LakeFormation / Client / get_temporary_glue_partition_credentials

get_temporary_glue_partition_credentials#

LakeFormation.Client.get_temporary_glue_partition_credentials(**kwargs)#

This API is identical to GetTemporaryTableCredentials except that this is used when the target Data Catalog resource is of type Partition. Lake Formation restricts the permission of the vended credentials with the same scope down policy which restricts access to a single Amazon S3 prefix.

See also: AWS API Documentation

Request Syntax

response = client.get_temporary_glue_partition_credentials(
    TableArn='string',
    Partition={
        'Values': [
            'string',
        ]
    },
    Permissions=[
        'ALL'|'SELECT'|'ALTER'|'DROP'|'DELETE'|'INSERT'|'DESCRIBE'|'CREATE_DATABASE'|'CREATE_TABLE'|'DATA_LOCATION_ACCESS'|'CREATE_LF_TAG'|'ASSOCIATE'|'GRANT_WITH_LF_TAG_EXPRESSION'|'CREATE_LF_TAG_EXPRESSION'|'CREATE_CATALOG'|'SUPER_USER',
    ],
    DurationSeconds=123,
    AuditContext={
        'AdditionalAuditContext': 'string'
    },
    SupportedPermissionTypes=[
        'COLUMN_PERMISSION'|'CELL_FILTER_PERMISSION'|'NESTED_PERMISSION'|'NESTED_CELL_PERMISSION',
    ]
)
Parameters:
  • TableArn (string) –

    [REQUIRED]

    The ARN of the partitions’ table.

  • Partition (dict) –

    [REQUIRED]

    A list of partition values identifying a single partition.

    • Values (list) – [REQUIRED]

      The list of partition values.

      • (string) –

  • Permissions (list) –

    Filters the request based on the user having been granted a list of specified permissions on the requested resource(s).

    • (string) –

  • DurationSeconds (integer) – The time period, between 900 and 21,600 seconds, for the timeout of the temporary credentials.

  • AuditContext (dict) –

    A structure representing context to access a resource (column names, query ID, etc).

    • AdditionalAuditContext (string) –

      The filter engine can populate the ‘AdditionalAuditContext’ information with the request ID for you to track. This information will be displayed in CloudTrail log in your account.

  • SupportedPermissionTypes (list) –

    A list of supported permission types for the partition. Valid values are COLUMN_PERMISSION and CELL_FILTER_PERMISSION.

    • (string) –

Return type:

dict

Returns:

Response Syntax

{
    'AccessKeyId': 'string',
    'SecretAccessKey': 'string',
    'SessionToken': 'string',
    'Expiration': datetime(2015, 1, 1)
}

Response Structure

  • (dict) –

    • AccessKeyId (string) –

      The access key ID for the temporary credentials.

    • SecretAccessKey (string) –

      The secret key for the temporary credentials.

    • SessionToken (string) –

      The session token for the temporary credentials.

    • Expiration (datetime) –

      The date and time when the temporary credentials expire.

Exceptions

  • LakeFormation.Client.exceptions.InvalidInputException

  • LakeFormation.Client.exceptions.InternalServiceException

  • LakeFormation.Client.exceptions.OperationTimeoutException

  • LakeFormation.Client.exceptions.EntityNotFoundException

  • LakeFormation.Client.exceptions.AccessDeniedException

  • LakeFormation.Client.exceptions.PermissionTypeMismatchException