software.amazon.awssdk.services.lakeformation.model

Interface DataLakeSettings.Builder

All Superinterfaces:

Buildable, CopyableBuilder<DataLakeSettings.Builder,DataLakeSettings>, SdkBuilder<DataLakeSettings.Builder,DataLakeSettings>, SdkPojo

Enclosing class:

DataLakeSettings

public static interface DataLakeSettings.Builder
extends SdkPojo, CopyableBuilder<DataLakeSettings.Builder,DataLakeSettings>

Method Summary

Modifier and Type	Method and Description
DataLakeSettings.Builder	allowExternalDataFiltering(Boolean allowExternalDataFiltering) Whether to allow Amazon EMR clusters to access data managed by Lake Formation.
DataLakeSettings.Builder	authorizedSessionTagValueList(Collection<String> authorizedSessionTagValueList) Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it.
DataLakeSettings.Builder	authorizedSessionTagValueList(String... authorizedSessionTagValueList) Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it.
DataLakeSettings.Builder	createDatabaseDefaultPermissions(Collection<PrincipalPermissions> createDatabaseDefaultPermissions) Specifies whether access control on newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.
DataLakeSettings.Builder	createDatabaseDefaultPermissions(Consumer<PrincipalPermissions.Builder>... createDatabaseDefaultPermissions) Specifies whether access control on newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.
DataLakeSettings.Builder	createDatabaseDefaultPermissions(PrincipalPermissions... createDatabaseDefaultPermissions) Specifies whether access control on newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.
DataLakeSettings.Builder	createTableDefaultPermissions(Collection<PrincipalPermissions> createTableDefaultPermissions) Specifies whether access control on newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.
DataLakeSettings.Builder	createTableDefaultPermissions(Consumer<PrincipalPermissions.Builder>... createTableDefaultPermissions) Specifies whether access control on newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.
DataLakeSettings.Builder	createTableDefaultPermissions(PrincipalPermissions... createTableDefaultPermissions) Specifies whether access control on newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.
DataLakeSettings.Builder	dataLakeAdmins(Collection<DataLakePrincipal> dataLakeAdmins) A list of Lake Formation principals.
DataLakeSettings.Builder	dataLakeAdmins(Consumer<DataLakePrincipal.Builder>... dataLakeAdmins) A list of Lake Formation principals.
DataLakeSettings.Builder	dataLakeAdmins(DataLakePrincipal... dataLakeAdmins) A list of Lake Formation principals.
DataLakeSettings.Builder	externalDataFilteringAllowList(Collection<DataLakePrincipal> externalDataFilteringAllowList) A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.>
DataLakeSettings.Builder	externalDataFilteringAllowList(Consumer<DataLakePrincipal.Builder>... externalDataFilteringAllowList) A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.>
DataLakeSettings.Builder	externalDataFilteringAllowList(DataLakePrincipal... externalDataFilteringAllowList) A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.>
DataLakeSettings.Builder	trustedResourceOwners(Collection<String> trustedResourceOwners) A list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs).
DataLakeSettings.Builder	trustedResourceOwners(String... trustedResourceOwners) A list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs).

Methods inherited from interface software.amazon.awssdk.core.SdkPojo

equalsBySdkFields, sdkFields

Methods inherited from interface software.amazon.awssdk.utils.builder.CopyableBuilder

copy

Methods inherited from interface software.amazon.awssdk.utils.builder.SdkBuilder

applyMutation, build

Method Detail

dataLakeAdmins

DataLakeSettings.Builder dataLakeAdmins(Collection<DataLakePrincipal> dataLakeAdmins)

A list of Lake Formation principals. Supported principals are IAM users or IAM roles.

Parameters:

dataLakeAdmins - A list of Lake Formation principals. Supported principals are IAM users or IAM roles.

Returns:

Returns a reference to this object so that method calls can be chained together.

dataLakeAdmins

DataLakeSettings.Builder dataLakeAdmins(DataLakePrincipal... dataLakeAdmins)

A list of Lake Formation principals. Supported principals are IAM users or IAM roles.

Parameters:

dataLakeAdmins - A list of Lake Formation principals. Supported principals are IAM users or IAM roles.

Returns:

Returns a reference to this object so that method calls can be chained together.

dataLakeAdmins

DataLakeSettings.Builder dataLakeAdmins(Consumer<DataLakePrincipal.Builder>... dataLakeAdmins)

A list of Lake Formation principals. Supported principals are IAM users or IAM roles.

This is a convenience that creates an instance of the List.Builder avoiding the need to create one manually via List#builder(). When the Consumer completes, List.Builder#build() is called immediately and its result is passed to #dataLakeAdmins(List).

Parameters:

dataLakeAdmins - a consumer that will call methods on List.Builder

Returns:

Returns a reference to this object so that method calls can be chained together.

See Also:

#dataLakeAdmins(List)

createDatabaseDefaultPermissions

DataLakeSettings.Builder createDatabaseDefaultPermissions(Collection<PrincipalPermissions> createDatabaseDefaultPermissions)

Specifies whether access control on newly created database is managed by Lake Formation permissions or exclusively by IAM permissions. You can override this default setting when you create a database.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

Parameters:

createDatabaseDefaultPermissions - Specifies whether access control on newly created database is managed by Lake Formation permissions or exclusively by IAM permissions. You can override this default setting when you create a database.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

Returns:

Returns a reference to this object so that method calls can be chained together.

createDatabaseDefaultPermissions

DataLakeSettings.Builder createDatabaseDefaultPermissions(PrincipalPermissions... createDatabaseDefaultPermissions)

Specifies whether access control on newly created database is managed by Lake Formation permissions or exclusively by IAM permissions. You can override this default setting when you create a database.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

Parameters:

createDatabaseDefaultPermissions - Specifies whether access control on newly created database is managed by Lake Formation permissions or exclusively by IAM permissions. You can override this default setting when you create a database.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

Returns:

Returns a reference to this object so that method calls can be chained together.

createDatabaseDefaultPermissions

DataLakeSettings.Builder createDatabaseDefaultPermissions(Consumer<PrincipalPermissions.Builder>... createDatabaseDefaultPermissions)

Specifies whether access control on newly created database is managed by Lake Formation permissions or exclusively by IAM permissions. You can override this default setting when you create a database.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

This is a convenience that creates an instance of the List.Builder avoiding the need to create one manually via List#builder(). When the Consumer completes, List.Builder#build() is called immediately and its result is passed to #createDatabaseDefaultPermissions(List).

Parameters:

createDatabaseDefaultPermissions - a consumer that will call methods on List.Builder

Returns:

Returns a reference to this object so that method calls can be chained together.

See Also:

#createDatabaseDefaultPermissions(List)

createTableDefaultPermissions

DataLakeSettings.Builder createTableDefaultPermissions(Collection<PrincipalPermissions> createTableDefaultPermissions)

Specifies whether access control on newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

Parameters:

createTableDefaultPermissions - Specifies whether access control on newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

Returns:

Returns a reference to this object so that method calls can be chained together.

createTableDefaultPermissions

DataLakeSettings.Builder createTableDefaultPermissions(PrincipalPermissions... createTableDefaultPermissions)

Specifies whether access control on newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

Parameters:

createTableDefaultPermissions - Specifies whether access control on newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

Returns:

Returns a reference to this object so that method calls can be chained together.

createTableDefaultPermissions

DataLakeSettings.Builder createTableDefaultPermissions(Consumer<PrincipalPermissions.Builder>... createTableDefaultPermissions)

Specifies whether access control on newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.

A null value indicates access control by Lake Formation permissions. A value that assigns ALL to IAM_ALLOWED_PRINCIPALS indicates access control by IAM permissions. This is referred to as the setting "Use only IAM access control," and is for backward compatibility with the Glue permission model implemented by IAM permissions.

The only permitted values are an empty array or an array that contains a single JSON object that grants ALL to IAM_ALLOWED_PRINCIPALS.

For more information, see Changing the Default Security Settings for Your Data Lake.

This is a convenience that creates an instance of the List.Builder avoiding the need to create one manually via List#builder(). When the Consumer completes, List.Builder#build() is called immediately and its result is passed to #createTableDefaultPermissions(List).

Parameters:

createTableDefaultPermissions - a consumer that will call methods on List.Builder

Returns:

Returns a reference to this object so that method calls can be chained together.

See Also:

#createTableDefaultPermissions(List)

trustedResourceOwners

DataLakeSettings.Builder trustedResourceOwners(Collection<String> trustedResourceOwners)

A list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log.

You may want to specify this property when you are in a high-trust boundary, such as the same team or company.

Parameters:

trustedResourceOwners - A list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log.

You may want to specify this property when you are in a high-trust boundary, such as the same team or company.

Returns:

Returns a reference to this object so that method calls can be chained together.

trustedResourceOwners

DataLakeSettings.Builder trustedResourceOwners(String... trustedResourceOwners)

A list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log.

You may want to specify this property when you are in a high-trust boundary, such as the same team or company.

Parameters:

trustedResourceOwners - A list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log.

You may want to specify this property when you are in a high-trust boundary, such as the same team or company.

Returns:

Returns a reference to this object so that method calls can be chained together.

allowExternalDataFiltering

DataLakeSettings.Builder allowExternalDataFiltering(Boolean allowExternalDataFiltering)

Whether to allow Amazon EMR clusters to access data managed by Lake Formation.

If true, you allow Amazon EMR clusters to access data in Amazon S3 locations that are registered with Lake Formation.

If false or null, no Amazon EMR clusters will be able to access data in Amazon S3 locations that are registered with Lake Formation.

For more information, see (Optional) Allow Data Filtering on Amazon EMR.

Parameters:

allowExternalDataFiltering - Whether to allow Amazon EMR clusters to access data managed by Lake Formation.

If true, you allow Amazon EMR clusters to access data in Amazon S3 locations that are registered with Lake Formation.

If false or null, no Amazon EMR clusters will be able to access data in Amazon S3 locations that are registered with Lake Formation.

For more information, see (Optional) Allow Data Filtering on Amazon EMR.

Returns:

Returns a reference to this object so that method calls can be chained together.

externalDataFilteringAllowList

DataLakeSettings.Builder externalDataFilteringAllowList(Collection<DataLakePrincipal> externalDataFilteringAllowList)

A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.>

Parameters:

externalDataFilteringAllowList - A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.>

Returns:

Returns a reference to this object so that method calls can be chained together.

externalDataFilteringAllowList

DataLakeSettings.Builder externalDataFilteringAllowList(DataLakePrincipal... externalDataFilteringAllowList)

A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.>

Parameters:

externalDataFilteringAllowList - A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.>

Returns:

Returns a reference to this object so that method calls can be chained together.

externalDataFilteringAllowList

DataLakeSettings.Builder externalDataFilteringAllowList(Consumer<DataLakePrincipal.Builder>... externalDataFilteringAllowList)

A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.>

This is a convenience that creates an instance of the List.Builder avoiding the need to create one manually via List#builder(). When the Consumer completes, List.Builder#build() is called immediately and its result is passed to #externalDataFilteringAllowList(List).

Parameters:

externalDataFilteringAllowList - a consumer that will call methods on List.Builder

Returns:

Returns a reference to this object so that method calls can be chained together.

See Also:

#externalDataFilteringAllowList(List)

authorizedSessionTagValueList

DataLakeSettings.Builder authorizedSessionTagValueList(Collection<String> authorizedSessionTagValueList)

Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. Lake Formation will publish the acceptable key-value pair, for example key = "LakeFormationTrustedCaller" and value = "TRUE" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation's administrative APIs.

Parameters:

authorizedSessionTagValueList - Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. Lake Formation will publish the acceptable key-value pair, for example key = "LakeFormationTrustedCaller" and value = "TRUE" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation's administrative APIs.

Returns:

Returns a reference to this object so that method calls can be chained together.

authorizedSessionTagValueList

DataLakeSettings.Builder authorizedSessionTagValueList(String... authorizedSessionTagValueList)

Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. Lake Formation will publish the acceptable key-value pair, for example key = "LakeFormationTrustedCaller" and value = "TRUE" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation's administrative APIs.

Parameters:

authorizedSessionTagValueList - Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. Lake Formation will publish the acceptable key-value pair, for example key = "LakeFormationTrustedCaller" and value = "TRUE" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation's administrative APIs.

Returns:

Returns a reference to this object so that method calls can be chained together.