AWS::LakeFormation::DataCellsFilter - Amazon CloudFormation
SyntaxPropertiesReturn valuesRemarksExamplesSee also
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::LakeFormation::DataCellsFilter

A structure that represents a data cell filter with column-level, row-level, and/or cell-level security. Data cell filters belong to a specific table in a Data Catalog. During a stack operation, Amazon CloudFormation calls the Amazon Lake Formation CreateDataCellsFilter API operation to create a DataCellsFilter resource, and calls the DeleteDataCellsFilter API operation to delete it.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{
  "Type" : "AWS::LakeFormation::DataCellsFilter",
  "Properties" : {
      "ColumnNames" : [ String, ... ],
      "ColumnWildcard" : ColumnWildcard,
      "DatabaseName" : String,
      "Name" : String,
      "RowFilter" : RowFilter,
      "TableCatalogId" : String,
      "TableName" : String
    }
}

YAML

Type: AWS::LakeFormation::DataCellsFilter
Properties: 
  ColumnNames: 
    - String
  ColumnWildcard: 
    ColumnWildcard
  DatabaseName: String
  Name: String
  RowFilter: 
    RowFilter
  TableCatalogId: String
  TableName: String

Properties

ColumnNames

An array of UTF-8 strings. A list of column names.

Required: No

Type: List of String

Update requires: Replacement

ColumnWildcard

A wildcard with exclusions. You must specify either a ColumnNames list or the ColumnWildCard.

Required: No

Type: ColumnWildcard

Update requires: Replacement

DatabaseName

UTF-8 string, not less than 1 or more than 255 bytes long, matching the single-line string pattern.

A database in the Data Catalog.

Required: Yes

Type: String

Update requires: Replacement

Name

UTF-8 string, not less than 1 or more than 255 bytes long, matching the single-line string pattern.

The name given by the user to the data filter cell.

Required: Yes

Type: String

Update requires: Replacement

RowFilter

A PartiQL predicate.

Required: No

Type: RowFilter

Update requires: Replacement

TableCatalogId

Catalog id string, not less than 1 or more than 255 bytes long, matching the single-line string pattern.

The ID of the catalog to which the table belongs.

Required: Yes

Type: String

Update requires: Replacement

TableName

UTF-8 string, not less than 1 or more than 255 bytes long, matching the single-line string pattern.

A table in the database.

Required: Yes

Type: String

Update requires: Replacement

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Reffunction, Refreturns the resource properties such as TableCatalogId, DatabaseName, TableName, and FilterName. For example: 123456789012|ExampleDbName|ExampleTableName|ExampleFilterName

Remarks

The level of filtering that you get depends on how you populate the data filter.

  • When you specify the "all columns" wildcard and provide a row filter expression, you are establishing row-level security (row filtering) only.

  • When you include or exclude specific columns and specify all rows using the all-rows wildcard, you are establishing column-level security (column filtering) only.

  • When you include or exclude specific columns and also provide a row filter expression, you are establishing cell-level security (cell filtering).

Specify the following to create a valid data cells filter:

  • ColumnWildcard or ColumnNames

  • RowFilter.AllRowsWildcard or RowFilter.FilterExpression

Examples

Creating a DataCellsFilter using row and column wildcards

The following example demonstrates how to create a DataCellsFilter resource using row and column wildcards:

JSON

{
  "SampleDataCellsFilter": {
    "Type": "AWS::LakeFormation::DataCellsFilter",
    "Properties": {
      "TableCatalogId": "12345678910",
      "DatabaseName": "sample_db",
      "TableName": "sample_tbl",
      "Name": "sample_data_cells_filter",
      "RowFilter": {
          "AllRowsWildcard": {}
       },
          "ColumnWildcard": {}
     }
   }
}

YAML

SampleDataCellsFilter:
    Type: AWS::LakeFormation::DataCellsFilter
    Properties:
        TableCatalogId: "12345678910"
        DatabaseName: "sample_db" 
        TableName: "sample_tbl" 
        Name: "sample_data_cells_filter" 
        RowFilter: 
            AllRowsWildcard: {}
        ColumnWildcard: {}

Creating a DataCellsFilter using a row wild card and specified columns

The following example demonstrates how to create a DataCellsFilter resource using a row wild card and specified columns:

JSON

{
    "SampleDataCellsFilter": {
        "Type": "AWS::LakeFormation::DataCellsFilter",
        "Properties": {
            "TableCatalogId": "12345678910",
            "DatabaseName": "sample_db",
            "TableName": "sample_tbl",
            "Name": "sample_data_cells_filter",
            "RowFilter": {
                "AllRowsWildcard": {}
            },
            "ColumnNames": ["sample_column_1", "sample_column_2"]
        }
    }
}

YAML

SampleDataCellsFilter:
    Type: AWS::LakeFormation::DataCellsFilter
    Properties:
        TableCatalogId: "12345678910"
        DatabaseName: "sample_db" 
        TableName: "sample_tbl" 
        Name: "sample_data_cells_filter" 
        RowFilter: 
            AllRowsWildcard: {}
        ColumnNames: ["sample_column_1", "sample_column_2"]

Creating a DataCellsFilter using a row filter expression and a column wildcard

The following example demonstrates how to create a DataCellsFilter using a row filter expression and a column wildcard:

JSON

{
    "SampleDataCellsFilter": {
        "Type": "AWS::LakeFormation::DataCellsFilter",
        "Properties": {
            "TableCatalogId": "12345678910",
            "DatabaseName": "sample_db",
            "TableName": "sample_tbl",
            "Name": "sample_data_cells_filter",
            "RowFilter": {
                "FilterExpression": "sample_column_1 > 0"
            },
            "ColumnWildcard": {}
        }
    }
}

YAML

SampleDataCellsFilter:
    Type: AWS::LakeFormation::DataCellsFilter
    Properties:
        TableCatalogId: "12345678910"
        DatabaseName: "sample_db" 
        TableName: "sample_tbl" 
        Name: "sample_data_cells_filter" 
        RowFilter: 
            FilterExpression: "sample_column_1 > 0"
        ColumnWildcard: {}

Creating a DataCellsFilter using a row filter and specified columns

The following example demonstrates how to create a DataCellsFilter resource using a row filter and specified columns:

JSON

{
    "SampleDataCellsFilter": {
        "Type": "AWS::LakeFormation::DataCellsFilter",
        "Properties": {
            "TableCatalogId": "12345678910",
            "DatabaseName": "sample_db",
            "TableName": "sample_tbl",
            "Name": "sample_data_cells_filter",
            "RowFilter": {
                "FilterExpression": "sample_column_1 > 0"
            },
            "ColumnNames": ["sample_column_1", "sample_column_2"]
        }
    }
}

YAML

SampleDataCellsFilter:
    Type: AWS::LakeFormation::DataCellsFilter
    Properties:
        TableCatalogId: "12345678910"
        DatabaseName: "sample_db" 
        TableName: "sample_tbl" 
        Name: "sample_data_cells_filter" 
        RowFilter: 
            FilterExpression: "sample_column_1 > 0"
        ColumnNames: ["sample_column_1", "sample_column_2"]

See also

Data filtering and cell-level security in Amazon Lake Formation.