Help Center/ DataArts Lake Formation/ API Reference/ API/ LakeCat/ Role Management/ Querying the Users or User groups Under a Role
Updated on 2024-02-21 GMT+08:00

Querying the Users or User groups Under a Role

Function

This API is used to query the users or user groups under a role.

URI

GET /v1/{project_id}/instances/{instance_id}/roles/{role_name}/principals

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Project ID. For how to obtain the project ID, see Obtaining a Project ID (lakeformation_04_0026.xml).

instance_id

Yes

String

LakeFormation instance ID. The value is automatically generated when the instance is created, for example, 2180518f-42b8-4947-b20b-adfc53981a25.

role_name

Yes

String

Role name. The value should contain 1 to 255 characters. Only letters, numbers, hyphens (-), and underscores (_) are allowed.

Table 2 Query Parameters

Parameter

Mandatory

Type

Description

principal_pattern

No

String

Entity name for fuzzy match. The value can contain 1 to 49 characters. Only letters, digits, and special characters (_|*.-) are allowed.

limit

No

Integer

Number of returned records. The default number is 100. The value ranges from 1 to 1000.

marker

No

String

ID of the record where the query starts. The value consists of 0 to 1,024 characters.

reverse_page

No

Boolean

Whether to query the previous page. The default value is false.

Request Parameters

Table 3 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

Array of strings

Tenant token.

Response Parameters

Status code: 200

Table 4 Response body parameters

Parameter

Type

Description

principals

Array of Principal objects

Entity list.

page_info

PagedInfo object

Pagination information.

Table 5 Principal

Parameter

Type

Description

principal_type

String

Entity type. USER: user GROUP: group ROLE: role SHARE: share OTHER: others

Enumeration values:

  • USER

  • GROUP

  • ROLE

  • SHARE

  • OTHER

principal_source

String

Entity source. IAM: cloud user SAML: SAML-based federation LDAP: ID user LOCAL: local user AGENTTENANT: agency OTHER: others

Enumeration values:

  • IAM

  • SAML

  • LDAP

  • LOCAL

  • AGENTTENANT

  • OTHER

principal_name

String

Entity name. The value can contain 1 to 49 characters. Only letters, digits, underscores (_), hyphens (-), and periods (.) are allowed.

Table 6 PagedInfo

Parameter

Type

Description

current_count

Integer

Number of objects returned this time. The value ranges from 0 to 2000.

next_marker

String

Query address of the next page. If the next page does not exist, the value is null. (If the value is null, the response body does not contain this parameter.)

previous_marker

String

Query address of the previous page. If the previous page does not exist, the value is null. (If the value is null, the response body does not contain this parameter.)

Status code: 400

Table 7 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

solution_msg

String

Solution.

Status code: 404

Table 8 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

solution_msg

String

Solution.

Status code: 500

Table 9 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

solution_msg

String

Solution.

Example Requests

GET https://{endpoint}/v1/{project_id}/instances/{instance_id}/roles/{role_name}/principals

Example Responses

Status code: 200

OK

{
  "principals" : [ {
    "principal_type" : "USER",
    "principal_source" : "IAM",
    "principal_name" : "user1"
  } ],
  "page_info" : {
    "current_count" : 2000,
    "next_marker" : "006f492b-xxxx",
    "previous_marker" : "003e6eba-xxxx"
  }
}

Status code: 400

Bad Request

{
  "error_code" : "common.01000001",
  "error_msg" : "failed to read http request, please check your input, code: 400, reason: Type mismatch., cause: TypeMismatchException"
}

Status code: 401

Unauthorized

{
  "error_code": 'APIG.1002',
  "error_msg": 'Incorrect token or token resolution failed'
}

Status code: 403

Forbidden

{
  "error" : {
    "code" : "403",
    "message" : "X-Auth-Token is invalid in the request",
    "error_code" : null,
    "error_msg" : null,
    "title" : "Forbidden"
  },
  "error_code" : "403",
  "error_msg" : "X-Auth-Token is invalid in the request",
  "title" : "Forbidden"
}

Status code: 404

Not Found

{
  "error_code" : "common.01000001",
  "error_msg" : "response status exception, code: 404"
}

Status code: 408

Request Timeout

{
  "error_code" : "common.00000408",
  "error_msg" : "timeout exception occurred"
}

Status code: 500

Internal Server Error

{
  "error_code" : "common.00000500",
  "error_msg" : "internal error"
}

Status Codes

Status Code

Description

200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

408

Request Timeout

500

Internal Server Error

Error Codes

See Error Codes.