in src/lakeformation_permissions/consumption/lambda_function.py [0:0]
def buildjson(event):
""" builds the json event consumed by Lakeformation API
Arguments:
event {dict} -- event that is pushed to account specific queue
Returns:
principal_json {dict} -- (sample event below)
Principal={
'DataLakePrincipalIdentifier': 'string'
}
table_json {dict} -- (sample event below)
'Table': {
'CatalogId': 'string',
'DatabaseName': 'string',
'Name': 'string',
'TableWildcard': {}
}
tableWithColumns_json {dict} -- (sample event below)
'TableWithColumns': {
'CatalogId': 'string',
'DatabaseName': 'string',
'Name': 'string',
'ColumnNames': [
'string',
],
'ColumnWildcard': {
'ExcludedColumnNames': [
'string',
]
}
}
perm_json {dict} -- (sample event below)
Permissions=[
'ALL'|'SELECT'|'ALTER'|'DROP'|'DELETE'|'INSERT'|'DESCRIBE'|
'CREATE_DATABASE'|'CREATE_TABLE'|'DATA_LOCATION_ACCESS'|'CREATE_TAG'|
'ALTER_TAG'|'DELETE_TAG'|'DESCRIBE_TAG'|'ASSOCIATE_TAG',
]
perm_grant_json {dict} --
PermissionsWithGrantOption=[
'ALL'|'SELECT'|'ALTER'|'DROP'|'DELETE'|'INSERT'|'DESCRIBE'|
'CREATE_DATABASE'|'CREATE_TABLE'|'DATA_LOCATION_ACCESS'|'CREATE_TAG'|
'ALTER_TAG'|'DELETE_TAG'|'DESCRIBE_TAG'|'ASSOCIATE_TAG',
]
"""
principal_json = {}
table_json = {}
tableWithColumns_json = {}
perm_json = {}
if 'Principal' in event:
principal_json['DataLakePrincipalIdentifier'] = event['Principal']
else:
raise LFAttributeError
if 'Table' in event:
if 'DatabaseName' not in event['Table']:
raise LFAttributeError
table_json['DatabaseName'] = event['Table']['DatabaseName']
# Need to create a env variable Foundations Account ID
table_json['CatalogId'] = f_acc_id
response = grant_db_describe(principal_json,
table_json['DatabaseName'])
if 'foundation_' in table_json['DatabaseName']:
table_json['DatabaseName']=table_json['DatabaseName'].split('foundation_')[1]
if 'Name' in event['Table']:
table_json['Name'] = event['Table']['Name']
elif 'TableWildcard' in event['Table']:
table_json['TableWildcard'] = event['Table']['TableWildcard']
else:
raise LFAttributeError
elif 'TableWithColumns' in event:
if 'DatabaseName' not in event['TableWithColumns']:
raise LFAttributeError
tableWithColumns_json['DatabaseName'] = event['TableWithColumns']['DatabaseName']
tableWithColumns_json['CatalogId'] = f_acc_id
response = grant_db_describe(principal_json,
tableWithColumns_json['DatabaseName'])
if 'foundation_' in tableWithColumns_json['DatabaseName']:
tableWithColumns_json['DatabaseName']=tableWithColumns_json['DatabaseName'].split('foundation_')[1]
if 'Name' not in event['TableWithColumns']:
raise LFAttributeError
tableWithColumns_json['Name'] = event['TableWithColumns']['Name']
if 'ColumnNames' in event['TableWithColumns']:
tableWithColumns_json['ColumnNames'] = event['TableWithColumns']['ColumnNames']
elif 'ColumnWildcard' in event['TableWithColumns']:
tableWithColumns_json['ColumnWildcard'] = event['TableWithColumns']['ColumnWildcard']
else:
raise LFAttributeError
else:
raise LFAttributeError
if 'Permissions' in event:
perm_lit = ["SELECT"]
if list(set(perm_lit) - set(event['Permissions'])):
logger.info('Found permissions other than SELECT and DESCRIBE ignoring them')
perm_json['Permissions'] = perm_lit
else:
perm_json['Permissions'] = event['Permissions']
else:
LFAttributeError
return principal_json, table_json, tableWithColumns_json, perm_json