DataZone / Client / list_policy_grants
list_policy_grants#
- DataZone.Client.list_policy_grants(**kwargs)#
Lists policy grants.
See also: AWS API Documentation
Request Syntax
response = client.list_policy_grants( domainIdentifier='string', entityIdentifier='string', entityType='DOMAIN_UNIT'|'ENVIRONMENT_BLUEPRINT_CONFIGURATION'|'ENVIRONMENT_PROFILE', maxResults=123, nextToken='string', policyType='CREATE_DOMAIN_UNIT'|'OVERRIDE_DOMAIN_UNIT_OWNERS'|'ADD_TO_PROJECT_MEMBER_POOL'|'OVERRIDE_PROJECT_OWNERS'|'CREATE_GLOSSARY'|'CREATE_FORM_TYPE'|'CREATE_ASSET_TYPE'|'CREATE_PROJECT'|'CREATE_ENVIRONMENT_PROFILE'|'DELEGATE_CREATE_ENVIRONMENT_PROFILE'|'CREATE_ENVIRONMENT' )
- Parameters:
domainIdentifier (string) –
[REQUIRED]
The ID of the domain where you want to list policy grants.
entityIdentifier (string) –
[REQUIRED]
The ID of the entity for which you want to list policy grants.
entityType (string) –
[REQUIRED]
The type of entity for which you want to list policy grants.
maxResults (integer) – The maximum number of grants to return in a single call to
ListPolicyGrants
. When the number of grants to be listed is greater than the value ofMaxResults
, the response contains aNextToken
value that you can use in a subsequent call toListPolicyGrants
to list the next set of grants.nextToken (string) – When the number of grants is greater than the default value for the
MaxResults
parameter, or if you explicitly specify a value forMaxResults
that is less than the number of grants, the response includes a pagination token namedNextToken
. You can specify thisNextToken
value in a subsequent call toListPolicyGrants
to list the next set of grants.policyType (string) –
[REQUIRED]
The type of policy that you want to list.
- Return type:
dict
- Returns:
Response Syntax
{ 'grantList': [ { 'createdAt': datetime(2015, 1, 1), 'createdBy': 'string', 'detail': { 'addToProjectMemberPool': { 'includeChildDomainUnits': True|False }, 'createAssetType': { 'includeChildDomainUnits': True|False }, 'createDomainUnit': { 'includeChildDomainUnits': True|False }, 'createEnvironment': {}, 'createEnvironmentProfile': { 'domainUnitId': 'string' }, 'createFormType': { 'includeChildDomainUnits': True|False }, 'createGlossary': { 'includeChildDomainUnits': True|False }, 'createProject': { 'includeChildDomainUnits': True|False }, 'delegateCreateEnvironmentProfile': {}, 'overrideDomainUnitOwners': { 'includeChildDomainUnits': True|False }, 'overrideProjectOwners': { 'includeChildDomainUnits': True|False } }, 'principal': { 'domainUnit': { 'domainUnitDesignation': 'OWNER', 'domainUnitGrantFilter': { 'allDomainUnitsGrantFilter': {} }, 'domainUnitIdentifier': 'string' }, 'group': { 'groupIdentifier': 'string' }, 'project': { 'projectDesignation': 'OWNER'|'CONTRIBUTOR'|'PROJECT_CATALOG_STEWARD', 'projectGrantFilter': { 'domainUnitFilter': { 'domainUnit': 'string', 'includeChildDomainUnits': True|False } }, 'projectIdentifier': 'string' }, 'user': { 'allUsersGrantFilter': {}, 'userIdentifier': 'string' } } }, ], 'nextToken': 'string' }
Response Structure
(dict) –
grantList (list) –
The results of this action - the listed grants.
(dict) –
A member of the policy grant list.
createdAt (datetime) –
Specifies the timestamp at which policy grant member was created.
createdBy (string) –
Specifies the user who created the policy grant member.
detail (dict) –
The details of the policy grant member.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set:
addToProjectMemberPool
,createAssetType
,createDomainUnit
,createEnvironment
,createEnvironmentProfile
,createFormType
,createGlossary
,createProject
,delegateCreateEnvironmentProfile
,overrideDomainUnitOwners
,overrideProjectOwners
. If a client receives an unknown member it will setSDK_UNKNOWN_MEMBER
as the top level key, which maps to the name or tag of the unknown member. The structure ofSDK_UNKNOWN_MEMBER
is as follows:'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
addToProjectMemberPool (dict) –
Specifies that the policy grant is to be added to the members of the project.
includeChildDomainUnits (boolean) –
Specifies whether the policy grant is applied to child domain units.
createAssetType (dict) –
Specifies that this is a create asset type policy.
includeChildDomainUnits (boolean) –
Specifies whether the policy grant is applied to child domain units.
createDomainUnit (dict) –
Specifies that this is a create domain unit policy.
includeChildDomainUnits (boolean) –
Specifies whether the policy grant is applied to child domain units.
createEnvironment (dict) –
Specifies that this is a create environment policy.
createEnvironmentProfile (dict) –
Specifies that this is a create environment profile policy.
domainUnitId (string) –
The ID of the domain unit.
createFormType (dict) –
Specifies that this is a create form type policy.
includeChildDomainUnits (boolean) –
Specifies whether the policy grant is applied to child domain units.
createGlossary (dict) –
Specifies that this is a create glossary policy.
includeChildDomainUnits (boolean) –
Specifies whether the policy grant is applied to child domain units.
createProject (dict) –
Specifies that this is a create project policy.
includeChildDomainUnits (boolean) –
Specifies whether the policy grant is applied to child domain units.
delegateCreateEnvironmentProfile (dict) –
Specifies that this is the delegation of the create environment profile policy.
overrideDomainUnitOwners (dict) –
Specifies whether to override domain unit owners.
includeChildDomainUnits (boolean) –
Specifies whether the policy is inherited by child domain units.
overrideProjectOwners (dict) –
Specifies whether to override project owners.
includeChildDomainUnits (boolean) –
Specifies whether the policy is inherited by child domain units.
principal (dict) –
The principal of the policy grant member.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set:
domainUnit
,group
,project
,user
. If a client receives an unknown member it will setSDK_UNKNOWN_MEMBER
as the top level key, which maps to the name or tag of the unknown member. The structure ofSDK_UNKNOWN_MEMBER
is as follows:'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
domainUnit (dict) –
The domain unit of the policy grant principal.
domainUnitDesignation (string) –
Specifes the designation of the domain unit users.
domainUnitGrantFilter (dict) –
The grant filter for the domain unit.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set:
allDomainUnitsGrantFilter
. If a client receives an unknown member it will setSDK_UNKNOWN_MEMBER
as the top level key, which maps to the name or tag of the unknown member. The structure ofSDK_UNKNOWN_MEMBER
is as follows:'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
allDomainUnitsGrantFilter (dict) –
Specifies a grant filter containing all domain units.
domainUnitIdentifier (string) –
The ID of the domain unit.
group (dict) –
The group of the policy grant principal.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set:
groupIdentifier
. If a client receives an unknown member it will setSDK_UNKNOWN_MEMBER
as the top level key, which maps to the name or tag of the unknown member. The structure ofSDK_UNKNOWN_MEMBER
is as follows:'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
groupIdentifier (string) –
The ID Of the group of the group principal.
project (dict) –
The project of the policy grant principal.
projectDesignation (string) –
The project designation of the project policy grant principal.
projectGrantFilter (dict) –
The project grant filter of the project policy grant principal.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set:
domainUnitFilter
. If a client receives an unknown member it will setSDK_UNKNOWN_MEMBER
as the top level key, which maps to the name or tag of the unknown member. The structure ofSDK_UNKNOWN_MEMBER
is as follows:'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
domainUnitFilter (dict) –
The domain unit filter of the project grant filter.
domainUnit (string) –
The domain unit ID to use in the filter.
includeChildDomainUnits (boolean) –
Specifies whether to include child domain units.
projectIdentifier (string) –
The project ID of the project policy grant principal.
user (dict) –
The user of the policy grant principal.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set:
allUsersGrantFilter
,userIdentifier
. If a client receives an unknown member it will setSDK_UNKNOWN_MEMBER
as the top level key, which maps to the name or tag of the unknown member. The structure ofSDK_UNKNOWN_MEMBER
is as follows:'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
allUsersGrantFilter (dict) –
The all users grant filter of the user policy grant principal.
userIdentifier (string) –
The user ID of the user policy grant principal.
nextToken (string) –
When the number of grants is greater than the default value for the
MaxResults
parameter, or if you explicitly specify a value forMaxResults
that is less than the number of grants, the response includes a pagination token namedNextToken
. You can specify thisNextToken
value in a subsequent call toListPolicyGrants
to list the next set of grants.
Exceptions
DataZone.Client.exceptions.InternalServerException
DataZone.Client.exceptions.AccessDeniedException
DataZone.Client.exceptions.ThrottlingException
DataZone.Client.exceptions.ValidationException
DataZone.Client.exceptions.UnauthorizedException