Help Center/ DataArts Lake Formation/ API Reference/ API/ LakeCat/ Role Management/ Querying the Users or User groups Under a Role

Updated on 2024-02-21 GMT+08:00

View PDF

Querying the Users or User groups Under a Role

Function

This API is used to query the users or user groups under a role.

URI

GET /v1/{project_id}/instances/{instance_id}/roles/{role_name}/principals

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Project ID. For how to obtain the project ID, see Obtaining a Project ID (lakeformation_04_0026.xml).
instance_id	Yes	String	LakeFormation instance ID. The value is automatically generated when the instance is created, for example, 2180518f-42b8-4947-b20b-adfc53981a25.
role_name	Yes	String	Role name. The value should contain 1 to 255 characters. Only letters, numbers, hyphens (-), and underscores (_) are allowed.

**Table 2** Query Parameters
Parameter	Mandatory	Type	Description
principal_pattern	No	String	Entity name for fuzzy match. The value can contain 1 to 49 characters. Only letters, digits, and special characters (_\|*.-) are allowed.
limit	No	Integer	Number of returned records. The default number is 100. The value ranges from 1 to 1000.
marker	No	String	ID of the record where the query starts. The value consists of 0 to 1,024 characters.
reverse_page	No	Boolean	Whether to query the previous page. The default value is false.

Request Parameters

**Table 3** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	Array of strings	Tenant token.

Response Parameters

Status code: 200

**Table 4** Response body parameters
Parameter	Type	Description
principals	Array of Principal objects	Entity list.
page_info	PagedInfo object	Pagination information.

**Table 5** Principal
Parameter	Type	Description
principal_type	String	Entity type. USER: user GROUP: group ROLE: role SHARE: share OTHER: others Enumeration values: USER GROUP ROLE SHARE OTHER
principal_source	String	Entity source. IAM: cloud user SAML: SAML-based federation LDAP: ID user LOCAL: local user AGENTTENANT: agency OTHER: others Enumeration values: IAM SAML LDAP LOCAL AGENTTENANT OTHER
principal_name	String	Entity name. The value can contain 1 to 49 characters. Only letters, digits, underscores (_), hyphens (-), and periods (.) are allowed.

**Table 6** PagedInfo
Parameter	Type	Description
current_count	Integer	Number of objects returned this time. The value ranges from 0 to 2000.
next_marker	String	Query address of the next page. If the next page does not exist, the value is null. (If the value is null, the response body does not contain this parameter.)
previous_marker	String	Query address of the previous page. If the previous page does not exist, the value is null. (If the value is null, the response body does not contain this parameter.)

Status code: 400

**Table 7** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.
solution_msg	String	Solution.

Status code: 404

**Table 8** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.
solution_msg	String	Solution.

Status code: 500

**Table 9** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.
solution_msg	String	Solution.

Example Requests

GET https://{endpoint}/v1/{project_id}/instances/{instance_id}/roles/{role_name}/principals

Example Responses

Status code: 200

{
  "principals" : [ {
    "principal_type" : "USER",
    "principal_source" : "IAM",
    "principal_name" : "user1"
  } ],
  "page_info" : {
    "current_count" : 2000,
    "next_marker" : "006f492b-xxxx",
    "previous_marker" : "003e6eba-xxxx"
  }
}

Status code: 400

Bad Request

{
  "error_code" : "common.01000001",
  "error_msg" : "failed to read http request, please check your input, code: 400, reason: Type mismatch., cause: TypeMismatchException"
}

Status code: 401

Unauthorized

{
  "error_code": 'APIG.1002',
  "error_msg": 'Incorrect token or token resolution failed'
}

Status code: 403

Forbidden

{
  "error" : {
    "code" : "403",
    "message" : "X-Auth-Token is invalid in the request",
    "error_code" : null,
    "error_msg" : null,
    "title" : "Forbidden"
  },
  "error_code" : "403",
  "error_msg" : "X-Auth-Token is invalid in the request",
  "title" : "Forbidden"
}

Status code: 404

Not Found

{
  "error_code" : "common.01000001",
  "error_msg" : "response status exception, code: 404"
}

Status code: 408

Request Timeout

{
  "error_code" : "common.00000408",
  "error_msg" : "timeout exception occurred"
}

Status code: 500

Internal Server Error

{
  "error_code" : "common.00000500",
  "error_msg" : "internal error"
}

Status Codes

Status Code	Description
200	OK
400	Bad Request
401	Unauthorized
403	Forbidden
404	Not Found
408	Request Timeout
500	Internal Server Error

Error Codes

See Error Codes.

Parent topic: Role Management

Previous topic: Listing All Role Names

Next topic: Adding One or More Users or User Groups to a Role

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot