studio_session_mappings

Creates, updates, deletes or gets a studio_session_mapping resource or lists studio_session_mappings in a region

Overview

Name	`studio_session_mappings`
Type	Resource
Description	An example resource schema demonstrating some basic constructs and validation rules.
Id	`awscc.emr.studio_session_mappings`

Fields

get (all properties)
list (identifiers only)

Name	Datatype	Description
`identity_name`	`string`	The name of the user or group. For more information, see UserName and DisplayName in the AWS SSO Identity Store API Reference. Either IdentityName or IdentityId must be specified.
`identity_type`	`string`	Specifies whether the identity to map to the Studio is a user or a group.
`session_policy_arn`	`string`	The Amazon Resource Name (ARN) for the session policy that will be applied to the user or group. Session policies refine Studio user permissions without the need to use multiple IAM user roles.
`studio_id`	`string`	The ID of the Amazon EMR Studio to which the user or group will be mapped.
`region`	`string`	AWS region.

Name	Datatype	Description
`identity_name`	`string`	The name of the user or group. For more information, see UserName and DisplayName in the AWS SSO Identity Store API Reference. Either IdentityName or IdentityId must be specified.
`identity_type`	`string`	Specifies whether the identity to map to the Studio is a user or a group.
`studio_id`	`string`	The ID of the Amazon EMR Studio to which the user or group will be mapped.
`region`	`string`	AWS region.

For more information, see AWS::EMR::StudioSessionMapping.

Methods

Name	Resource	Accessible by	Required Params
`create_resource`	`studio_session_mappings`	`INSERT`	`StudioId, IdentityName, IdentityType, SessionPolicyArn, region`
`delete_resource`	`studio_session_mappings`	`DELETE`	`Identifier, region`
`update_resource`	`studio_session_mappings`	`UPDATE`	`Identifier, PatchDocument, region`
`list_resources`	`studio_session_mappings_list_only`	`SELECT`	`region`
`get_resource`	`studio_session_mappings`	`SELECT`	`Identifier, region`

`SELECT` examples

get (all properties)
list (identifiers only)

Gets all properties from an individual studio_session_mapping.

SELECT
  region,
  identity_name,
  identity_type,
  session_policy_arn,
  studio_id
FROM awscc.emr.studio_session_mappings
WHERE
  region = '{{ region }}' AND
  Identifier = '{{ studio_id }}|{{ identity_type }}|{{ identity_name }}';

Lists all studio_session_mappings in a region.

SELECT
  region,
  studio_id,
  identity_type,
  identity_name
FROM awscc.emr.studio_session_mappings_list_only
WHERE
  region = '{{ region }}';

`INSERT` example

Use the following StackQL query and manifest file to create a new studio_session_mapping resource, using stack-deploy.

Required Properties
All Properties
Manifest

/*+ create */
INSERT INTO awscc.emr.studio_session_mappings (
  IdentityName,
  IdentityType,
  SessionPolicyArn,
  StudioId,
  region
)
SELECT
  '{{ identity_name }}',
  '{{ identity_type }}',
  '{{ session_policy_arn }}',
  '{{ studio_id }}',
  '{{ region }}'
RETURNING
  ErrorCode,
  EventTime,
  Identifier,
  Operation,
  OperationStatus,
  RequestToken,
  ResourceModel,
  RetryAfter,
  StatusMessage,
  TypeName
;

/*+ create */
INSERT INTO awscc.emr.studio_session_mappings (
  IdentityName,
  IdentityType,
  SessionPolicyArn,
  StudioId,
  region
)
SELECT
  '{{ identity_name }}',
  '{{ identity_type }}',
  '{{ session_policy_arn }}',
  '{{ studio_id }}',
  '{{ region }}'
RETURNING
  ErrorCode,
  EventTime,
  Identifier,
  Operation,
  OperationStatus,
  RequestToken,
  ResourceModel,
  RetryAfter,
  StatusMessage,
  TypeName
;

version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
  value: '{{ vars.AWS_REGION }}'
resources:
- name: studio_session_mapping
  props:
    - name: identity_name
      value: '{{ identity_name }}'
    - name: identity_type
      value: '{{ identity_type }}'
    - name: session_policy_arn
      value: '{{ session_policy_arn }}'
    - name: studio_id
      value: '{{ studio_id }}'

`UPDATE` example

Use the following StackQL query and manifest file to update a studio_session_mapping resource, using stack-deploy.

/*+ update */
UPDATE awscc.emr.studio_session_mappings
SET PatchDocument = string('{{ {
    "SessionPolicyArn": session_policy_arn
} | generate_patch_document }}')
WHERE
  region = '{{ region }}' AND
  Identifier = '{{ studio_id }}|{{ identity_type }}|{{ identity_name }}'
RETURNING
  ErrorCode,
  EventTime,
  Identifier,
  Operation,
  OperationStatus,
  RequestToken,
  ResourceModel,
  RetryAfter,
  StatusMessage,
  TypeName
;

`DELETE` example

/*+ delete */
DELETE FROM awscc.emr.studio_session_mappings
WHERE
  Identifier = '{{ studio_id }}|{{ identity_type }}|{{ identity_name }}' AND
  region = '{{ region }}'
RETURNING
  ErrorCode,
  EventTime,
  Identifier,
  Operation,
  OperationStatus,
  RequestToken,
  ResourceModel,
  RetryAfter,
  StatusMessage,
  TypeName
;

Additional Parameters

Mutable resources in the Cloud Control provider support additional optional parameters which can be supplied with INSERT, UPDATE, or DELETE operations. These include:

Parameter	Description
`ClientToken`	A unique identifier to ensure the idempotency of the resource request. This allows the provider to accurately distinguish between retries and new requests. A client token is valid for 36 hours once used. After that, a resource request with the same client token is treated as a new request. If you do not specify a client token, one is generated for inclusion in the request.
`RoleArn`	The ARN of the IAM role used to perform this resource operation. The role specified must have the permissions required for this operation. If you do not specify a role, a temporary session is created using your AWS user credentials.
`TypeVersionId`	For private resource types, the type version to use in this resource operation. If you do not specify a resource version, the default version is used.

Permissions

To operate on the studio_session_mappings resource, the following permissions are required:

Create
Read
Update
Delete
List

elasticmapreduce:CreateStudioSessionMapping,
sso-directory:SearchUsers,
sso-directory:SearchGroups,
sso-directory:DescribeUser,
sso-directory:DescribeGroup,
sso:GetManagedApplicationInstance,
sso:ListDirectoryAssociations,
sso:GetProfile,
sso:ListProfiles,
sso:AssociateProfile,
sso:CreateApplication,
sso:PutApplicationAuthenticationMethod,
sso:PutApplicationGrant,
sso:PutApplicationAccessScope,
sso:PutApplicationAssignmentConfiguration,
sso:DescribeApplication,
sso:DeleteApplication,
sso:DeleteApplicationAuthenticationMethod,
sso:DeleteApplicationAccessScope,
sso:DeleteApplicationGrant,
sso:ListInstances,
sso-directory:CreateUser,
sso-directory:CreateGroup,
sso:CreateApplicationAssignment,
sso:DescribeInstance,
sso:DeleteApplicationAssignment,
sso:ListApplicationAssignments

elasticmapreduce:GetStudioSessionMapping,
sso-directory:SearchUsers,
sso-directory:SearchGroups,
sso-directory:DescribeUser,
sso-directory:DescribeGroup,
sso:GetManagedApplicationInstance,
sso:DescribeInstance

elasticmapreduce:GetStudioSessionMapping,
elasticmapreduce:UpdateStudioSessionMapping,
sso-directory:SearchUsers,
sso-directory:SearchGroups,
sso-directory:DescribeUser,
sso-directory:DescribeGroup,
sso:GetManagedApplicationInstance,
sso:DescribeInstance

elasticmapreduce:GetStudioSessionMapping,
elasticmapreduce:DeleteStudioSessionMapping,
sso-directory:SearchUsers,
sso-directory:SearchGroups,
sso-directory:DescribeUser,
sso-directory:DescribeGroup,
sso:GetManagedApplicationInstance,
sso:DescribeInstance,
sso:ListDirectoryAssociations,
sso:GetProfile,
sso:ListProfiles,
sso:DisassociateProfile

elasticmapreduce:ListStudioSessionMappings

Overview​

Fields​

Methods​

SELECT examples​

INSERT example​

UPDATE example​

DELETE example​

Additional Parameters​

Permissions​