grantPermissions method

Future<void> grantPermissions({
  1. required List<Permission> permissions,
  2. required DataLakePrincipal principal,
  3. required Resource resource,
  4. String? catalogId,
  5. List<Permission>? permissionsWithGrantOption,
})

Grants permissions to the principal to access metadata in the Data Catalog and data organized in underlying data storage such as Amazon S3.

For information about permissions, see Security and Access Control to Metadata and Data.

May throw ConcurrentModificationException. May throw EntityNotFoundException. May throw InvalidInputException.

Parameter permissions : The permissions granted to the principal on the resource. AWS Lake Formation defines privileges to grant and revoke access to metadata in the Data Catalog and data organized in underlying data storage such as Amazon S3. AWS Lake Formation requires that each principal be authorized to perform a specific task on AWS Lake Formation resources.

Parameter principal : The principal to be granted the permissions on the resource. Supported principals are IAM users or IAM roles, and they are defined by their principal type and their ARN.

Note that if you define a resource with a particular ARN, then later delete, and recreate a resource with that same ARN, the resource maintains the permissions already granted.

Parameter resource : The resource to which permissions are to be granted. Resources in AWS Lake Formation are the Data Catalog, databases, and tables.

Parameter catalogId : The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.

Parameter permissionsWithGrantOption : Indicates a list of the granted permissions that the principal may pass to other users. These permissions may only be a subset of the permissions granted in the Privileges.

Implementation

Future<void> grantPermissions({
  required List<Permission> permissions,
  required DataLakePrincipal principal,
  required Resource resource,
  String? catalogId,
  List<Permission>? permissionsWithGrantOption,
}) async {
  ArgumentError.checkNotNull(permissions, 'permissions');
  ArgumentError.checkNotNull(principal, 'principal');
  ArgumentError.checkNotNull(resource, 'resource');
  _s.validateStringLength(
    'catalogId',
    catalogId,
    1,
    255,
  );
  final headers = <String, String>{
    'Content-Type': 'application/x-amz-json-1.1',
    'X-Amz-Target': 'AWSLakeFormation.GrantPermissions'
  };
  await _protocol.send(
    method: 'POST',
    requestUri: '/',
    exceptionFnMap: _exceptionFns,
    // TODO queryParams
    headers: headers,
    payload: {
      'Permissions': permissions.map((e) => e.toValue()).toList(),
      'Principal': principal,
      'Resource': resource,
      if (catalogId != null) 'CatalogId': catalogId,
      if (permissionsWithGrantOption != null)
        'PermissionsWithGrantOption':
            permissionsWithGrantOption.map((e) => e.toValue()).toList(),
    },
  );
}