AWS cli documentation change
Summary
Added documentation for new RowLevelPermissionDataSetMap configuration in data preparation experience and updated CLI version
Security assessment
Introduces documentation for row-level security (RLS) configuration in the new data preparation experience, including permissions policies and access control mechanisms. This clarifies security controls but does not indicate a security issue fix.
Diff
diff --git a/cli/latest/reference/quicksight/search-data-sets.md b/cli/latest/reference/quicksight/search-data-sets.md index 1ccaf0296..1a38e299f 100644 --- a//cli/latest/reference/quicksight/search-data-sets.md +++ b//cli/latest/reference/quicksight/search-data-sets.md @@ -15 +15 @@ - * [AWS CLI 2.31.28 Command Reference](../../index.html) » + * [AWS CLI 2.31.31 Command Reference](../../index.html) » @@ -354 +354 @@ DataSetSummaries -> (list) ->>> The row-level security configuration for the dataset. +>>> The row-level security configuration for the dataset in the legacy data preparation experience. @@ -404,0 +405,70 @@ DataSetSummaries -> (list) +>> +>> RowLevelPermissionDataSetMap -> (map) +>> +>>> The row-level security configuration for the dataset in the new data preparation experience. +>>> +>>> key -> (string) +>>> +>>>> Constraints: +>>>> +>>>> * min: `1` +>>>> * max: `64` +>>>> * pattern: `[0-9a-zA-Z-]*` +>>>> + +>>> +>>> value -> (structure) +>>> +>>>> Information about a dataset that contains permissions for row-level security (RLS). The permissions dataset maps fields to users or groups. For more information, see [Using Row-Level Security (RLS) to Restrict Access to a Dataset](https://docs.aws.amazon.com/quicksight/latest/user/restrict-access-to-a-data-set-using-row-level-security.html) in the _Quick Sight User Guide_ . +>>>> +>>>> The option to deny permissions by setting `PermissionPolicy` to `DENY_ACCESS` is not supported for new RLS datasets. +>>>> +>>>> Namespace -> (string) +>>>> +>>>>> The namespace associated with the dataset that contains permissions for RLS. +>>>>> +>>>>> Constraints: +>>>>> +>>>>> * max: `64` +>>>>> * pattern: `^[a-zA-Z0-9._-]*$` +>>>>> + +>>>> +>>>> Arn -> (string) [required] +>>>> +>>>>> The Amazon Resource Name (ARN) of the dataset that contains permissions for RLS. +>>>> +>>>> PermissionPolicy -> (string) [required] +>>>> +>>>>> The type of permissions to use when interpreting the permissions for RLS. `DENY_ACCESS` is included for backward compatibility only. +>>>>> +>>>>> Possible values: +>>>>> +>>>>> * `GRANT_ACCESS` +>>>>> * `DENY_ACCESS` +>>>>> + +>>>> +>>>> FormatVersion -> (string) +>>>> +>>>>> The user or group rules associated with the dataset that contains permissions for RLS. +>>>>> +>>>>> By default, `FormatVersion` is `VERSION_1` . When `FormatVersion` is `VERSION_1` , `UserName` and `GroupName` are required. When `FormatVersion` is `VERSION_2` , `UserARN` and `GroupARN` are required, and `Namespace` must not exist. +>>>>> +>>>>> Possible values: +>>>>> +>>>>> * `VERSION_1` +>>>>> * `VERSION_2` +>>>>> + +>>>> +>>>> Status -> (string) +>>>> +>>>>> The status of the row-level security permission dataset. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` . +>>>>> +>>>>> Possible values: +>>>>> +>>>>> * `ENABLED` +>>>>> * `DISABLED` +>>>>> + @@ -446 +516 @@ RequestId -> (string) - * [AWS CLI 2.31.28 Command Reference](../../index.html) » + * [AWS CLI 2.31.31 Command Reference](../../index.html) »