Querying Authorization
This section describes how to query an authorized permission.
Procedure
- Log in to the LakeFormation console.
- In the upper left corner, click
and choose Analytics > LakeFormation to access the LakeFormation console. - Select the target LakeFormation instance from the drop-down list box on the left and choose Data Permissions > Data Authorization.
You can select the target permission information using OBS Authorization Path, Authorization Entity, Entity Type, and Entity Source in the upper right corner as filters.
- View the data authorization information in the displayed list.
The following table lists the information items:
Table 1 Authorization information Item
Description
Policy Type
The values include:
- DEFAULT: default permission policy.
- ROW_FILTER: row filtering permission policy, including row filtering criteria.
Authorization Entity
Name of the authorized entity.
Entity Type
Type of the authorized entity. GROUP indicates the user group, ROLE indicates role, and USER indicates user.
Entity Source
Source of the authorization entity. IAM indicates that the entity is from IAM (user or user group), LOCAL indicates that the entity is from LakeFormation, and AGENTTENANT indicates that the entity is from IAM agency.
Authorization Object
Name or path of the authorized resource.
If the authorization type is set to Resources, the format is Catalog.[Database].[Table].
Resource Type
The values include:
- CATALOG: catalog
- DATABASE: database
- TABLE: table
- COLUMN: column
- FUNC: function
- URI: path
Permission
Name of the authorized permission. For details about the permission description, see Table 2.
Authorized Permission
Authorized permission.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
