-
Notifications
You must be signed in to change notification settings - Fork 574
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(client-kendra): This release adds AccessControlConfigurations wh…
…ich allow you to redefine your document level access control without the need for content re-indexing.
- Loading branch information
awstools
committed
Jul 14, 2022
1 parent
36bccb8
commit b1c43cf
Showing
25 changed files
with
2,713 additions
and
444 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
128 changes: 128 additions & 0 deletions
128
clients/client-kendra/src/commands/CreateAccessControlConfigurationCommand.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,128 @@ | ||
// smithy-typescript generated code | ||
import { getSerdePlugin } from "@aws-sdk/middleware-serde"; | ||
import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; | ||
import { Command as $Command } from "@aws-sdk/smithy-client"; | ||
import { | ||
FinalizeHandlerArguments, | ||
Handler, | ||
HandlerExecutionContext, | ||
HttpHandlerOptions as __HttpHandlerOptions, | ||
MetadataBearer as __MetadataBearer, | ||
MiddlewareStack, | ||
SerdeContext as __SerdeContext, | ||
} from "@aws-sdk/types"; | ||
|
||
import { KendraClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../KendraClient"; | ||
import { CreateAccessControlConfigurationRequest, CreateAccessControlConfigurationResponse } from "../models/models_0"; | ||
import { | ||
deserializeAws_json1_1CreateAccessControlConfigurationCommand, | ||
serializeAws_json1_1CreateAccessControlConfigurationCommand, | ||
} from "../protocols/Aws_json1_1"; | ||
|
||
export interface CreateAccessControlConfigurationCommandInput extends CreateAccessControlConfigurationRequest {} | ||
export interface CreateAccessControlConfigurationCommandOutput | ||
extends CreateAccessControlConfigurationResponse, | ||
__MetadataBearer {} | ||
|
||
/** | ||
* <p>Creates an access configuration for your documents. This includes | ||
* user and group access information for your documents. This is useful | ||
* for user context filtering, where search results are filtered based | ||
* on the user or their group access to documents.</p> | ||
* <p>You can use this to re-configure your existing document level access | ||
* control without indexing all of your documents again. For example, your | ||
* index contains top-secret company documents that only certain employees | ||
* or users should access. One of these users leaves the company or switches | ||
* to a team that should be blocked from access to top-secret documents. | ||
* Your documents in your index still give this user access to top-secret | ||
* documents due to the user having access at the time your documents were | ||
* indexed. You can create a specific access control configuration for this | ||
* user with deny access. You can later update the access control | ||
* configuration to allow access in the case the user returns to the company | ||
* and re-joins the 'top-secret' team. You can re-configure access control | ||
* for your documents circumstances change.</p> | ||
* <p>To apply your access control configuration to certain documents, you call | ||
* the <a href="https://docs.aws.amazon.com/kendra/latest/dg/API_BatchPutDocument.html">BatchPutDocument</a> | ||
* API with the <code>AccessControlConfigurationId</code> included in the | ||
* <a href="https://docs.aws.amazon.com/kendra/latest/dg/API_Document.html">Document</a> | ||
* object. If you use an S3 bucket as a data source, you update the | ||
* <code>.metadata.json</code> with the <code>AccessControlConfigurationId</code> | ||
* and synchronize your data source. Amazon Kendra currently only supports | ||
* access control configuration for S3 data sources and documents indexed using the | ||
* <code>BatchPutDocument</code> API.</p> | ||
* @example | ||
* Use a bare-bones client and the command you need to make an API call. | ||
* ```javascript | ||
* import { KendraClient, CreateAccessControlConfigurationCommand } from "@aws-sdk/client-kendra"; // ES Modules import | ||
* // const { KendraClient, CreateAccessControlConfigurationCommand } = require("@aws-sdk/client-kendra"); // CommonJS import | ||
* const client = new KendraClient(config); | ||
* const command = new CreateAccessControlConfigurationCommand(input); | ||
* const response = await client.send(command); | ||
* ``` | ||
* | ||
* @see {@link CreateAccessControlConfigurationCommandInput} for command's `input` shape. | ||
* @see {@link CreateAccessControlConfigurationCommandOutput} for command's `response` shape. | ||
* @see {@link KendraClientResolvedConfig | config} for KendraClient's `config` shape. | ||
* | ||
*/ | ||
export class CreateAccessControlConfigurationCommand extends $Command< | ||
CreateAccessControlConfigurationCommandInput, | ||
CreateAccessControlConfigurationCommandOutput, | ||
KendraClientResolvedConfig | ||
> { | ||
// Start section: command_properties | ||
// End section: command_properties | ||
|
||
constructor(readonly input: CreateAccessControlConfigurationCommandInput) { | ||
// Start section: command_constructor | ||
super(); | ||
// End section: command_constructor | ||
} | ||
|
||
/** | ||
* @internal | ||
*/ | ||
resolveMiddleware( | ||
clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, | ||
configuration: KendraClientResolvedConfig, | ||
options?: __HttpHandlerOptions | ||
): Handler<CreateAccessControlConfigurationCommandInput, CreateAccessControlConfigurationCommandOutput> { | ||
this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); | ||
|
||
const stack = clientStack.concat(this.middlewareStack); | ||
|
||
const { logger } = configuration; | ||
const clientName = "KendraClient"; | ||
const commandName = "CreateAccessControlConfigurationCommand"; | ||
const handlerExecutionContext: HandlerExecutionContext = { | ||
logger, | ||
clientName, | ||
commandName, | ||
inputFilterSensitiveLog: CreateAccessControlConfigurationRequest.filterSensitiveLog, | ||
outputFilterSensitiveLog: CreateAccessControlConfigurationResponse.filterSensitiveLog, | ||
}; | ||
const { requestHandler } = configuration; | ||
return stack.resolve( | ||
(request: FinalizeHandlerArguments<any>) => | ||
requestHandler.handle(request.request as __HttpRequest, options || {}), | ||
handlerExecutionContext | ||
); | ||
} | ||
|
||
private serialize( | ||
input: CreateAccessControlConfigurationCommandInput, | ||
context: __SerdeContext | ||
): Promise<__HttpRequest> { | ||
return serializeAws_json1_1CreateAccessControlConfigurationCommand(input, context); | ||
} | ||
|
||
private deserialize( | ||
output: __HttpResponse, | ||
context: __SerdeContext | ||
): Promise<CreateAccessControlConfigurationCommandOutput> { | ||
return deserializeAws_json1_1CreateAccessControlConfigurationCommand(output, context); | ||
} | ||
|
||
// Start section: command_body_extra | ||
// End section: command_body_extra | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
107 changes: 107 additions & 0 deletions
107
clients/client-kendra/src/commands/DeleteAccessControlConfigurationCommand.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,107 @@ | ||
// smithy-typescript generated code | ||
import { getSerdePlugin } from "@aws-sdk/middleware-serde"; | ||
import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; | ||
import { Command as $Command } from "@aws-sdk/smithy-client"; | ||
import { | ||
FinalizeHandlerArguments, | ||
Handler, | ||
HandlerExecutionContext, | ||
HttpHandlerOptions as __HttpHandlerOptions, | ||
MetadataBearer as __MetadataBearer, | ||
MiddlewareStack, | ||
SerdeContext as __SerdeContext, | ||
} from "@aws-sdk/types"; | ||
|
||
import { KendraClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../KendraClient"; | ||
import { DeleteAccessControlConfigurationRequest, DeleteAccessControlConfigurationResponse } from "../models/models_0"; | ||
import { | ||
deserializeAws_json1_1DeleteAccessControlConfigurationCommand, | ||
serializeAws_json1_1DeleteAccessControlConfigurationCommand, | ||
} from "../protocols/Aws_json1_1"; | ||
|
||
export interface DeleteAccessControlConfigurationCommandInput extends DeleteAccessControlConfigurationRequest {} | ||
export interface DeleteAccessControlConfigurationCommandOutput | ||
extends DeleteAccessControlConfigurationResponse, | ||
__MetadataBearer {} | ||
|
||
/** | ||
* <p>Deletes an access control configuration that you created for your | ||
* documents in an index. This includes user and group access information | ||
* for your documents. This is useful for user context filtering, where search | ||
* results are filtered based on the user or their group access to documents.</p> | ||
* @example | ||
* Use a bare-bones client and the command you need to make an API call. | ||
* ```javascript | ||
* import { KendraClient, DeleteAccessControlConfigurationCommand } from "@aws-sdk/client-kendra"; // ES Modules import | ||
* // const { KendraClient, DeleteAccessControlConfigurationCommand } = require("@aws-sdk/client-kendra"); // CommonJS import | ||
* const client = new KendraClient(config); | ||
* const command = new DeleteAccessControlConfigurationCommand(input); | ||
* const response = await client.send(command); | ||
* ``` | ||
* | ||
* @see {@link DeleteAccessControlConfigurationCommandInput} for command's `input` shape. | ||
* @see {@link DeleteAccessControlConfigurationCommandOutput} for command's `response` shape. | ||
* @see {@link KendraClientResolvedConfig | config} for KendraClient's `config` shape. | ||
* | ||
*/ | ||
export class DeleteAccessControlConfigurationCommand extends $Command< | ||
DeleteAccessControlConfigurationCommandInput, | ||
DeleteAccessControlConfigurationCommandOutput, | ||
KendraClientResolvedConfig | ||
> { | ||
// Start section: command_properties | ||
// End section: command_properties | ||
|
||
constructor(readonly input: DeleteAccessControlConfigurationCommandInput) { | ||
// Start section: command_constructor | ||
super(); | ||
// End section: command_constructor | ||
} | ||
|
||
/** | ||
* @internal | ||
*/ | ||
resolveMiddleware( | ||
clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, | ||
configuration: KendraClientResolvedConfig, | ||
options?: __HttpHandlerOptions | ||
): Handler<DeleteAccessControlConfigurationCommandInput, DeleteAccessControlConfigurationCommandOutput> { | ||
this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); | ||
|
||
const stack = clientStack.concat(this.middlewareStack); | ||
|
||
const { logger } = configuration; | ||
const clientName = "KendraClient"; | ||
const commandName = "DeleteAccessControlConfigurationCommand"; | ||
const handlerExecutionContext: HandlerExecutionContext = { | ||
logger, | ||
clientName, | ||
commandName, | ||
inputFilterSensitiveLog: DeleteAccessControlConfigurationRequest.filterSensitiveLog, | ||
outputFilterSensitiveLog: DeleteAccessControlConfigurationResponse.filterSensitiveLog, | ||
}; | ||
const { requestHandler } = configuration; | ||
return stack.resolve( | ||
(request: FinalizeHandlerArguments<any>) => | ||
requestHandler.handle(request.request as __HttpRequest, options || {}), | ||
handlerExecutionContext | ||
); | ||
} | ||
|
||
private serialize( | ||
input: DeleteAccessControlConfigurationCommandInput, | ||
context: __SerdeContext | ||
): Promise<__HttpRequest> { | ||
return serializeAws_json1_1DeleteAccessControlConfigurationCommand(input, context); | ||
} | ||
|
||
private deserialize( | ||
output: __HttpResponse, | ||
context: __SerdeContext | ||
): Promise<DeleteAccessControlConfigurationCommandOutput> { | ||
return deserializeAws_json1_1DeleteAccessControlConfigurationCommand(output, context); | ||
} | ||
|
||
// Start section: command_body_extra | ||
// End section: command_body_extra | ||
} |
Oops, something went wrong.