AWS::QuickSight::DataSet RowLevelPermissionDataSet - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

AWS::QuickSight::DataSet RowLevelPermissionDataSet

Information about a dataset that contains permissions for row-level security (RLS). The permissions dataset maps fields to users or groups. For more information, see Using Row-Level Security (RLS) to Restrict Access to a Dataset in the Amazon QuickSight User Guide.

The option to deny permissions by setting PermissionPolicy to DENY_ACCESS is not supported for new RLS datasets.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{ "Arn" : String, "FormatVersion" : String, "Namespace" : String, "PermissionPolicy" : String }

YAML

Arn: String FormatVersion: String Namespace: String PermissionPolicy: String

Properties

Arn

The Amazon Resource Name (ARN) of the dataset that contains permissions for RLS.

Required: Yes

Type: String

Update requires: No interruption

FormatVersion

The user or group rules associated with the dataset that contains permissions for RLS.

By default, FormatVersion is VERSION_1. When FormatVersion is VERSION_1, UserName and GroupName are required. When FormatVersion is VERSION_2, UserARN and GroupARN are required, and Namespace must not exist.

Required: No

Type: String

Allowed values: VERSION_1 | VERSION_2

Update requires: No interruption

Namespace

The namespace associated with the dataset that contains permissions for RLS.

Required: No

Type: String

Maximum: 64

Pattern: ^[a-zA-Z0-9._-]*$

Update requires: No interruption

PermissionPolicy

The type of permissions to use when interpreting the permissions for RLS. DENY_ACCESS is included for backward compatibility only.

Required: Yes

Type: String

Allowed values: DENY_ACCESS | GRANT_ACCESS

Update requires: No interruption