk-codegen/aws-models/finspace-data.json index 85613052e5b8..6cc5f64ccd06 100644 --- a/codegen/sdk-codegen/aws-models/finspace-data.json +++ b/codegen/sdk-codegen/aws-models/finspace-data.json @@ -90,6 +90,9 @@ { "target": "com.amazonaws.finspacedata#GetDataView" }, + { + "target": "com.amazonaws.finspacedata#GetExternalDataViewAccessDetails" + }, { "target": "com.amazonaws.finspacedata#GetPermissionGroup" }, @@ -153,6 +156,16 @@ "smithy.api#httpError": 403 } }, + "com.amazonaws.finspacedata#AccessKeyId": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 255 + }, + "smithy.api#pattern": "^[\\s\\S]*\\S[\\s\\S]*$" + } + }, "com.amazonaws.finspacedata#AliasString": { "type": "string", "traits": { @@ -296,6 +309,38 @@ } } }, + "com.amazonaws.finspacedata#AwsCredentials": { + "type": "structure", + "members": { + "accessKeyId": { + "target": "com.amazonaws.finspacedata#AccessKeyId", + "traits": { + "smithy.api#documentation": "

        The unique identifier for the security credentials.

        " + } + }, + "secretAccessKey": { + "target": "com.amazonaws.finspacedata#SecretAccessKey", + "traits": { + "smithy.api#documentation": "

        The secret access key that can be used to sign requests.

        " + } + }, + "sessionToken": { + "target": "com.amazonaws.finspacedata#SessionToken", + "traits": { + "smithy.api#documentation": "

        The token that users must pass to use the credentials.

        " + } + }, + "expiration": { + "target": "com.amazonaws.finspacedata#TimestampEpoch", + "traits": { + "smithy.api#documentation": "

        The Epoch time when the current credentials expire.

        " + } + } + }, + "traits": { + "smithy.api#documentation": "

        The credentials required to access the external Dataview from the S3 location.

        " + } + }, "com.amazonaws.finspacedata#Boolean": { "type": "boolean", "traits": { @@ -990,7 +1035,7 @@ "applicationPermissions": { "target": "com.amazonaws.finspacedata#ApplicationPermissionList", "traits": { - "smithy.api#documentation": "

        The option to indicate FinSpace application permissions that are granted to a specific group.

        \n
          \n
        • \n

          \n CreateDataset – Group members can create new datasets.

          \n
          • \n
        • \n

          \n ManageClusters – Group members can manage Apache Spark clusters from FinSpace notebooks.

          \n
          • \n
        • \n

          \n ManageUsersAndGroups – Group members can manage users and permission groups.

          \n
          • \n
        • \n

          \n ManageAttributeSets – Group members can manage attribute sets.

          \n
          • \n
        • \n

          \n ViewAuditData – Group members can view audit data.

          \n
          • \n
        • \n

          \n AccessNotebooks – Group members will have access to FinSpace notebooks.

          \n
          • \n
        • \n

          \n GetTemporaryCredentials – Group members can get temporary API credentials.

          \n
          • \n
        ", + "smithy.api#documentation": "

        The option to indicate FinSpace application permissions that are granted to a specific group.

        \n \n

        When assigning application permissions, be aware that the permission ManageUsersAndGroups allows users to grant themselves or others access to any functionality in their FinSpace environment's application. It should only be granted to trusted users.

        \n         \n
          \n
        • \n

          \n CreateDataset – Group members can create new datasets.

          \n
          • \n
        • \n

          \n ManageClusters – Group members can manage Apache Spark clusters from FinSpace notebooks.

          \n
          • \n
        • \n

          \n ManageUsersAndGroups – Group members can manage users and permission groups. This is a privileged permission that allows users to grant themselves or others access to any functionality in the application. It should only be granted to trusted users.

          \n
          • \n
        • \n

          \n ManageAttributeSets – Group members can manage attribute sets.

          \n
          • \n
        • \n

          \n ViewAuditData – Group members can view audit data.

          \n
          • \n
        • \n

          \n AccessNotebooks – Group members will have access to FinSpace notebooks.

          \n
          • \n
        • \n

          \n GetTemporaryCredentials – Group members can get temporary API credentials.

          \n
          • \n
        ", "smithy.api#required": {} } }, @@ -2397,6 +2442,78 @@ "smithy.api#documentation": "Response for the GetDataset operation" } }, + "com.amazonaws.finspacedata#GetExternalDataViewAccessDetails": { + "type": "operation", + "input": { + "target": "com.amazonaws.finspacedata#GetExternalDataViewAccessDetailsRequest" + }, + "output": { + "target": "com.amazonaws.finspacedata#GetExternalDataViewAccessDetailsResponse" + }, + "errors": [ + { + "target": "com.amazonaws.finspacedata#AccessDeniedException" + }, + { + "target": "com.amazonaws.finspacedata#InternalServerException" + }, + { + "target": "com.amazonaws.finspacedata#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.finspacedata#ThrottlingException" + }, + { + "target": "com.amazonaws.finspacedata#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

        Returns the credentials to access the external Dataview from an S3 location. To call this API:

        \n
          \n
        • \n

          You must retrieve the programmatic credentials.

          \n
          • \n
        • \n

          You must be a member of a FinSpace user group, where the dataset that you want to access has Read Dataset Data permissions.

          \n
          • \n
        ", + "smithy.api#http": { + "method": "POST", + "uri": "/datasets/{datasetId}/dataviewsv2/{dataViewId}/external-access-details", + "code": 200 + } + } + }, + "com.amazonaws.finspacedata#GetExternalDataViewAccessDetailsRequest": { + "type": "structure", + "members": { + "dataViewId": { + "target": "com.amazonaws.finspacedata#DataViewId", + "traits": { + "smithy.api#documentation": "

        The unique identifier for the Dataview that you want to access.

        ", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "datasetId": { + "target": "com.amazonaws.finspacedata#DatasetId", + "traits": { + "smithy.api#documentation": "

        The unique identifier for the Dataset.

        ", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.finspacedata#GetExternalDataViewAccessDetailsResponse": { + "type": "structure", + "members": { + "credentials": { + "target": "com.amazonaws.finspacedata#AwsCredentials", + "traits": { + "smithy.api#documentation": "

        The credentials required to access the external Dataview from the S3 location.

        " + } + }, + "s3Location": { + "target": "com.amazonaws.finspacedata#S3Location", + "traits": { + "smithy.api#documentation": "

        The location where the external Dataview is stored.

        " + } + } + } + }, "com.amazonaws.finspacedata#GetPermissionGroup": { "type": "operation", "input": { @@ -3424,7 +3541,7 @@ "applicationPermissions": { "target": "com.amazonaws.finspacedata#ApplicationPermissionList", "traits": { - "smithy.api#documentation": "

        Indicates the permissions that are granted to a specific group for accessing the FinSpace application.

        \n
          \n
        • \n

          \n CreateDataset – Group members can create new datasets.

          \n
          • \n
        • \n

          \n ManageClusters – Group members can manage Apache Spark clusters from FinSpace notebooks.

          \n
          • \n
        • \n

          \n ManageUsersAndGroups – Group members can manage users and permission groups.

          \n
          • \n
        • \n

          \n ManageAttributeSets – Group members can manage attribute sets.

          \n
          • \n
        • \n

          \n ViewAuditData – Group members can view audit data.

          \n
          • \n
        • \n

          \n AccessNotebooks – Group members will have access to FinSpace notebooks.

          \n
          • \n
        • \n

          \n GetTemporaryCredentials – Group members can get temporary API credentials.

          \n
          • \n
        " + "smithy.api#documentation": "

        Indicates the permissions that are granted to a specific group for accessing the FinSpace application.

        \n \n

        When assigning application permissions, be aware that the permission ManageUsersAndGroups allows users to grant themselves or others access to any functionality in their FinSpace environment's application. It should only be granted to trusted users.

        \n         \n
          \n
        • \n

          \n CreateDataset – Group members can create new datasets.

          \n
          • \n
        • \n

          \n ManageClusters – Group members can manage Apache Spark clusters from FinSpace notebooks.

          \n
          • \n
        • \n

          \n ManageUsersAndGroups – Group members can manage users and permission groups. This is a privileged permission that allows users to grant themselves or others access to any functionality in the application. It should only be granted to trusted users.

          \n
          • \n
        • \n

          \n ManageAttributeSets – Group members can manage attribute sets.

          \n
          • \n
        • \n

          \n ViewAuditData – Group members can view audit data.

          \n
          • \n
        • \n

          \n AccessNotebooks – Group members will have access to FinSpace notebooks.

          \n
          • \n
        • \n

          \n GetTemporaryCredentials – Group members can get temporary API credentials.

          \n
          • \n
        " } }, "createTime": { @@ -3702,6 +3819,16 @@ "smithy.api#pattern": "^arn:aws[a-z\\-]*:iam::\\d{12}:role/?[a-zA-Z_0-9+=,.@\\-_/]+$" } }, + "com.amazonaws.finspacedata#S3BucketName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 63 + }, + "smithy.api#pattern": "^.*\\S.*$" + } + }, "com.amazonaws.finspacedata#S3DestinationFormatOptions": { "type": "map", "key": { @@ -3711,6 +3838,38 @@ "target": "com.amazonaws.finspacedata#StringMapValue" } }, + "com.amazonaws.finspacedata#S3Key": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1024 + }, + "smithy.api#pattern": "^.*\\S.*$" + } + }, + "com.amazonaws.finspacedata#S3Location": { + "type": "structure", + "members": { + "bucket": { + "target": "com.amazonaws.finspacedata#S3BucketName", + "traits": { + "smithy.api#documentation": "

        The name of the S3 bucket.

        ", + "smithy.api#required": {} + } + }, + "key": { + "target": "com.amazonaws.finspacedata#S3Key", + "traits": { + "smithy.api#documentation": "

        The path of the folder, within the S3 bucket that contains the Dataset.

        ", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "

        The location of an external Dataview in an S3 bucket.

        " + } + }, "com.amazonaws.finspacedata#SchemaDefinition": { "type": "structure", "members": { @@ -3745,6 +3904,17 @@ "smithy.api#documentation": "

        A union of schema types.

        " } }, + "com.amazonaws.finspacedata#SecretAccessKey": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1000 + }, + "smithy.api#pattern": "^[\\s\\S]*\\S[\\s\\S]*$", + "smithy.api#sensitive": {} + } + }, "com.amazonaws.finspacedata#SessionDuration": { "type": "long", "traits": { @@ -3754,6 +3924,17 @@ } } }, + "com.amazonaws.finspacedata#SessionToken": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1000 + }, + "smithy.api#pattern": "^[\\s\\S]*\\S[\\s\\S]*$", + "smithy.api#sensitive": {} + } + }, "com.amazonaws.finspacedata#SortColumnList": { "type": "list", "member": { @@ -4115,7 +4296,7 @@ "applicationPermissions": { "target": "com.amazonaws.finspacedata#ApplicationPermissionList", "traits": { - "smithy.api#documentation": "

        The permissions that are granted to a specific group for accessing the FinSpace application.

        \n
          \n
        • \n

          \n CreateDataset – Group members can create new datasets.

          \n
          • \n
        • \n

          \n ManageClusters – Group members can manage Apache Spark clusters from FinSpace notebooks.

          \n
          • \n
        • \n

          \n ManageUsersAndGroups – Group members can manage users and permission groups.

          \n
          • \n
        • \n

          \n ManageAttributeSets – Group members can manage attribute sets.

          \n
          • \n
        • \n

          \n ViewAuditData – Group members can view audit data.

          \n
          • \n
        • \n

          \n AccessNotebooks – Group members will have access to FinSpace notebooks.

          \n
          • \n
        • \n

          \n GetTemporaryCredentials – Group members can get temporary API credentials.

          \n
          • \n
        " + "smithy.api#documentation": "

        The permissions that are granted to a specific group for accessing the FinSpace application.

        \n \n

        When assigning application permissions, be aware that the permission ManageUsersAndGroups allows users to grant themselves or others access to any functionality in their FinSpace environment's application. It should only be granted to trusted users.

        \n         \n
          \n
        • \n

          \n CreateDataset – Group members can create new datasets.

          \n
          • \n
        • \n

          \n ManageClusters – Group members can manage Apache Spark clusters from FinSpace notebooks.

          \n
          • \n
        • \n

          \n ManageUsersAndGroups – Group members can manage users and permission groups. This is a privileged permission that allows users to grant themselves or others access to any functionality in the application. It should only be granted to trusted users.

          \n
          • \n
        • \n

          \n ManageAttributeSets – Group members can manage attribute sets.

          \n
          • \n
        • \n

          \n ViewAuditData – Group members can view audit data.

          \n
          • \n
        • \n

          \n AccessNotebooks – Group members will have access to FinSpace notebooks.

          \n
          • \n
        • \n

          \n GetTemporaryCredentials – Group members can get temporary API credentials.

          \n
          • \n
        " } }, "clientToken": {