AWS cli documentation change
Summary
Added documentation for RowLevelPermissionDataSetMap configuration in new data preparation experience. Updated CLI version from 2.31.28 to 2.31.31.
Security assessment
The change adds documentation for row-level security (RLS) configuration in the new data preparation experience, including details about permission policies (GRANT_ACCESS/DENY_ACCESS), ARN requirements, and status monitoring. While this enhances security documentation, there is no evidence of addressing a specific security vulnerability.
Diff
diff --git a/cli/latest/reference/quicksight/list-data-sets.md b/cli/latest/reference/quicksight/list-data-sets.md index 2fe202b1e..395f12829 100644 --- a//cli/latest/reference/quicksight/list-data-sets.md +++ b//cli/latest/reference/quicksight/list-data-sets.md @@ -15 +15 @@ - * [AWS CLI 2.31.28 Command Reference](../../index.html) » + * [AWS CLI 2.31.31 Command Reference](../../index.html) » @@ -276 +276 @@ DataSetSummaries -> (list) ->>> The row-level security configuration for the dataset. +>>> The row-level security configuration for the dataset in the legacy data preparation experience. @@ -326,0 +327,70 @@ DataSetSummaries -> (list) +>> +>> RowLevelPermissionDataSetMap -> (map) +>> +>>> The row-level security configuration for the dataset in the new data preparation experience. +>>> +>>> key -> (string) +>>> +>>>> Constraints: +>>>> +>>>> * min: `1` +>>>> * max: `64` +>>>> * pattern: `[0-9a-zA-Z-]*` +>>>> + +>>> +>>> value -> (structure) +>>> +>>>> Information about a dataset that contains permissions for row-level security (RLS). The permissions dataset maps fields to users or groups. For more information, see [Using Row-Level Security (RLS) to Restrict Access to a Dataset](https://docs.aws.amazon.com/quicksight/latest/user/restrict-access-to-a-data-set-using-row-level-security.html) in the _Quick Sight User Guide_ . +>>>> +>>>> The option to deny permissions by setting `PermissionPolicy` to `DENY_ACCESS` is not supported for new RLS datasets. +>>>> +>>>> Namespace -> (string) +>>>> +>>>>> The namespace associated with the dataset that contains permissions for RLS. +>>>>> +>>>>> Constraints: +>>>>> +>>>>> * max: `64` +>>>>> * pattern: `^[a-zA-Z0-9._-]*$` +>>>>> + +>>>> +>>>> Arn -> (string) [required] +>>>> +>>>>> The Amazon Resource Name (ARN) of the dataset that contains permissions for RLS. +>>>> +>>>> PermissionPolicy -> (string) [required] +>>>> +>>>>> The type of permissions to use when interpreting the permissions for RLS. `DENY_ACCESS` is included for backward compatibility only. +>>>>> +>>>>> Possible values: +>>>>> +>>>>> * `GRANT_ACCESS` +>>>>> * `DENY_ACCESS` +>>>>> + +>>>> +>>>> FormatVersion -> (string) +>>>> +>>>>> The user or group rules associated with the dataset that contains permissions for RLS. +>>>>> +>>>>> By default, `FormatVersion` is `VERSION_1` . When `FormatVersion` is `VERSION_1` , `UserName` and `GroupName` are required. When `FormatVersion` is `VERSION_2` , `UserARN` and `GroupARN` are required, and `Namespace` must not exist. +>>>>> +>>>>> Possible values: +>>>>> +>>>>> * `VERSION_1` +>>>>> * `VERSION_2` +>>>>> + +>>>> +>>>> Status -> (string) +>>>> +>>>>> The status of the row-level security permission dataset. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` . +>>>>> +>>>>> Possible values: +>>>>> +>>>>> * `ENABLED` +>>>>> * `DISABLED` +>>>>> + @@ -368 +438 @@ Status -> (integer) - * [AWS CLI 2.31.28 Command Reference](../../index.html) » + * [AWS CLI 2.31.31 Command Reference](../../index.html) »