feat(client-datazone): This release adds a new authorization policy to control the usage of custom AssetType when creating an Asset. Customer can now add new grant(s) of policyType USE_ASSET_TYPE for custom AssetTypes to apply authorization policy to projects members and domain unit owners.

Author: awstools

clients/client-datazone/src/commands/AddPolicyGrantCommand.ts

@@ -38,9 +38,9 @@ export interface AddPolicyGrantCommandOutput extends AddPolicyGrantOutput, __Met
  * const client = new DataZoneClient(config);
  * const input = { // AddPolicyGrantInput
  *   domainIdentifier: "STRING_VALUE", // required
- *   entityType: "DOMAIN_UNIT" || "ENVIRONMENT_BLUEPRINT_CONFIGURATION" || "ENVIRONMENT_PROFILE", // required
+ *   entityType: "DOMAIN_UNIT" || "ENVIRONMENT_BLUEPRINT_CONFIGURATION" || "ENVIRONMENT_PROFILE" || "ASSET_TYPE", // required
  *   entityIdentifier: "STRING_VALUE", // required
- *   policyType: "CREATE_DOMAIN_UNIT" || "OVERRIDE_DOMAIN_UNIT_OWNERS" || "ADD_TO_PROJECT_MEMBER_POOL" || "OVERRIDE_PROJECT_OWNERS" || "CREATE_GLOSSARY" || "CREATE_FORM_TYPE" || "CREATE_ASSET_TYPE" || "CREATE_PROJECT" || "CREATE_ENVIRONMENT_PROFILE" || "DELEGATE_CREATE_ENVIRONMENT_PROFILE" || "CREATE_ENVIRONMENT" || "CREATE_ENVIRONMENT_FROM_BLUEPRINT" || "CREATE_PROJECT_FROM_PROJECT_PROFILE", // required
+ *   policyType: "CREATE_DOMAIN_UNIT" || "OVERRIDE_DOMAIN_UNIT_OWNERS" || "ADD_TO_PROJECT_MEMBER_POOL" || "OVERRIDE_PROJECT_OWNERS" || "CREATE_GLOSSARY" || "CREATE_FORM_TYPE" || "CREATE_ASSET_TYPE" || "CREATE_PROJECT" || "CREATE_ENVIRONMENT_PROFILE" || "DELEGATE_CREATE_ENVIRONMENT_PROFILE" || "CREATE_ENVIRONMENT" || "CREATE_ENVIRONMENT_FROM_BLUEPRINT" || "CREATE_PROJECT_FROM_PROJECT_PROFILE" || "USE_ASSET_TYPE", // required
  *   principal: { // PolicyGrantPrincipal Union: only one key present
  *     user: { // UserPolicyGrantPrincipal Union: only one key present
  *       userIdentifier: "STRING_VALUE",
@@ -104,6 +104,9 @@ export interface AddPolicyGrantCommandOutput extends AddPolicyGrantOutput, __Met
  *         "STRING_VALUE",
  *       ],
  *     },
+ *     useAssetType: { // UseAssetTypePolicyGrantDetail
+ *       domainUnitId: "STRING_VALUE",
+ *     },
  *   },
  *   clientToken: "STRING_VALUE",
  * };

clients/client-datazone/src/commands/ListPolicyGrantsCommand.ts

@@ -37,9 +37,9 @@ export interface ListPolicyGrantsCommandOutput extends ListPolicyGrantsOutput, _
  * const client = new DataZoneClient(config);
  * const input = { // ListPolicyGrantsInput
  *   domainIdentifier: "STRING_VALUE", // required
- *   entityType: "DOMAIN_UNIT" || "ENVIRONMENT_BLUEPRINT_CONFIGURATION" || "ENVIRONMENT_PROFILE", // required
+ *   entityType: "DOMAIN_UNIT" || "ENVIRONMENT_BLUEPRINT_CONFIGURATION" || "ENVIRONMENT_PROFILE" || "ASSET_TYPE", // required
  *   entityIdentifier: "STRING_VALUE", // required
- *   policyType: "CREATE_DOMAIN_UNIT" || "OVERRIDE_DOMAIN_UNIT_OWNERS" || "ADD_TO_PROJECT_MEMBER_POOL" || "OVERRIDE_PROJECT_OWNERS" || "CREATE_GLOSSARY" || "CREATE_FORM_TYPE" || "CREATE_ASSET_TYPE" || "CREATE_PROJECT" || "CREATE_ENVIRONMENT_PROFILE" || "DELEGATE_CREATE_ENVIRONMENT_PROFILE" || "CREATE_ENVIRONMENT" || "CREATE_ENVIRONMENT_FROM_BLUEPRINT" || "CREATE_PROJECT_FROM_PROJECT_PROFILE", // required
+ *   policyType: "CREATE_DOMAIN_UNIT" || "OVERRIDE_DOMAIN_UNIT_OWNERS" || "ADD_TO_PROJECT_MEMBER_POOL" || "OVERRIDE_PROJECT_OWNERS" || "CREATE_GLOSSARY" || "CREATE_FORM_TYPE" || "CREATE_ASSET_TYPE" || "CREATE_PROJECT" || "CREATE_ENVIRONMENT_PROFILE" || "DELEGATE_CREATE_ENVIRONMENT_PROFILE" || "CREATE_ENVIRONMENT" || "CREATE_ENVIRONMENT_FROM_BLUEPRINT" || "CREATE_PROJECT_FROM_PROJECT_PROFILE" || "USE_ASSET_TYPE", // required
  *   maxResults: Number("int"),
  *   nextToken: "STRING_VALUE",
  * };
@@ -111,6 +111,9 @@ export interface ListPolicyGrantsCommandOutput extends ListPolicyGrantsOutput, _
  * //             "STRING_VALUE",
  * //           ],
  * //         },
+ * //         useAssetType: { // UseAssetTypePolicyGrantDetail
+ * //           domainUnitId: "STRING_VALUE",
+ * //         },
  * //       },
  * //       createdAt: new Date("TIMESTAMP"),
  * //       createdBy: "STRING_VALUE",

clients/client-datazone/src/commands/RemovePolicyGrantCommand.ts

@@ -37,9 +37,9 @@ export interface RemovePolicyGrantCommandOutput extends RemovePolicyGrantOutput,
  * const client = new DataZoneClient(config);
  * const input = { // RemovePolicyGrantInput
  *   domainIdentifier: "STRING_VALUE", // required
- *   entityType: "DOMAIN_UNIT" || "ENVIRONMENT_BLUEPRINT_CONFIGURATION" || "ENVIRONMENT_PROFILE", // required
+ *   entityType: "DOMAIN_UNIT" || "ENVIRONMENT_BLUEPRINT_CONFIGURATION" || "ENVIRONMENT_PROFILE" || "ASSET_TYPE", // required
  *   entityIdentifier: "STRING_VALUE", // required
- *   policyType: "CREATE_DOMAIN_UNIT" || "OVERRIDE_DOMAIN_UNIT_OWNERS" || "ADD_TO_PROJECT_MEMBER_POOL" || "OVERRIDE_PROJECT_OWNERS" || "CREATE_GLOSSARY" || "CREATE_FORM_TYPE" || "CREATE_ASSET_TYPE" || "CREATE_PROJECT" || "CREATE_ENVIRONMENT_PROFILE" || "DELEGATE_CREATE_ENVIRONMENT_PROFILE" || "CREATE_ENVIRONMENT" || "CREATE_ENVIRONMENT_FROM_BLUEPRINT" || "CREATE_PROJECT_FROM_PROJECT_PROFILE", // required
+ *   policyType: "CREATE_DOMAIN_UNIT" || "OVERRIDE_DOMAIN_UNIT_OWNERS" || "ADD_TO_PROJECT_MEMBER_POOL" || "OVERRIDE_PROJECT_OWNERS" || "CREATE_GLOSSARY" || "CREATE_FORM_TYPE" || "CREATE_ASSET_TYPE" || "CREATE_PROJECT" || "CREATE_ENVIRONMENT_PROFILE" || "DELEGATE_CREATE_ENVIRONMENT_PROFILE" || "CREATE_ENVIRONMENT" || "CREATE_ENVIRONMENT_FROM_BLUEPRINT" || "CREATE_PROJECT_FROM_PROJECT_PROFILE" || "USE_ASSET_TYPE", // required
  *   principal: { // PolicyGrantPrincipal Union: only one key present
  *     user: { // UserPolicyGrantPrincipal Union: only one key present
  *       userIdentifier: "STRING_VALUE",

clients/client-datazone/src/models/models_0.ts

@@ -1111,6 +1111,18 @@ export interface OverrideProjectOwnersPolicyGrantDetail {
   includeChildDomainUnits?: boolean | undefined;
 }
 
+/**
+ * <p>Specifies the domain unit(s) whose projects can use this asset type while creating asset or asset revisions.</p>
+ * @public
+ */
+export interface UseAssetTypePolicyGrantDetail {
+  /**
+   * <p>The ID of the domain unit.</p>
+   * @public
+   */
+  domainUnitId?: string | undefined;
+}
+
 /**
  * <p>The details of the policy grant.</p>
  * @public
@@ -1129,6 +1141,7 @@ export type PolicyGrantDetail =
   | PolicyGrantDetail.DelegateCreateEnvironmentProfileMember
   | PolicyGrantDetail.OverrideDomainUnitOwnersMember
   | PolicyGrantDetail.OverrideProjectOwnersMember
+  | PolicyGrantDetail.UseAssetTypeMember
   | PolicyGrantDetail.$UnknownMember;
 
 /**
@@ -1153,6 +1166,7 @@ export namespace PolicyGrantDetail {
     createEnvironment?: never;
     createEnvironmentFromBlueprint?: never;
     createProjectFromProjectProfile?: never;
+    useAssetType?: never;
     $unknown?: never;
   }
 
@@ -1174,6 +1188,7 @@ export namespace PolicyGrantDetail {
     createEnvironment?: never;
     createEnvironmentFromBlueprint?: never;
     createProjectFromProjectProfile?: never;
+    useAssetType?: never;
     $unknown?: never;
   }
 
@@ -1195,6 +1210,7 @@ export namespace PolicyGrantDetail {
     createEnvironment?: never;
     createEnvironmentFromBlueprint?: never;
     createProjectFromProjectProfile?: never;
+    useAssetType?: never;
     $unknown?: never;
   }
 
@@ -1216,6 +1232,7 @@ export namespace PolicyGrantDetail {
     createEnvironment?: never;
     createEnvironmentFromBlueprint?: never;
     createProjectFromProjectProfile?: never;
+    useAssetType?: never;
     $unknown?: never;
   }
 
@@ -1237,6 +1254,7 @@ export namespace PolicyGrantDetail {
     createEnvironment?: never;
     createEnvironmentFromBlueprint?: never;
     createProjectFromProjectProfile?: never;
+    useAssetType?: never;
     $unknown?: never;
   }
 
@@ -1258,6 +1276,7 @@ export namespace PolicyGrantDetail {
     createEnvironment?: never;
     createEnvironmentFromBlueprint?: never;
     createProjectFromProjectProfile?: never;
+    useAssetType?: never;
     $unknown?: never;
   }
 
@@ -1279,6 +1298,7 @@ export namespace PolicyGrantDetail {
     createEnvironment?: never;
     createEnvironmentFromBlueprint?: never;
     createProjectFromProjectProfile?: never;
+    useAssetType?: never;
     $unknown?: never;
   }
 
@@ -1300,6 +1320,7 @@ export namespace PolicyGrantDetail {
     createEnvironment?: never;
     createEnvironmentFromBlueprint?: never;
     createProjectFromProjectProfile?: never;
+    useAssetType?: never;
     $unknown?: never;
   }
 
@@ -1321,6 +1342,7 @@ export namespace PolicyGrantDetail {
     createEnvironment?: never;
     createEnvironmentFromBlueprint?: never;
     createProjectFromProjectProfile?: never;
+    useAssetType?: never;
     $unknown?: never;
   }
 
@@ -1342,6 +1364,7 @@ export namespace PolicyGrantDetail {
     createEnvironment?: never;
     createEnvironmentFromBlueprint?: never;
     createProjectFromProjectProfile?: never;
+    useAssetType?: never;
     $unknown?: never;
   }
 
@@ -1363,6 +1386,7 @@ export namespace PolicyGrantDetail {
     createEnvironment: Unit;
     createEnvironmentFromBlueprint?: never;
     createProjectFromProjectProfile?: never;
+    useAssetType?: never;
     $unknown?: never;
   }
 
@@ -1384,6 +1408,7 @@ export namespace PolicyGrantDetail {
     createEnvironment?: never;
     createEnvironmentFromBlueprint: Unit;
     createProjectFromProjectProfile?: never;
+    useAssetType?: never;
     $unknown?: never;
   }
 
@@ -1405,6 +1430,29 @@ export namespace PolicyGrantDetail {
     createEnvironment?: never;
     createEnvironmentFromBlueprint?: never;
     createProjectFromProjectProfile: CreateProjectFromProjectProfilePolicyGrantDetail;
+    useAssetType?: never;
+    $unknown?: never;
+  }
+
+  /**
+   * <p> Specifies the domain unit(s) whose projects can use this asset type while creating asset or asset revisions.</p>
+   * @public
+   */
+  export interface UseAssetTypeMember {
+    createDomainUnit?: never;
+    overrideDomainUnitOwners?: never;
+    addToProjectMemberPool?: never;
+    overrideProjectOwners?: never;
+    createGlossary?: never;
+    createFormType?: never;
+    createAssetType?: never;
+    createProject?: never;
+    createEnvironmentProfile?: never;
+    delegateCreateEnvironmentProfile?: never;
+    createEnvironment?: never;
+    createEnvironmentFromBlueprint?: never;
+    createProjectFromProjectProfile?: never;
+    useAssetType: UseAssetTypePolicyGrantDetail;
     $unknown?: never;
   }
 
@@ -1425,6 +1473,7 @@ export namespace PolicyGrantDetail {
     createEnvironment?: never;
     createEnvironmentFromBlueprint?: never;
     createProjectFromProjectProfile?: never;
+    useAssetType?: never;
     $unknown: [string, any];
   }
 
@@ -1442,6 +1491,7 @@ export namespace PolicyGrantDetail {
     createEnvironment: (value: Unit) => T;
     createEnvironmentFromBlueprint: (value: Unit) => T;
     createProjectFromProjectProfile: (value: CreateProjectFromProjectProfilePolicyGrantDetail) => T;
+    useAssetType: (value: UseAssetTypePolicyGrantDetail) => T;
     _: (name: string, value: any) => T;
   }
 
@@ -1464,6 +1514,7 @@ export namespace PolicyGrantDetail {
       return visitor.createEnvironmentFromBlueprint(value.createEnvironmentFromBlueprint);
     if (value.createProjectFromProjectProfile !== undefined)
       return visitor.createProjectFromProjectProfile(value.createProjectFromProjectProfile);
+    if (value.useAssetType !== undefined) return visitor.useAssetType(value.useAssetType);
     return visitor._(value.$unknown[0], value.$unknown[1]);
   };
 }
@@ -1473,6 +1524,7 @@ export namespace PolicyGrantDetail {
  * @enum
  */
 export const TargetEntityType = {
+  ASSET_TYPE: "ASSET_TYPE",
   DOMAIN_UNIT: "DOMAIN_UNIT",
   ENVIRONMENT_BLUEPRINT_CONFIGURATION: "ENVIRONMENT_BLUEPRINT_CONFIGURATION",
   ENVIRONMENT_PROFILE: "ENVIRONMENT_PROFILE",
@@ -1501,6 +1553,7 @@ export const ManagedPolicyType = {
   DELEGATE_CREATE_ENVIRONMENT_PROFILE: "DELEGATE_CREATE_ENVIRONMENT_PROFILE",
   OVERRIDE_DOMAIN_UNIT_OWNERS: "OVERRIDE_DOMAIN_UNIT_OWNERS",
   OVERRIDE_PROJECT_OWNERS: "OVERRIDE_PROJECT_OWNERS",
+  USE_ASSET_TYPE: "USE_ASSET_TYPE",
 } as const;
 
 /**
@@ -10550,18 +10603,6 @@ export interface SubscribedListingInput {
   identifier: string | undefined;
 }
 
-/**
- * <p>The project that is to be given a subscription grant.</p>
- * @public
- */
-export interface SubscribedProjectInput {
-  /**
-   * <p>The identifier of the project that is to be given a subscription grant.</p>
-   * @public
-   */
-  identifier?: string | undefined;
-}
-
 /**
  * @internal
  */

clients/client-datazone/src/models/models_1.ts

@@ -77,7 +77,6 @@ import {
   SubscribedListingInput,
   SubscribedPrincipal,
   SubscribedPrincipalFilterSensitiveLog,
-  SubscribedProjectInput,
   SubscriptionGrantOverallStatus,
   SubscriptionRequestStatus,
   SubscriptionStatus,
@@ -87,6 +86,18 @@ import {
   UserDesignation,
 } from "./models_0";
 
+/**
+ * <p>The project that is to be given a subscription grant.</p>
+ * @public
+ */
+export interface SubscribedProjectInput {
+  /**
+   * <p>The identifier of the project that is to be given a subscription grant.</p>
+   * @public
+   */
+  identifier?: string | undefined;
+}
+
 /**
  * <p>The principal that is to be given a subscriptiong grant.</p>
  * @public
@@ -11206,24 +11217,6 @@ export const SearchOutputAdditionalAttribute = {
 export type SearchOutputAdditionalAttribute =
   (typeof SearchOutputAdditionalAttribute)[keyof typeof SearchOutputAdditionalAttribute];
 
-/**
- * <p>A search filter in Amazon DataZone.</p>
- * @public
- */
-export interface Filter {
-  /**
-   * <p>A search filter attribute in Amazon DataZone.</p>
-   * @public
-   */
-  attribute: string | undefined;
-
-  /**
-   * <p>A search filter value in Amazon DataZone.</p>
-   * @public
-   */
-  value: string | undefined;
-}
-
 /**
  * @internal
  */

clients/client-datazone/src/models/models_2.ts

@@ -64,7 +64,6 @@ import {
   DataProductListingItemFilterSensitiveLog,
   DataProductResultItem,
   DataProductResultItemFilterSensitiveLog,
-  Filter,
   Import,
   ImportFilterSensitiveLog,
   SearchOutputAdditionalAttribute,
@@ -76,6 +75,24 @@ import {
   UserProfileType,
 } from "./models_1";
 
+/**
+ * <p>A search filter in Amazon DataZone.</p>
+ * @public
+ */
+export interface Filter {
+  /**
+   * <p>A search filter attribute in Amazon DataZone.</p>
+   * @public
+   */
+  attribute: string | undefined;
+
+  /**
+   * <p>A search filter value in Amazon DataZone.</p>
+   * @public
+   */
+  value: string | undefined;
+}
+
 /**
  * <p>The details of the search.</p>
  * @public
@@ -2134,7 +2151,8 @@ export interface UpdateSubscriptionTargetOutput {
 
   /**
    * <p>The authorized principals to be updated as part of the
-   *             <code>UpdateSubscriptionTarget</code> action.</p>
+   *             <code>UpdateSubscriptionTarget</code> action. Updates are supported in batches of 5 at a
+   *          time.</p>
    * @public
    */
   authorizedPrincipals: string[] | undefined;