AWS::QuickSight::DataSet RowLevelPermissionDataSet
Information about a dataset that contains permissions for row-level security (RLS). The permissions dataset maps fields to users or groups. For more information, see Using Row-Level Security (RLS) to Restrict Access to a Dataset in the Amazon QuickSight User Guide.
The option to deny permissions by setting PermissionPolicy to DENY_ACCESS is
not supported for new RLS datasets.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Arn" :String, "FormatVersion" :String, "Namespace" :String, "PermissionPolicy" :String, "Status" :String}
YAML
Arn:StringFormatVersion:StringNamespace:StringPermissionPolicy:StringStatus:String
Properties
Arn-
The Amazon Resource Name (ARN) of the dataset that contains permissions for RLS.
Required: Yes
Type: String
Update requires: No interruption
FormatVersion-
The user or group rules associated with the dataset that contains permissions for RLS.
By default,
FormatVersionisVERSION_1. WhenFormatVersionisVERSION_1,UserNameandGroupNameare required. WhenFormatVersionisVERSION_2,UserARNandGroupARNare required, andNamespacemust not exist.Required: No
Type: String
Allowed values:
VERSION_1 | VERSION_2Update requires: No interruption
Namespace-
The namespace associated with the dataset that contains permissions for RLS.
Required: No
Type: String
Pattern:
^[a-zA-Z0-9._-]*$Minimum:
0Maximum:
64Update requires: No interruption
PermissionPolicy-
The type of permissions to use when interpreting the permissions for RLS.
DENY_ACCESSis included for backward compatibility only.Required: Yes
Type: String
Allowed values:
GRANT_ACCESS | DENY_ACCESSUpdate requires: No interruption
Status-
The status of the row-level security permission dataset. If enabled, the status is
ENABLED. If disabled, the status isDISABLED.Required: No
Type: String
Allowed values:
ENABLED | DISABLEDUpdate requires: No interruption
