DataZone / Client / remove_policy_grant
remove_policy_grant#
- DataZone.Client.remove_policy_grant(**kwargs)#
Removes a policy grant.
See also: AWS API Documentation
Request Syntax
response = client.remove_policy_grant( clientToken='string', domainIdentifier='string', entityIdentifier='string', entityType='DOMAIN_UNIT'|'ENVIRONMENT_BLUEPRINT_CONFIGURATION'|'ENVIRONMENT_PROFILE', policyType='CREATE_DOMAIN_UNIT'|'OVERRIDE_DOMAIN_UNIT_OWNERS'|'ADD_TO_PROJECT_MEMBER_POOL'|'OVERRIDE_PROJECT_OWNERS'|'CREATE_GLOSSARY'|'CREATE_FORM_TYPE'|'CREATE_ASSET_TYPE'|'CREATE_PROJECT'|'CREATE_ENVIRONMENT_PROFILE'|'DELEGATE_CREATE_ENVIRONMENT_PROFILE'|'CREATE_ENVIRONMENT', principal={ 'domainUnit': { 'domainUnitDesignation': 'OWNER', 'domainUnitGrantFilter': { 'allDomainUnitsGrantFilter': {} }, 'domainUnitIdentifier': 'string' }, 'group': { 'groupIdentifier': 'string' }, 'project': { 'projectDesignation': 'OWNER'|'CONTRIBUTOR', 'projectGrantFilter': { 'domainUnitFilter': { 'domainUnit': 'string', 'includeChildDomainUnits': True|False } }, 'projectIdentifier': 'string' }, 'user': { 'allUsersGrantFilter': {} , 'userIdentifier': 'string' } } )
- Parameters:
clientToken (string) –
A unique, case-sensitive identifier that is provided to ensure the idempotency of the request.
This field is autopopulated if not provided.
domainIdentifier (string) –
[REQUIRED]
The ID of the domain where you want to remove a policy grant.
entityIdentifier (string) –
[REQUIRED]
The ID of the entity from which you want to remove a policy grant.
entityType (string) –
[REQUIRED]
The type of the entity from which you want to remove a policy grant.
policyType (string) –
[REQUIRED]
The type of the policy that you want to remove.
principal (dict) –
[REQUIRED]
The principal from which you want to remove a policy grant.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
domainUnit,group,project,user.domainUnit (dict) –
The domain unit of the policy grant principal.
domainUnitDesignation (string) – [REQUIRED]
Specifes the designation of the domain unit users.
domainUnitGrantFilter (dict) –
The grant filter for the domain unit.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
allDomainUnitsGrantFilter.allDomainUnitsGrantFilter (dict) –
Specifies a grant filter containing all domain units.
domainUnitIdentifier (string) –
The ID of the domain unit.
group (dict) –
The group of the policy grant principal.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
groupIdentifier.groupIdentifier (string) –
The ID Of the group of the group principal.
project (dict) –
The project of the policy grant principal.
projectDesignation (string) – [REQUIRED]
The project designation of the project policy grant principal.
projectGrantFilter (dict) –
The project grant filter of the project policy grant principal.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
domainUnitFilter.domainUnitFilter (dict) –
The domain unit filter of the project grant filter.
domainUnit (string) – [REQUIRED]
The domain unit ID to use in the filter.
includeChildDomainUnits (boolean) –
Specifies whether to include child domain units.
projectIdentifier (string) –
The project ID of the project policy grant principal.
user (dict) –
The user of the policy grant principal.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
allUsersGrantFilter,userIdentifier.allUsersGrantFilter (dict) –
The all users grant filter of the user policy grant principal.
userIdentifier (string) –
The user ID of the user policy grant principal.
- Return type:
dict
- Returns:
Response Syntax
{}Response Structure
(dict) –
Exceptions
DataZone.Client.exceptions.InternalServerExceptionDataZone.Client.exceptions.AccessDeniedExceptionDataZone.Client.exceptions.ThrottlingExceptionDataZone.Client.exceptions.ValidationExceptionDataZone.Client.exceptions.UnauthorizedException