domains
Creates, updates, deletes or gets a domain resource or lists domains in a region
Overview
| Name | domains |
| Type | Resource |
| Description | A domain is an organizing entity for connecting together assets, users, and their projects |
| Id | aws.datazone.domains |
Fields
| Name | Datatype | Description |
|---|---|---|
arn | string | The ARN of the Amazon DataZone domain. |
created_at | string | The timestamp of when the Amazon DataZone domain was last updated. |
description | string | The description of the Amazon DataZone domain. |
domain_execution_role | string | The domain execution role that is created when an Amazon DataZone domain is created. The domain execution role is created in the AWS account that houses the Amazon DataZone domain. |
id | string | The id of the Amazon DataZone domain. |
kms_key_identifier | string | The identifier of the AWS Key Management Service (KMS) key that is used to encrypt the Amazon DataZone domain, metadata, and reporting data. |
last_updated_at | string | The timestamp of when the Amazon DataZone domain was last updated. |
managed_account_id | string | The identifier of the AWS account that manages the domain. |
name | string | The name of the Amazon DataZone domain. |
portal_url | string | The URL of the data portal for this Amazon DataZone domain. |
single_sign_on | object | The single-sign on configuration of the Amazon DataZone domain. |
status | string | The status of the Amazon DataZone domain. |
tags | array | The tags specified for the Amazon DataZone domain. |
region | string | AWS region. |
Methods
| Name | Accessible by | Required Params |
|---|---|---|
create_resource | INSERT | DomainExecutionRole, Name, region |
delete_resource | DELETE | data__Identifier, region |
update_resource | UPDATE | data__Identifier, data__PatchDocument, region |
list_resources | SELECT | region |
get_resource | SELECT | data__Identifier, region |
SELECT examples
Gets all domains in a region.
SELECT
region,
arn,
created_at,
description,
domain_execution_role,
id,
kms_key_identifier,
last_updated_at,
managed_account_id,
name,
portal_url,
single_sign_on,
status,
tags
FROM aws.datazone.domains
WHERE region = 'us-east-1';
Gets all properties from an individual domain.
SELECT
region,
arn,
created_at,
description,
domain_execution_role,
id,
kms_key_identifier,
last_updated_at,
managed_account_id,
name,
portal_url,
single_sign_on,
status,
tags
FROM aws.datazone.domains
WHERE region = 'us-east-1' AND data__Identifier = '<Id>';
INSERT example
Use the following StackQL query and manifest file to create a new domain resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO aws.datazone.domains (
DomainExecutionRole,
Name,
region
)
SELECT
'{{ DomainExecutionRole }}',
'{{ Name }}',
'{{ region }}';
/*+ create */
INSERT INTO aws.datazone.domains (
Description,
DomainExecutionRole,
KmsKeyIdentifier,
Name,
SingleSignOn,
Tags,
region
)
SELECT
'{{ Description }}',
'{{ DomainExecutionRole }}',
'{{ KmsKeyIdentifier }}',
'{{ Name }}',
'{{ SingleSignOn }}',
'{{ Tags }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: domain
props:
- name: Description
value: '{{ Description }}'
- name: DomainExecutionRole
value: '{{ DomainExecutionRole }}'
- name: KmsKeyIdentifier
value: '{{ KmsKeyIdentifier }}'
- name: Name
value: '{{ Name }}'
- name: SingleSignOn
value:
Type: '{{ Type }}'
UserAssignment: '{{ UserAssignment }}'
- name: Tags
value:
- Key: '{{ Key }}'
Value: '{{ Value }}'
DELETE example
/*+ delete */
DELETE FROM aws.datazone.domains
WHERE data__Identifier = '<Id>'
AND region = 'us-east-1';
Permissions
To operate on the domains resource, the following permissions are required:
Create
datazone:CreateDomain,
datazone:UpdateDomain,
datazone:GetDomain,
datazone:TagResource,
sso:CreateManagedApplicationInstance,
sso:DeleteManagedApplicationInstance,
sso:PutApplicationAssignmentConfiguration
Read
datazone:GetDomain
Update
datazone:UpdateDomain,
datazone:GetDomain,
datazone:TagResource,
datazone:UntagResource,
sso:CreateManagedApplicationInstance,
sso:DeleteManagedApplicationInstance,
sso:PutApplicationAssignmentConfiguration
Delete
datazone:DeleteDomain,
datazone:GetDomain
List
datazone:ListDomains