AWS::QuickSight::DataSet RowLevelPermissionDataSet
Information about a dataset that contains permissions for row-level security (RLS). The permissions dataset maps fields to users or groups. For more information, see Using Row-Level Security (RLS) to Restrict Access to a Dataset in the Amazon QuickSight User Guide.
The option to deny permissions by setting PermissionPolicy
to DENY_ACCESS
is
not supported for new RLS datasets.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Arn" :
String
, "FormatVersion" :String
, "Namespace" :String
, "PermissionPolicy" :String
, "Status" :String
}
YAML
Arn:
String
FormatVersion:String
Namespace:String
PermissionPolicy:String
Status:String
Properties
Arn
-
The Amazon Resource Name (ARN) of the dataset that contains permissions for RLS.
Required: Yes
Type: String
Update requires: No interruption
FormatVersion
-
The user or group rules associated with the dataset that contains permissions for RLS.
By default,
FormatVersion
isVERSION_1
. WhenFormatVersion
isVERSION_1
,UserName
andGroupName
are required. WhenFormatVersion
isVERSION_2
,UserARN
andGroupARN
are required, andNamespace
must not exist.Required: No
Type: String
Allowed values:
VERSION_1 | VERSION_2
Update requires: No interruption
Namespace
-
The namespace associated with the dataset that contains permissions for RLS.
Required: No
Type: String
Pattern:
^[a-zA-Z0-9._-]*$
Minimum:
0
Maximum:
64
Update requires: No interruption
PermissionPolicy
-
The type of permissions to use when interpreting the permissions for RLS.
DENY_ACCESS
is included for backward compatibility only.Required: Yes
Type: String
Allowed values:
GRANT_ACCESS | DENY_ACCESS
Update requires: No interruption
Status
-
The status of the row-level security permission dataset. If enabled, the status is
ENABLED
. If disabled, the status isDISABLED
.Required: No
Type: String
Allowed values:
ENABLED | DISABLED
Update requires: No interruption