/AWS1/CL_LKF=>GETTEMPORARYGLUETABLECREDS()¶
About GetTemporaryGlueTableCredentials¶
Allows a caller in a secure environment to assume a role with permission to access Amazon S3. In order to vend such credentials, Lake Formation assumes the role associated with a registered location, for example an Amazon S3 bucket, with a scope down policy which restricts the access to a single prefix.
Method Signature¶
IMPORTING¶
Required arguments:¶
IV_TABLEARN TYPE /AWS1/LKFRESOURCEARNSTRING /AWS1/LKFRESOURCEARNSTRING¶
The ARN identifying a table in the Data Catalog for the temporary credentials request.
Optional arguments:¶
IT_PERMISSIONS TYPE /AWS1/CL_LKFPERMISSIONLIST_W=>TT_PERMISSIONLIST TT_PERMISSIONLIST¶
Filters the request based on the user having been granted a list of specified permissions on the requested resource(s).
IV_DURATIONSECONDS TYPE /AWS1/LKFCREDTODURSECINTEGER /AWS1/LKFCREDTODURSECINTEGER¶
The time period, between 900 and 21,600 seconds, for the timeout of the temporary credentials.
IO_AUDITCONTEXT TYPE REF TO /AWS1/CL_LKFAUDITCONTEXT /AWS1/CL_LKFAUDITCONTEXT¶
A structure representing context to access a resource (column names, query ID, etc).
IT_SUPPORTEDPERMISSIONTYPES TYPE /AWS1/CL_LKFPERMTYPELIST_W=>TT_PERMISSIONTYPELIST TT_PERMISSIONTYPELIST¶
A list of supported permission types for the table. Valid values are
COLUMN_PERMISSIONandCELL_FILTER_PERMISSION.
IV_S3PATH TYPE /AWS1/LKFPATHSTRING /AWS1/LKFPATHSTRING¶
The Amazon S3 path for the table.
IO_QUERYSESSIONCONTEXT TYPE REF TO /AWS1/CL_LKFQUERYSESSCONTEXT /AWS1/CL_LKFQUERYSESSCONTEXT¶
A structure used as a protocol between query engines and Lake Formation or Glue. Contains both a Lake Formation generated authorization identifier and information from the request's authorization context.