FinSpace Public API

2022/06/15 - FinSpace Public API - 5 new 1 updated api methods

Changes  This release adds a new set of APIs, GetPermissionGroup, DisassociateUserFromPermissionGroup, AssociateUserToPermissionGroup, ListPermissionGroupsByUser, ListUsersByPermissionGroup.

GetPermissionGroup (new) Link ¶

Retrieves the details of a specific permission group.

See also: AWS API Documentation

Request Syntax

client.get_permission_group(
    permissionGroupId='string'
)
type permissionGroupId

string

param permissionGroupId

[REQUIRED]

The unique identifier for the permission group.

rtype

dict

returns

Response Syntax

{
    'permissionGroup': {
        'permissionGroupId': 'string',
        'name': 'string',
        'description': 'string',
        'applicationPermissions': [
            'CreateDataset'|'ManageClusters'|'ManageUsersAndGroups'|'ManageAttributeSets'|'ViewAuditData'|'AccessNotebooks'|'GetTemporaryCredentials',
        ],
        'createTime': 123,
        'lastModifiedTime': 123,
        'membershipStatus': 'ADDITION_IN_PROGRESS'|'ADDITION_SUCCESS'|'REMOVAL_IN_PROGRESS'
    }
}

Response Structure

  • (dict) --

    • permissionGroup (dict) --

      The structure for a permission group.

      • permissionGroupId (string) --

        The unique identifier for the permission group.

      • name (string) --

        The name of the permission group.

      • description (string) --

        A brief description for the permission group.

      • applicationPermissions (list) --

        Indicates the permissions that are granted to a specific group for accessing the FinSpace application.

        • CreateDataset – Group members can create new datasets.

        • ManageClusters – Group members can manage Apache Spark clusters from FinSpace notebooks.

        • ManageUsersAndGroups – Group members can manage users and permission groups.

        • ManageAttributeSets – Group members can manage attribute sets.

        • ViewAuditData – Group members can view audit data.

        • AccessNotebooks – Group members will have access to FinSpace notebooks.

        • GetTemporaryCredentials – Group members can get temporary API credentials.

        • (string) --

      • createTime (integer) --

        The timestamp at which the group was created in FinSpace. The value is determined as epoch time in milliseconds.

      • lastModifiedTime (integer) --

        Describes the last time the permission group was updated. The value is determined as epoch time in milliseconds.

      • membershipStatus (string) --

        Indicates the status of the user account within a permission group.

        • ADDITION_IN_PROGRESS – The user account is currently being added to the permission group.

        • ADDITION_SUCCESS – The user account is successfully added to the permission group.

        • REMOVAL_IN_PROGRESS – The user is currently being removed from the permission group.

DisassociateUserFromPermissionGroup (new) Link ¶

Removes a user account from a permission group.

See also: AWS API Documentation

Request Syntax

client.disassociate_user_from_permission_group(
    permissionGroupId='string',
    userId='string',
    clientToken='string'
)
type permissionGroupId

string

param permissionGroupId

[REQUIRED]

The unique identifier for the permission group.

type userId

string

param userId

[REQUIRED]

The unique identifier for the user.

type clientToken

string

param clientToken

A token that ensures idempotency. This token expires in 10 minutes.

This field is autopopulated if not provided.

rtype

dict

returns

Response Syntax

{
    'statusCode': 123
}

Response Structure

  • (dict) --

    • statusCode (integer) --

      The returned status code of the response.

ListPermissionGroupsByUser (new) Link ¶

Lists all the permission groups that are associated with a specific user account.

See also: AWS API Documentation

Request Syntax

client.list_permission_groups_by_user(
    userId='string',
    nextToken='string',
    maxResults=123
)
type userId

string

param userId

[REQUIRED]

The unique identifier for the user.

type nextToken

string

param nextToken

A token that indicates where a results page should begin.

type maxResults

integer

param maxResults

[REQUIRED]

The maximum number of results per page.

rtype

dict

returns

Response Syntax

{
    'permissionGroups': [
        {
            'permissionGroupId': 'string',
            'name': 'string',
            'membershipStatus': 'ADDITION_IN_PROGRESS'|'ADDITION_SUCCESS'|'REMOVAL_IN_PROGRESS'
        },
    ],
    'nextToken': 'string'
}

Response Structure

  • (dict) --

    • permissionGroups (list) --

      A list of returned permission groups.

      • (dict) --

        The structure of a permission group associated with a user account.

        • permissionGroupId (string) --

          The unique identifier for the permission group.

        • name (string) --

          The name of the permission group.

        • membershipStatus (string) --

          Indicates the status of the user account within a permission group.

          • ADDITION_IN_PROGRESS – The user account is currently being added to the permission group.

          • ADDITION_SUCCESS – The user account is successfully added to the permission group.

          • REMOVAL_IN_PROGRESS – The user is currently being removed from the permission group.

    • nextToken (string) --

      A token that indicates where a results page should begin.

AssociateUserToPermissionGroup (new) Link ¶

Adds a user account to a permission group to grant permissions for actions a user can perform in FinSpace.

See also: AWS API Documentation

Request Syntax

client.associate_user_to_permission_group(
    permissionGroupId='string',
    userId='string',
    clientToken='string'
)
type permissionGroupId

string

param permissionGroupId

[REQUIRED]

The unique identifier for the permission group.

type userId

string

param userId

[REQUIRED]

The unique identifier for the user.

type clientToken

string

param clientToken

A token that ensures idempotency. This token expires in 10 minutes.

This field is autopopulated if not provided.

rtype

dict

returns

Response Syntax

{
    'statusCode': 123
}

Response Structure

  • (dict) --

    • statusCode (integer) --

      The returned status code of the response.

ListUsersByPermissionGroup (new) Link ¶

Lists details of all the users in a specific permission group.

See also: AWS API Documentation

Request Syntax

client.list_users_by_permission_group(
    permissionGroupId='string',
    nextToken='string',
    maxResults=123
)
type permissionGroupId

string

param permissionGroupId

[REQUIRED]

The unique identifier for the permission group.

type nextToken

string

param nextToken

A token that indicates where a results page should begin.

type maxResults

integer

param maxResults

[REQUIRED]

The maximum number of results per page.

rtype

dict

returns

Response Syntax

{
    'users': [
        {
            'userId': 'string',
            'status': 'CREATING'|'ENABLED'|'DISABLED',
            'firstName': 'string',
            'lastName': 'string',
            'emailAddress': 'string',
            'type': 'SUPER_USER'|'APP_USER',
            'apiAccess': 'ENABLED'|'DISABLED',
            'apiAccessPrincipalArn': 'string',
            'membershipStatus': 'ADDITION_IN_PROGRESS'|'ADDITION_SUCCESS'|'REMOVAL_IN_PROGRESS'
        },
    ],
    'nextToken': 'string'
}

Response Structure

  • (dict) --

    • users (list) --

      Lists details of all users in a specific permission group.

      • (dict) --

        The structure of a user account associated with a permission group.

        • userId (string) --

          The unique identifier for the user.

        • status (string) --

          The current status of the user account.

          • CREATING – The user account creation is in progress.

          • ENABLED – The user account is created and is currently active.

          • DISABLED – The user account is currently inactive.

        • firstName (string) --

          The first name of the user.

        • lastName (string) --

          The last name of the user.

        • emailAddress (string) --

          The email address of the user. The email address serves as a unique identifier for each user and cannot be changed after it's created.

        • type (string) --

          Indicates the type of user.

          • SUPER_USER – A user with permission to all the functionality and data in FinSpace.

          • APP_USER – A user with specific permissions in FinSpace. The users are assigned permissions by adding them to a permission group.

        • apiAccess (string) --

          Indicates whether the user can access FinSpace API operations.

          • ENABLED – The user has permissions to use the API operations.

          • DISABLED – The user does not have permissions to use any API operations.

        • apiAccessPrincipalArn (string) --

          The IAM ARN identifier that is attached to FinSpace API calls.

        • membershipStatus (string) --

          Indicates the status of the user account within a permission group.

          • ADDITION_IN_PROGRESS – The user account is currently being added to the permission group.

          • ADDITION_SUCCESS – The user account is successfully added to the permission group.

          • REMOVAL_IN_PROGRESS – The user is currently being removed from the permission group.

    • nextToken (string) --

      A token that indicates where a results page should begin.

ListPermissionGroups (updated) Link ¶
Changes (response)
{'permissionGroups': {'membershipStatus': 'ADDITION_IN_PROGRESS | '
                                          'ADDITION_SUCCESS | '
                                          'REMOVAL_IN_PROGRESS'}}

Lists all available permission groups in FinSpace.

See also: AWS API Documentation

Request Syntax

client.list_permission_groups(
    nextToken='string',
    maxResults=123
)
type nextToken

string

param nextToken

A token that indicates where a results page should begin.

type maxResults

integer

param maxResults

[REQUIRED]

The maximum number of results per page.

rtype

dict

returns

Response Syntax

{
    'permissionGroups': [
        {
            'permissionGroupId': 'string',
            'name': 'string',
            'description': 'string',
            'applicationPermissions': [
                'CreateDataset'|'ManageClusters'|'ManageUsersAndGroups'|'ManageAttributeSets'|'ViewAuditData'|'AccessNotebooks'|'GetTemporaryCredentials',
            ],
            'createTime': 123,
            'lastModifiedTime': 123,
            'membershipStatus': 'ADDITION_IN_PROGRESS'|'ADDITION_SUCCESS'|'REMOVAL_IN_PROGRESS'
        },
    ],
    'nextToken': 'string'
}

Response Structure

  • (dict) --

    • permissionGroups (list) --

      A list of all the permission groups.

      • (dict) --

        The structure for a permission group.

        • permissionGroupId (string) --

          The unique identifier for the permission group.

        • name (string) --

          The name of the permission group.

        • description (string) --

          A brief description for the permission group.

        • applicationPermissions (list) --

          Indicates the permissions that are granted to a specific group for accessing the FinSpace application.

          • CreateDataset – Group members can create new datasets.

          • ManageClusters – Group members can manage Apache Spark clusters from FinSpace notebooks.

          • ManageUsersAndGroups – Group members can manage users and permission groups.

          • ManageAttributeSets – Group members can manage attribute sets.

          • ViewAuditData – Group members can view audit data.

          • AccessNotebooks – Group members will have access to FinSpace notebooks.

          • GetTemporaryCredentials – Group members can get temporary API credentials.

          • (string) --

        • createTime (integer) --

          The timestamp at which the group was created in FinSpace. The value is determined as epoch time in milliseconds.

        • lastModifiedTime (integer) --

          Describes the last time the permission group was updated. The value is determined as epoch time in milliseconds.

        • membershipStatus (string) --

          Indicates the status of the user account within a permission group.

          • ADDITION_IN_PROGRESS – The user account is currently being added to the permission group.

          • ADDITION_SUCCESS – The user account is successfully added to the permission group.

          • REMOVAL_IN_PROGRESS – The user is currently being removed from the permission group.

    • nextToken (string) --

      A token that indicates where a results page should begin.