2022/02/28 - FinSpace Public API - 11 new api methods
Changes Add new APIs for managing Users and Permission Groups.
Creates a group of permissions for various actions that a user can perform in FinSpace.
See also: AWS API Documentation
Request Syntax
client.create_permission_group( name='string', description='string', applicationPermissions=[ 'CreateDataset'|'ManageClusters'|'ManageUsersAndGroups'|'ManageAttributeSets'|'ViewAuditData'|'AccessNotebooks'|'GetTemporaryCredentials', ], clientToken='string' )
string
[REQUIRED]
The name of the permission group.
string
A brief description for the permission group.
list
[REQUIRED]
The option to indicate FinSpace application permissions that are granted to a specific group.
CreateDataset – Group members can create new datasets.
ManageClusters – Group members can manage Apache Spark clusters from FinSpace notebooks.
ManageUsersAndGroups – Group members can manage users and permission groups.
ManageAttributeSets – Group members can manage attribute sets.
ViewAuditData – Group members can view audit data.
AccessNotebooks – Group members will have access to FinSpace notebooks.
GetTemporaryCredentials – Group members can get temporary API credentials.
(string) --
string
A token that ensures idempotency. This token expires in 10 minutes.
This field is autopopulated if not provided.
dict
Response Syntax
{ 'permissionGroupId': 'string' }
Response Structure
(dict) --
permissionGroupId (string) --
The unique identifier for the permission group.
Modifies the details of a permission group. You cannot modify a permissionGroupID .
See also: AWS API Documentation
Request Syntax
client.update_permission_group( permissionGroupId='string', name='string', description='string', applicationPermissions=[ 'CreateDataset'|'ManageClusters'|'ManageUsersAndGroups'|'ManageAttributeSets'|'ViewAuditData'|'AccessNotebooks'|'GetTemporaryCredentials', ], clientToken='string' )
string
[REQUIRED]
The unique identifier for the permission group to update.
string
The name of the permission group.
string
A brief description for the permission group.
list
The permissions that are granted to a specific group for accessing the FinSpace application.
CreateDataset – Group members can create new datasets.
ManageClusters – Group members can manage Apache Spark clusters from FinSpace notebooks.
ManageUsersAndGroups – Group members can manage users and permission groups.
ManageAttributeSets – Group members can manage attribute sets.
ViewAuditData – Group members can view audit data.
AccessNotebooks – Group members will have access to FinSpace notebooks.
GetTemporaryCredentials – Group members can get temporary API credentials.
(string) --
string
A token that ensures idempotency. This token expires in 10 minutes.
This field is autopopulated if not provided.
dict
Response Syntax
{ 'permissionGroupId': 'string' }
Response Structure
(dict) --
permissionGroupId (string) --
The unique identifier for the updated permission group.
Retrieves details for a specific user.
See also: AWS API Documentation
Request Syntax
client.get_user( userId='string' )
string
[REQUIRED]
The unique identifier of the user to get data for.
dict
Response Syntax
{ 'userId': 'string', 'status': 'CREATING'|'ENABLED'|'DISABLED', 'firstName': 'string', 'lastName': 'string', 'emailAddress': 'string', 'type': 'SUPER_USER'|'APP_USER', 'apiAccess': 'ENABLED'|'DISABLED', 'apiAccessPrincipalArn': 'string', 'createTime': 123, 'lastEnabledTime': 123, 'lastDisabledTime': 123, 'lastModifiedTime': 123, 'lastLoginTime': 123 }
Response Structure
(dict) --
userId (string) --
The unique identifier for the user account that is retrieved.
status (string) --
The current status of the user account.
CREATING – The user account creation is in progress.
ENABLED – The user account is created and is currently active.
DISABLED – The user account is currently inactive.
firstName (string) --
The first name of the user.
lastName (string) --
The last name of the user.
emailAddress (string) --
The email address that is associated with the user.
type (string) --
Indicates the type of user.
SUPER_USER – A user with permission to all the functionality and data in FinSpace.
APP_USER – A user with specific permissions in FinSpace. The users are assigned permissions by adding them to a permissions group.
apiAccess (string) --
Indicates whether the user can use the GetProgrammaticAccessCredentials API to obtain credentials that can then be used to access other FinSpace Data API operations.
ENABLED – The user has permissions to use the APIs.
DISABLED – The user does not have permissions to use any APIs.
apiAccessPrincipalArn (string) --
The ARN identifier of an AWS user or role that is allowed to call the GetProgrammaticAccessCredentials API to obtain a credentials token for a specific FinSpace user. This must be an IAM role within your FinSpace account.
createTime (integer) --
The timestamp at which the user account was created in FinSpace. The value is determined as epoch time in milliseconds.
lastEnabledTime (integer) --
Describes the last time the user account was enabled. The value is determined as epoch time in milliseconds.
lastDisabledTime (integer) --
Describes the last time the user account was disabled. The value is determined as epoch time in milliseconds.
lastModifiedTime (integer) --
Describes the last time the user account was updated. The value is determined as epoch time in milliseconds.
lastLoginTime (integer) --
Describes the last time that the user logged into their account. The value is determined as epoch time in milliseconds.
Denies access to the FinSpace web application and API for the specified user.
See also: AWS API Documentation
Request Syntax
client.disable_user( userId='string', clientToken='string' )
string
[REQUIRED]
The unique identifier for the user account that you want to disable.
string
A token that ensures idempotency. This token expires in 10 minutes.
This field is autopopulated if not provided.
dict
Response Syntax
{ 'userId': 'string' }
Response Structure
(dict) --
userId (string) --
The unique identifier for the disabled user account.
Creates a new user in FinSpace.
See also: AWS API Documentation
Request Syntax
client.create_user( emailAddress='string', type='SUPER_USER'|'APP_USER', firstName='string', lastName='string', ApiAccess='ENABLED'|'DISABLED', apiAccessPrincipalArn='string', clientToken='string' )
string
[REQUIRED]
The email address of the user that you want to register. The email address serves as a uniquer identifier for each user and cannot be changed after it's created.
string
[REQUIRED]
The option to indicate the type of user. Use one of the following options to specify this parameter:
SUPER_USER – A user with permission to all the functionality and data in FinSpace.
APP_USER – A user with specific permissions in FinSpace. The users are assigned permissions by adding them to a permission group.
string
The first name of the user that you want to register.
string
The last name of the user that you want to register.
string
The option to indicate whether the user can use the GetProgrammaticAccessCredentials API to obtain credentials that can then be used to access other FinSpace Data API operations.
ENABLED – The user has permissions to use the APIs.
DISABLED – The user does not have permissions to use any APIs.
string
The ARN identifier of an AWS user or role that is allowed to call the GetProgrammaticAccessCredentials API to obtain a credentials token for a specific FinSpace user. This must be an IAM role within your FinSpace account.
string
A token that ensures idempotency. This token expires in 10 minutes.
This field is autopopulated if not provided.
dict
Response Syntax
{ 'userId': 'string' }
Response Structure
(dict) --
userId (string) --
The unique identifier for the user.
Resets the password for a specified user ID and generates a temporary one. Only a superuser can reset password for other users. Resetting the password immediately invalidates the previous password associated with the user.
See also: AWS API Documentation
Request Syntax
client.reset_user_password( userId='string', clientToken='string' )
string
[REQUIRED]
The unique identifier of the user that a temporary password is requested for.
string
A token that ensures idempotency. This token expires in 10 minutes.
This field is autopopulated if not provided.
dict
Response Syntax
{ 'userId': 'string', 'temporaryPassword': 'string' }
Response Structure
(dict) --
userId (string) --
The unique identifier of the user that a new password is generated for.
temporaryPassword (string) --
A randomly generated temporary password for the requested user account. This password expires in 7 days.
Lists all available user accounts in FinSpace.
See also: AWS API Documentation
Request Syntax
client.list_users( nextToken='string', maxResults=123 )
string
A token that indicates where a results page should begin.
integer
[REQUIRED]
The maximum number of results per page.
dict
Response Syntax
{ 'users': [ { 'userId': 'string', 'status': 'CREATING'|'ENABLED'|'DISABLED', 'firstName': 'string', 'lastName': 'string', 'emailAddress': 'string', 'type': 'SUPER_USER'|'APP_USER', 'apiAccess': 'ENABLED'|'DISABLED', 'apiAccessPrincipalArn': 'string', 'createTime': 123, 'lastEnabledTime': 123, 'lastDisabledTime': 123, 'lastModifiedTime': 123, 'lastLoginTime': 123 }, ], 'nextToken': 'string' }
Response Structure
(dict) --
users (list) --
A list of all the user accounts.
(dict) --
The details of the user account.
userId (string) --
The unique identifier for the user.
status (string) --
The current status of the user account.
CREATING – The user account creation is in progress.
ENABLED – The user account is created and is currently active.
DISABLED – The user account is currently inactive.
firstName (string) --
The first name of the user.
lastName (string) --
The last name of the user.
emailAddress (string) --
The email address of the user. The email address serves as a uniquer identifier for each user and cannot be changed after it's created.
type (string) --
Indicates the type of user.
SUPER_USER – A user with permission to all the functionality and data in FinSpace.
APP_USER – A user with specific permissions in FinSpace. The users are assigned permissions by adding them to a permissions group.
apiAccess (string) --
Indicates whether the user can use the GetProgrammaticAccessCredentials API to obtain credentials that can then be used to access other FinSpace Data API operations.
ENABLED – The user has permissions to use the APIs.
DISABLED – The user does not have permissions to use any APIs.
apiAccessPrincipalArn (string) --
The ARN identifier of an AWS user or role that is allowed to call the GetProgrammaticAccessCredentials API to obtain a credentials token for a specific FinSpace user. This must be an IAM role within your FinSpace account.
createTime (integer) --
The timestamp at which the user account was created in FinSpace. The value is determined as epoch time in milliseconds.
lastEnabledTime (integer) --
Describes the last time the user account was enabled. The value is determined as epoch time in milliseconds.
lastDisabledTime (integer) --
Describes the last time the user account was disabled. The value is determined as epoch time in milliseconds.
lastModifiedTime (integer) --
Describes the last time the user account was updated. The value is determined as epoch time in milliseconds.
lastLoginTime (integer) --
Describes the last time that the user logged into their account. The value is determined as epoch time in milliseconds.
nextToken (string) --
A token that indicates where a results page should begin.
Allows the specified user to access the FinSpace web application and API.
See also: AWS API Documentation
Request Syntax
client.enable_user( userId='string', clientToken='string' )
string
[REQUIRED]
The unique identifier for the user account that you want to enable.
string
A token that ensures idempotency. This token expires in 10 minutes.
This field is autopopulated if not provided.
dict
Response Syntax
{ 'userId': 'string' }
Response Structure
(dict) --
userId (string) --
The unique identifier for the enabled user account.
Deletes a permission group. This action is irreversible.
See also: AWS API Documentation
Request Syntax
client.delete_permission_group( permissionGroupId='string', clientToken='string' )
string
[REQUIRED]
The unique identifier for the permission group that you want to delete.
string
A token that ensures idempotency. This token expires in 10 minutes.
This field is autopopulated if not provided.
dict
Response Syntax
{ 'permissionGroupId': 'string' }
Response Structure
(dict) --
permissionGroupId (string) --
The unique identifier for the deleted permission group.
Lists all available permission groups in FinSpace.
See also: AWS API Documentation
Request Syntax
client.list_permission_groups( nextToken='string', maxResults=123 )
string
A token that indicates where a results page should begin.
integer
[REQUIRED]
The maximum number of results per page.
dict
Response Syntax
{ 'permissionGroups': [ { 'permissionGroupId': 'string', 'name': 'string', 'description': 'string', 'applicationPermissions': [ 'CreateDataset'|'ManageClusters'|'ManageUsersAndGroups'|'ManageAttributeSets'|'ViewAuditData'|'AccessNotebooks'|'GetTemporaryCredentials', ], 'createTime': 123, 'lastModifiedTime': 123 }, ], 'nextToken': 'string' }
Response Structure
(dict) --
permissionGroups (list) --
A list of all the permission groups.
(dict) --
The structure for a permission group.
permissionGroupId (string) --
The unique identifier for the permission group.
name (string) --
The name of the permission group.
description (string) --
A brief description for the permission group.
applicationPermissions (list) --
Indicates the permissions that are granted to a specific group for accessing the FinSpace application.
CreateDataset – Group members can create new datasets.
ManageClusters – Group members can manage Apache Spark clusters from FinSpace notebooks.
ManageUsersAndGroups – Group members can manage users and permission groups.
ManageAttributeSets – Group members can manage attribute sets.
ViewAuditData – Group members can view audit data.
AccessNotebooks – Group members will have access to FinSpace notebooks.
GetTemporaryCredentials – Group members can get temporary API credentials.
(string) --
createTime (integer) --
The timestamp at which the group was created in FinSpace. The value is determined as epoch time in milliseconds.
lastModifiedTime (integer) --
Describes the last time the permission group was updated. The value is determined as epoch time in milliseconds.
nextToken (string) --
A token that indicates where a results page should begin.
Modifies the details of the specified user account. You cannot update the userId for a user.
See also: AWS API Documentation
Request Syntax
client.update_user( userId='string', type='SUPER_USER'|'APP_USER', firstName='string', lastName='string', apiAccess='ENABLED'|'DISABLED', apiAccessPrincipalArn='string', clientToken='string' )
string
[REQUIRED]
The unique identifier for the user account to update.
string
The option to indicate the type of user.
SUPER_USER – A user with permission to all the functionality and data in FinSpace.
APP_USER – A user with specific permissions in FinSpace. The users are assigned permissions by adding them to a permissions group.
string
The first name of the user.
string
The last name of the user.
string
The option to indicate whether the user can use the GetProgrammaticAccessCredentials API to obtain credentials that can then be used to access other FinSpace Data API operations.
ENABLED – The user has permissions to use the APIs.
DISABLED – The user does not have permissions to use any APIs.
string
The ARN identifier of an AWS user or role that is allowed to call the GetProgrammaticAccessCredentials API to obtain a credentials token for a specific FinSpace user. This must be an IAM role within your FinSpace account.
string
A token that ensures idempotency. This token expires in 10 minutes.
This field is autopopulated if not provided.
dict
Response Syntax
{ 'userId': 'string' }
Response Structure
(dict) --
userId (string) --
The unique identifier of the updated user account.