/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/
/*
* Do not modify this file. This file is generated from the lakeformation-2017-03-31.normal.json service model.
*/
using System;
using System.Collections.Generic;
using System.Xml.Serialization;
using System.Text;
using System.IO;
using System.Net;
using Amazon.Runtime;
using Amazon.Runtime.Internal;
namespace Amazon.LakeFormation.Model
{
///
/// A structure representing a list of Lake Formation principals designated as data lake
/// administrators and lists of principal permission entries for default create database
/// and default create table permissions.
///
public partial class DataLakeSettings
{
private bool? _allowExternalDataFiltering;
private bool? _allowFullTableExternalDataAccess;
private List _authorizedSessionTagValueList = new List();
private List _createDatabaseDefaultPermissions = new List();
private List _createTableDefaultPermissions = new List();
private List _dataLakeAdmins = new List();
private List _externalDataFilteringAllowList = new List();
private Dictionary _parameters = new Dictionary();
private List _readOnlyAdmins = new List();
private List _trustedResourceOwners = new List();
///
/// Gets and sets the property AllowExternalDataFiltering.
///
/// Whether to allow Amazon EMR clusters to access data managed by Lake Formation.
///
///
///
/// If true, you allow Amazon EMR clusters to access data in Amazon S3 locations that
/// are registered with Lake Formation.
///
///
///
/// If false or null, no Amazon EMR clusters will be able to access data in Amazon S3
/// locations that are registered with Lake Formation.
///
///
///
/// For more information, see (Optional)
/// Allow external data filtering.
///
///
public bool AllowExternalDataFiltering
{
get { return this._allowExternalDataFiltering.GetValueOrDefault(); }
set { this._allowExternalDataFiltering = value; }
}
// Check to see if AllowExternalDataFiltering property is set
internal bool IsSetAllowExternalDataFiltering()
{
return this._allowExternalDataFiltering.HasValue;
}
///
/// Gets and sets the property AllowFullTableExternalDataAccess.
///
/// Whether to allow a third-party query engine to get data access credentials without
/// session tags when a caller has full data access permissions.
///
///
public bool AllowFullTableExternalDataAccess
{
get { return this._allowFullTableExternalDataAccess.GetValueOrDefault(); }
set { this._allowFullTableExternalDataAccess = value; }
}
// Check to see if AllowFullTableExternalDataAccess property is set
internal bool IsSetAllowFullTableExternalDataAccess()
{
return this._allowFullTableExternalDataAccess.HasValue;
}
///
/// Gets and sets the property AuthorizedSessionTagValueList.
///
/// Lake Formation relies on a privileged process secured by Amazon EMR or the third party
/// integrator to tag the user's role while assuming it. Lake Formation will publish the
/// acceptable key-value pair, for example key = "LakeFormationTrustedCaller" and value
/// = "TRUE" and the third party integrator must properly tag the temporary security credentials
/// that will be used to call Lake Formation's administrative APIs.
///
///
public List AuthorizedSessionTagValueList
{
get { return this._authorizedSessionTagValueList; }
set { this._authorizedSessionTagValueList = value; }
}
// Check to see if AuthorizedSessionTagValueList property is set
internal bool IsSetAuthorizedSessionTagValueList()
{
return this._authorizedSessionTagValueList != null && this._authorizedSessionTagValueList.Count > 0;
}
///
/// Gets and sets the property CreateDatabaseDefaultPermissions.
///
/// Specifies whether access control on newly created database is managed by Lake Formation
/// permissions or exclusively by IAM permissions.
///
///
///
/// A null value indicates access control by Lake Formation permissions. A value that
/// assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions.
/// This is referred to as the setting "Use only IAM access control," and is for backward
/// compatibility with the Glue permission model implemented by IAM permissions.
///
///
///
/// The only permitted values are an empty array or an array that contains a single JSON
/// object that grants ALL to IAM_ALLOWED_PRINCIPALS.
///
///
///
/// For more information, see Changing
/// the Default Security Settings for Your Data Lake.
///
///
public List CreateDatabaseDefaultPermissions
{
get { return this._createDatabaseDefaultPermissions; }
set { this._createDatabaseDefaultPermissions = value; }
}
// Check to see if CreateDatabaseDefaultPermissions property is set
internal bool IsSetCreateDatabaseDefaultPermissions()
{
return this._createDatabaseDefaultPermissions != null && this._createDatabaseDefaultPermissions.Count > 0;
}
///
/// Gets and sets the property CreateTableDefaultPermissions.
///
/// Specifies whether access control on newly created table is managed by Lake Formation
/// permissions or exclusively by IAM permissions.
///
///
///
/// A null value indicates access control by Lake Formation permissions. A value that
/// assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions.
/// This is referred to as the setting "Use only IAM access control," and is for backward
/// compatibility with the Glue permission model implemented by IAM permissions.
///
///
///
/// The only permitted values are an empty array or an array that contains a single JSON
/// object that grants ALL to IAM_ALLOWED_PRINCIPALS.
///
///
///
/// For more information, see Changing
/// the Default Security Settings for Your Data Lake.
///
///
public List CreateTableDefaultPermissions
{
get { return this._createTableDefaultPermissions; }
set { this._createTableDefaultPermissions = value; }
}
// Check to see if CreateTableDefaultPermissions property is set
internal bool IsSetCreateTableDefaultPermissions()
{
return this._createTableDefaultPermissions != null && this._createTableDefaultPermissions.Count > 0;
}
///
/// Gets and sets the property DataLakeAdmins.
///
/// A list of Lake Formation principals. Supported principals are IAM users or IAM roles.
///
///
[AWSProperty(Min=0, Max=30)]
public List DataLakeAdmins
{
get { return this._dataLakeAdmins; }
set { this._dataLakeAdmins = value; }
}
// Check to see if DataLakeAdmins property is set
internal bool IsSetDataLakeAdmins()
{
return this._dataLakeAdmins != null && this._dataLakeAdmins.Count > 0;
}
///
/// Gets and sets the property ExternalDataFilteringAllowList.
///
/// A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters
/// that are to perform data filtering.>
///
///
[AWSProperty(Min=0, Max=30)]
public List ExternalDataFilteringAllowList
{
get { return this._externalDataFilteringAllowList; }
set { this._externalDataFilteringAllowList = value; }
}
// Check to see if ExternalDataFilteringAllowList property is set
internal bool IsSetExternalDataFilteringAllowList()
{
return this._externalDataFilteringAllowList != null && this._externalDataFilteringAllowList.Count > 0;
}
///
/// Gets and sets the property Parameters.
///
/// A key-value map that provides an additional configuration on your data lake. CrossAccountVersion
/// is the key you can configure in the Parameters field. Accepted values for the CrossAccountVersion
/// key are 1, 2, and 3.
///
///
public Dictionary Parameters
{
get { return this._parameters; }
set { this._parameters = value; }
}
// Check to see if Parameters property is set
internal bool IsSetParameters()
{
return this._parameters != null && this._parameters.Count > 0;
}
///
/// Gets and sets the property ReadOnlyAdmins.
///
/// A list of Lake Formation principals with only view access to the resources, without
/// the ability to make changes. Supported principals are IAM users or IAM roles.
///
///
[AWSProperty(Min=0, Max=30)]
public List ReadOnlyAdmins
{
get { return this._readOnlyAdmins; }
set { this._readOnlyAdmins = value; }
}
// Check to see if ReadOnlyAdmins property is set
internal bool IsSetReadOnlyAdmins()
{
return this._readOnlyAdmins != null && this._readOnlyAdmins.Count > 0;
}
///
/// Gets and sets the property TrustedResourceOwners.
///
/// A list of the resource-owning account IDs that the caller's account can use to share
/// their user access details (user ARNs). The user ARNs can be logged in the resource
/// owner's CloudTrail log.
///
///
///
/// You may want to specify this property when you are in a high-trust boundary, such
/// as the same team or company.
///
///
public List TrustedResourceOwners
{
get { return this._trustedResourceOwners; }
set { this._trustedResourceOwners = value; }
}
// Check to see if TrustedResourceOwners property is set
internal bool IsSetTrustedResourceOwners()
{
return this._trustedResourceOwners != null && this._trustedResourceOwners.Count > 0;
}
}
}