getTemporaryGlueTableCredentials method

Future<GetTemporaryGlueTableCredentialsResponse> getTemporaryGlueTableCredentials({
  1. required String tableArn,
  2. AuditContext? auditContext,
  3. int? durationSeconds,
  4. List<Permission>? permissions,
  5. QuerySessionContext? querySessionContext,
  6. String? s3Path,
  7. List<PermissionType>? supportedPermissionTypes,
})

Allows a caller in a secure environment to assume a role with permission to access Amazon S3. In order to vend such credentials, Lake Formation assumes the role associated with a registered location, for example an Amazon S3 bucket, with a scope down policy which restricts the access to a single prefix.

To call this API, the role that the service assumes must have lakeformation:GetDataAccess permission on the resource.

May throw AccessDeniedException. May throw EntityNotFoundException. May throw InternalServiceException. May throw InvalidInputException. May throw OperationTimeoutException. May throw PermissionTypeMismatchException.

Parameter tableArn : The ARN identifying a table in the Data Catalog for the temporary credentials request.

Parameter auditContext : A structure representing context to access a resource (column names, query ID, etc).

Parameter durationSeconds : The time period, between 900 and 21,600 seconds, for the timeout of the temporary credentials.

Parameter permissions : Filters the request based on the user having been granted a list of specified permissions on the requested resource(s).

Parameter querySessionContext : A structure used as a protocol between query engines and Lake Formation or Glue. Contains both a Lake Formation generated authorization identifier and information from the request's authorization context.

Parameter s3Path : The Amazon S3 path for the table.

Parameter supportedPermissionTypes : A list of supported permission types for the table. Valid values are COLUMN_PERMISSION and CELL_FILTER_PERMISSION.

Implementation

Future<GetTemporaryGlueTableCredentialsResponse>
    getTemporaryGlueTableCredentials({
  required String tableArn,
  AuditContext? auditContext,
  int? durationSeconds,
  List<Permission>? permissions,
  QuerySessionContext? querySessionContext,
  String? s3Path,
  List<PermissionType>? supportedPermissionTypes,
}) async {
  _s.validateNumRange(
    'durationSeconds',
    durationSeconds,
    900,
    43200,
  );
  final $payload = <String, dynamic>{
    'TableArn': tableArn,
    if (auditContext != null) 'AuditContext': auditContext,
    if (durationSeconds != null) 'DurationSeconds': durationSeconds,
    if (permissions != null)
      'Permissions': permissions.map((e) => e.value).toList(),
    if (querySessionContext != null)
      'QuerySessionContext': querySessionContext,
    if (s3Path != null) 'S3Path': s3Path,
    if (supportedPermissionTypes != null)
      'SupportedPermissionTypes':
          supportedPermissionTypes.map((e) => e.value).toList(),
  };
  final response = await _protocol.send(
    payload: $payload,
    method: 'POST',
    requestUri: '/GetTemporaryGlueTableCredentials',
    exceptionFnMap: _exceptionFns,
  );
  return GetTemporaryGlueTableCredentialsResponse.fromJson(response);
}