user_profiles
Creates, updates, deletes or gets an user_profile resource or lists user_profiles in a region
Overview
| Name | user_profiles |
| Type | Resource |
| Description | A user profile represents Amazon DataZone users. Amazon DataZone supports both IAM roles and SSO identities to interact with the Amazon DataZone Management Console and the data portal for different purposes. Domain administrators use IAM roles to perform the initial administrative domain-related work in the Amazon DataZone Management Console, including creating new Amazon DataZone domains, configuring metadata form types, and implementing policies. Data workers use their SSO corporate identities via Identity Center to log into the Amazon DataZone Data Portal and access projects where they have memberships. |
| Id | aws.datazone.user_profiles |
Fields
| Name | Datatype | Description |
|---|---|---|
details | undefined | |
domain_id | string | The identifier of the Amazon DataZone domain in which the user profile is created. |
domain_identifier | string | The identifier of the Amazon DataZone domain in which the user profile would be created. |
id | string | The ID of the Amazon DataZone user profile. |
status | string | The status of the user profile. |
type | string | The type of the user profile. |
user_identifier | string | The ID of the user. |
user_type | string | The type of the user. |
region | string | AWS region. |
Methods
| Name | Accessible by | Required Params |
|---|---|---|
create_resource | INSERT | DomainIdentifier, UserIdentifier, region |
delete_resource | DELETE | data__Identifier, region |
update_resource | UPDATE | data__Identifier, data__PatchDocument, region |
list_resources | SELECT | region |
get_resource | SELECT | data__Identifier, region |
SELECT examples
Gets all user_profiles in a region.
SELECT
region,
details,
domain_id,
domain_identifier,
id,
status,
type,
user_identifier,
user_type
FROM aws.datazone.user_profiles
WHERE region = 'us-east-1';
Gets all properties from an individual user_profile.
SELECT
region,
details,
domain_id,
domain_identifier,
id,
status,
type,
user_identifier,
user_type
FROM aws.datazone.user_profiles
WHERE region = 'us-east-1' AND data__Identifier = '<DomainId>|<Id>';
INSERT example
Use the following StackQL query and manifest file to create a new user_profile resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO aws.datazone.user_profiles (
DomainIdentifier,
UserIdentifier,
region
)
SELECT
'{{ DomainIdentifier }}',
'{{ UserIdentifier }}',
'{{ region }}';
/*+ create */
INSERT INTO aws.datazone.user_profiles (
DomainIdentifier,
Status,
UserIdentifier,
UserType,
region
)
SELECT
'{{ DomainIdentifier }}',
'{{ Status }}',
'{{ UserIdentifier }}',
'{{ UserType }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: user_profile
props:
- name: DomainIdentifier
value: '{{ DomainIdentifier }}'
- name: Status
value: '{{ Status }}'
- name: UserIdentifier
value: '{{ UserIdentifier }}'
- name: UserType
value: '{{ UserType }}'
DELETE example
/*+ delete */
DELETE FROM aws.datazone.user_profiles
WHERE data__Identifier = '<DomainId|Id>'
AND region = 'us-east-1';
Permissions
To operate on the user_profiles resource, the following permissions are required:
Create
datazone:CreateUserProfile,
datazone:GetUserProfile,
datazone:UpdateUserProfile,
datazone:GetDomain,
sso:ListProfiles,
sso:GetProfile,
sso:AssociateProfile,
sso:DisassociateProfile,
iam:GetRole,
iam:GetUser
Read
datazone:GetUserProfile
Update
datazone:UpdateUserProfile,
datazone:GetUserProfile,
datazone:UpdateUserProfile,
sso:ListProfiles,
sso:GetProfile,
sso:AssociateProfile,
sso:DisassociateProfile,
iam:GetRole,
iam:GetUser
Delete
datazone:DeleteUserProfile,
datazone:GetUserProfile,
datazone:UpdateUserProfile,
sso:ListProfiles,
sso:GetProfile,
sso:AssociateProfile,
sso:DisassociateProfile,
iam:GetRole,
iam:GetUser
List
datazone:SearchUserProfiles