Redshift / Client / create_redshift_idc_application
create_redshift_idc_application#
- Redshift.Client.create_redshift_idc_application(**kwargs)#
Creates an Amazon Redshift application for use with IAM Identity Center.
See also: AWS API Documentation
Request Syntax
response = client.create_redshift_idc_application( IdcInstanceArn='string', RedshiftIdcApplicationName='string', IdentityNamespace='string', IdcDisplayName='string', IamRoleArn='string', AuthorizedTokenIssuerList=[ { 'TrustedTokenIssuerArn': 'string', 'AuthorizedAudiencesList': [ 'string', ] }, ], ServiceIntegrations=[ { 'LakeFormation': [ { 'LakeFormationQuery': { 'Authorization': 'Enabled'|'Disabled' } }, ], 'S3AccessGrants': [ { 'ReadWriteAccess': { 'Authorization': 'Enabled'|'Disabled' } }, ] }, ] )
- Parameters:
IdcInstanceArn (string) –
[REQUIRED]
The Amazon resource name (ARN) of the IAM Identity Center instance where Amazon Redshift creates a new managed application.
RedshiftIdcApplicationName (string) –
[REQUIRED]
The name of the Redshift application in IAM Identity Center.
IdentityNamespace (string) – The namespace for the Amazon Redshift IAM Identity Center application instance. It determines which managed application verifies the connection token.
IdcDisplayName (string) –
[REQUIRED]
The display name for the Amazon Redshift IAM Identity Center application instance. It appears in the console.
IamRoleArn (string) –
[REQUIRED]
The IAM role ARN for the Amazon Redshift IAM Identity Center application instance. It has the required permissions to be assumed and invoke the IDC Identity Center API.
AuthorizedTokenIssuerList (list) –
The token issuer list for the Amazon Redshift IAM Identity Center application instance.
(dict) –
The authorized token issuer for the Amazon Redshift IAM Identity Center application.
TrustedTokenIssuerArn (string) –
The ARN for the authorized token issuer for integrating Amazon Redshift with IDC Identity Center.
AuthorizedAudiencesList (list) –
The list of audiences for the authorized token issuer for integrating Amazon Redshift with IDC Identity Center.
(string) –
ServiceIntegrations (list) –
A collection of service integrations for the Redshift IAM Identity Center application.
(dict) –
A list of service integrations.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
LakeFormation
,S3AccessGrants
.LakeFormation (list) –
A list of scopes set up for Lake Formation integration.
(dict) –
A list of scopes set up for Lake Formation integration.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
LakeFormationQuery
.LakeFormationQuery (dict) –
The Lake Formation scope.
Authorization (string) – [REQUIRED]
Determines whether the query scope is enabled or disabled.
S3AccessGrants (list) –
A list of scopes set up for S3 Access Grants integration.
(dict) –
A list of scopes set up for S3 Access Grants integration.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
ReadWriteAccess
.ReadWriteAccess (dict) –
The S3 Access Grants scope.
Authorization (string) – [REQUIRED]
Determines whether the read/write scope is enabled or disabled.
- Return type:
dict
- Returns:
Response Syntax
{ 'RedshiftIdcApplication': { 'IdcInstanceArn': 'string', 'RedshiftIdcApplicationName': 'string', 'RedshiftIdcApplicationArn': 'string', 'IdentityNamespace': 'string', 'IdcDisplayName': 'string', 'IamRoleArn': 'string', 'IdcManagedApplicationArn': 'string', 'IdcOnboardStatus': 'string', 'AuthorizedTokenIssuerList': [ { 'TrustedTokenIssuerArn': 'string', 'AuthorizedAudiencesList': [ 'string', ] }, ], 'ServiceIntegrations': [ { 'LakeFormation': [ { 'LakeFormationQuery': { 'Authorization': 'Enabled'|'Disabled' } }, ], 'S3AccessGrants': [ { 'ReadWriteAccess': { 'Authorization': 'Enabled'|'Disabled' } }, ] }, ] } }
Response Structure
(dict) –
RedshiftIdcApplication (dict) –
Contains properties for the Redshift IDC application.
IdcInstanceArn (string) –
The ARN for the IAM Identity Center instance that Redshift integrates with.
RedshiftIdcApplicationName (string) –
The name of the Redshift application in IAM Identity Center.
RedshiftIdcApplicationArn (string) –
The ARN for the Redshift application that integrates with IAM Identity Center.
IdentityNamespace (string) –
The identity namespace for the Amazon Redshift IAM Identity Center application. It determines which managed application verifies the connection token.
IdcDisplayName (string) –
The display name for the Amazon Redshift IAM Identity Center application. It appears on the console.
IamRoleArn (string) –
The ARN for the Amazon Redshift IAM Identity Center application. It has the required permissions to be assumed and invoke the IDC Identity Center API.
IdcManagedApplicationArn (string) –
The ARN for the Amazon Redshift IAM Identity Center application.
IdcOnboardStatus (string) –
The onboarding status for the Amazon Redshift IAM Identity Center application.
AuthorizedTokenIssuerList (list) –
The authorized token issuer list for the Amazon Redshift IAM Identity Center application.
(dict) –
The authorized token issuer for the Amazon Redshift IAM Identity Center application.
TrustedTokenIssuerArn (string) –
The ARN for the authorized token issuer for integrating Amazon Redshift with IDC Identity Center.
AuthorizedAudiencesList (list) –
The list of audiences for the authorized token issuer for integrating Amazon Redshift with IDC Identity Center.
(string) –
ServiceIntegrations (list) –
A list of service integrations for the Redshift IAM Identity Center application.
(dict) –
A list of service integrations.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set:
LakeFormation
,S3AccessGrants
. If a client receives an unknown member it will setSDK_UNKNOWN_MEMBER
as the top level key, which maps to the name or tag of the unknown member. The structure ofSDK_UNKNOWN_MEMBER
is as follows:'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
LakeFormation (list) –
A list of scopes set up for Lake Formation integration.
(dict) –
A list of scopes set up for Lake Formation integration.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set:
LakeFormationQuery
. If a client receives an unknown member it will setSDK_UNKNOWN_MEMBER
as the top level key, which maps to the name or tag of the unknown member. The structure ofSDK_UNKNOWN_MEMBER
is as follows:'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
LakeFormationQuery (dict) –
The Lake Formation scope.
Authorization (string) –
Determines whether the query scope is enabled or disabled.
S3AccessGrants (list) –
A list of scopes set up for S3 Access Grants integration.
(dict) –
A list of scopes set up for S3 Access Grants integration.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set:
ReadWriteAccess
. If a client receives an unknown member it will setSDK_UNKNOWN_MEMBER
as the top level key, which maps to the name or tag of the unknown member. The structure ofSDK_UNKNOWN_MEMBER
is as follows:'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
ReadWriteAccess (dict) –
The S3 Access Grants scope.
Authorization (string) –
Determines whether the read/write scope is enabled or disabled.
Exceptions
Redshift.Client.exceptions.RedshiftIdcApplicationAlreadyExistsFault
Redshift.Client.exceptions.DependentServiceUnavailableFault
Redshift.Client.exceptions.UnsupportedOperationFault
Redshift.Client.exceptions.DependentServiceAccessDeniedFault
Redshift.Client.exceptions.RedshiftIdcApplicationQuotaExceededFault