user_profiles
Creates, updates, deletes or gets an user_profile resource or lists user_profiles in a region
Overview
| Name | user_profiles |
| Type | Resource |
| Description | A user profile represents Amazon DataZone users. Amazon DataZone supports both IAM roles and SSO identities to interact with the Amazon DataZone Management Console and the data portal for different purposes. Domain administrators use IAM roles to perform the initial administrative domain-related work in the Amazon DataZone Management Console, including creating new Amazon DataZone domains, configuring metadata form types, and implementing policies. Data workers use their SSO corporate identities via Identity Center to log into the Amazon DataZone Data Portal and access projects where they have memberships. |
| Id | awscc.datazone.user_profiles |
Fields
- get (all properties)
- list (identifiers only)
| Name | Datatype | Description |
|---|---|---|
details | object | |
domain_id | string | The identifier of the Amazon DataZone domain in which the user profile is created. |
domain_identifier | string | The identifier of the Amazon DataZone domain in which the user profile would be created. |
id | string | The ID of the Amazon DataZone user profile. |
status | string | The status of the user profile. |
type | string | The type of the user profile. |
user_identifier | string | The ID of the user. |
user_type | string | The type of the user. |
region | string | AWS region. |
| Name | Datatype | Description |
|---|---|---|
domain_id | string | The identifier of the Amazon DataZone domain in which the user profile is created. |
id | string | The ID of the Amazon DataZone user profile. |
region | string | AWS region. |
For more information, see AWS::DataZone::UserProfile.
Methods
| Name | Resource | Accessible by | Required Params |
|---|---|---|---|
create_resource | user_profiles | INSERT | DomainIdentifier, UserIdentifier, region |
delete_resource | user_profiles | DELETE | Identifier, region |
update_resource | user_profiles | UPDATE | Identifier, PatchDocument, region |
list_resources | user_profiles_list_only | SELECT | region |
get_resource | user_profiles | SELECT | Identifier, region |
SELECT examples
- get (all properties)
- list (identifiers only)
Gets all properties from an individual user_profile.
SELECT
region,
details,
domain_id,
domain_identifier,
id,
status,
type,
user_identifier,
user_type
FROM awscc.datazone.user_profiles
WHERE
region = 'us-east-1' AND
Identifier = '{{ domain_id }}|{{ id }}';
Lists all user_profiles in a region.
SELECT
region,
domain_id,
id
FROM awscc.datazone.user_profiles_list_only
WHERE
region = 'us-east-1';
INSERT example
Use the following StackQL query and manifest file to create a new user_profile resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO awscc.datazone.user_profiles (
DomainIdentifier,
UserIdentifier,
region
)
SELECT
'{{ domain_identifier }}',
'{{ user_identifier }}',
'{{ region }}';
/*+ create */
INSERT INTO awscc.datazone.user_profiles (
DomainIdentifier,
Status,
UserIdentifier,
UserType,
region
)
SELECT
'{{ domain_identifier }}',
'{{ status }}',
'{{ user_identifier }}',
'{{ user_type }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: user_profile
props:
- name: domain_identifier
value: '{{ domain_identifier }}'
- name: status
value: '{{ status }}'
- name: user_identifier
value: '{{ user_identifier }}'
- name: user_type
value: '{{ user_type }}'
UPDATE example
Use the following StackQL query and manifest file to update a user_profile resource, using stack-deploy.
/*+ update */
UPDATE awscc.datazone.user_profiles
SET PatchDocument = string('{{ {
"Status": status
} | generate_patch_document }}')
WHERE
region = '{{ region }}' AND
Identifier = '{{ domain_id }}|{{ id }}';
DELETE example
/*+ delete */
DELETE FROM awscc.datazone.user_profiles
WHERE
Identifier = '{{ domain_id }}|{{ id }}' AND
region = 'us-east-1';
Permissions
To operate on the user_profiles resource, the following permissions are required:
- Create
- Read
- Update
- Delete
- List
datazone:CreateUserProfile,
datazone:GetUserProfile,
datazone:UpdateUserProfile,
datazone:GetDomain,
sso:ListProfiles,
sso:GetProfile,
sso:AssociateProfile,
sso:DisassociateProfile,
iam:GetRole,
iam:GetUser
datazone:GetUserProfile
datazone:UpdateUserProfile,
datazone:GetUserProfile,
datazone:UpdateUserProfile,
sso:ListProfiles,
sso:GetProfile,
sso:AssociateProfile,
sso:DisassociateProfile,
iam:GetRole,
iam:GetUser
datazone:DeleteUserProfile,
datazone:GetUserProfile,
datazone:UpdateUserProfile,
sso:ListProfiles,
sso:GetProfile,
sso:AssociateProfile,
sso:DisassociateProfile,
iam:GetRole,
iam:GetUser
datazone:SearchUserProfiles