:doc:`Redshift <../../redshift>` / Client / modify_redshift_idc_application

*******************************
modify_redshift_idc_application
*******************************



.. py:method:: Redshift.Client.modify_redshift_idc_application(**kwargs)

  

  Changes an existing Amazon Redshift IAM Identity Center application.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/ModifyRedshiftIdcApplication>`_  


  **Request Syntax**
  ::

    response = client.modify_redshift_idc_application(
        RedshiftIdcApplicationArn='string',
        IdentityNamespace='string',
        IamRoleArn='string',
        IdcDisplayName='string',
        AuthorizedTokenIssuerList=[
            {
                'TrustedTokenIssuerArn': 'string',
                'AuthorizedAudiencesList': [
                    'string',
                ]
            },
        ],
        ServiceIntegrations=[
            {
                'LakeFormation': [
                    {
                        'LakeFormationQuery': {
                            'Authorization': 'Enabled'|'Disabled'
                        }
                    },
                ],
                'S3AccessGrants': [
                    {
                        'ReadWriteAccess': {
                            'Authorization': 'Enabled'|'Disabled'
                        }
                    },
                ],
                'Redshift': [
                    {
                        'Connect': {
                            'Authorization': 'Enabled'|'Disabled'
                        }
                    },
                ]
            },
        ]
    )
    
  :type RedshiftIdcApplicationArn: string
  :param RedshiftIdcApplicationArn: **[REQUIRED]** 

    The ARN for the Redshift application that integrates with IAM Identity Center.

    

  
  :type IdentityNamespace: string
  :param IdentityNamespace: 

    The namespace for the Amazon Redshift IAM Identity Center application to change. It determines which managed application verifies the connection token.

    

  
  :type IamRoleArn: string
  :param IamRoleArn: 

    The IAM role ARN associated with the Amazon Redshift IAM Identity Center application to change. It has the required permissions to be assumed and invoke the IDC Identity Center API.

    

  
  :type IdcDisplayName: string
  :param IdcDisplayName: 

    The display name for the Amazon Redshift IAM Identity Center application to change. It appears on the console.

    

  
  :type AuthorizedTokenIssuerList: list
  :param AuthorizedTokenIssuerList: 

    The authorized token issuer list for the Amazon Redshift IAM Identity Center application to change.

    

  
    - *(dict) --* 

      The authorized token issuer for the Amazon Redshift IAM Identity Center application.

      

    
      - **TrustedTokenIssuerArn** *(string) --* 

        The ARN for the authorized token issuer for integrating Amazon Redshift with IDC Identity Center.

        

      
      - **AuthorizedAudiencesList** *(list) --* 

        The list of audiences for the authorized token issuer for integrating Amazon Redshift with IDC Identity Center.

        

      
        - *(string) --* 

        
    
    

  :type ServiceIntegrations: list
  :param ServiceIntegrations: 

    A collection of service integrations associated with the application.

    

  
    - *(dict) --* 

      A list of service integrations.

      .. note::    This is a Tagged Union structure. Only one of the     following top level keys can be set: ``LakeFormation``, ``S3AccessGrants``, ``Redshift``. 

    
      - **LakeFormation** *(list) --* 

        A list of scopes set up for Lake Formation integration.

        

      
        - *(dict) --* 

          A list of scopes set up for Lake Formation integration.

          .. note::    This is a Tagged Union structure. Only one of the     following top level keys can be set: ``LakeFormationQuery``. 

        
          - **LakeFormationQuery** *(dict) --* 

            The Lake Formation scope.

            

          
            - **Authorization** *(string) --* **[REQUIRED]** 

              Determines whether the query scope is enabled or disabled.

              

            
          
        
    
      - **S3AccessGrants** *(list) --* 

        A list of scopes set up for S3 Access Grants integration.

        

      
        - *(dict) --* 

          A list of scopes set up for S3 Access Grants integration.

          .. note::    This is a Tagged Union structure. Only one of the     following top level keys can be set: ``ReadWriteAccess``. 

        
          - **ReadWriteAccess** *(dict) --* 

            The S3 Access Grants scope.

            

          
            - **Authorization** *(string) --* **[REQUIRED]** 

              Determines whether the read/write scope is enabled or disabled.

              

            
          
        
    
      - **Redshift** *(list) --* 

        A list of scopes set up for Amazon Redshift integration.

        

      
        - *(dict) --* 

          A union structure that defines the scope of Amazon Redshift service integrations. Contains configuration for different integration types such as Amazon Redshift.

          .. note::    This is a Tagged Union structure. Only one of the     following top level keys can be set: ``Connect``. 

        
          - **Connect** *(dict) --* 

            The Amazon Redshift connect integration scope configuration. Defines authorization settings for Amazon Redshift connect service integration.

            

          
            - **Authorization** *(string) --* **[REQUIRED]** 

              Determines whether the Amazon Redshift connect integration is enabled or disabled for the application.

              

            
          
        
    
    

  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'RedshiftIdcApplication': {
              'IdcInstanceArn': 'string',
              'RedshiftIdcApplicationName': 'string',
              'RedshiftIdcApplicationArn': 'string',
              'IdentityNamespace': 'string',
              'IdcDisplayName': 'string',
              'IamRoleArn': 'string',
              'IdcManagedApplicationArn': 'string',
              'IdcOnboardStatus': 'string',
              'AuthorizedTokenIssuerList': [
                  {
                      'TrustedTokenIssuerArn': 'string',
                      'AuthorizedAudiencesList': [
                          'string',
                      ]
                  },
              ],
              'ServiceIntegrations': [
                  {
                      'LakeFormation': [
                          {
                              'LakeFormationQuery': {
                                  'Authorization': 'Enabled'|'Disabled'
                              }
                          },
                      ],
                      'S3AccessGrants': [
                          {
                              'ReadWriteAccess': {
                                  'Authorization': 'Enabled'|'Disabled'
                              }
                          },
                      ],
                      'Redshift': [
                          {
                              'Connect': {
                                  'Authorization': 'Enabled'|'Disabled'
                              }
                          },
                      ]
                  },
              ],
              'ApplicationType': 'None'|'Lakehouse',
              'Tags': [
                  {
                      'Key': 'string',
                      'Value': 'string'
                  },
              ],
              'SsoTagKeys': [
                  'string',
              ]
          }
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **RedshiftIdcApplication** *(dict) --* 

        Contains properties for the Redshift IDC application.

        
        

        - **IdcInstanceArn** *(string) --* 

          The ARN for the IAM Identity Center instance that Redshift integrates with.

          
        

        - **RedshiftIdcApplicationName** *(string) --* 

          The name of the Redshift application in IAM Identity Center.

          
        

        - **RedshiftIdcApplicationArn** *(string) --* 

          The ARN for the Redshift application that integrates with IAM Identity Center.

          
        

        - **IdentityNamespace** *(string) --* 

          The identity namespace for the Amazon Redshift IAM Identity Center application. It determines which managed application verifies the connection token.

          
        

        - **IdcDisplayName** *(string) --* 

          The display name for the Amazon Redshift IAM Identity Center application. It appears on the console.

          
        

        - **IamRoleArn** *(string) --* 

          The ARN for the Amazon Redshift IAM Identity Center application. It has the required permissions to be assumed and invoke the IDC Identity Center API.

          
        

        - **IdcManagedApplicationArn** *(string) --* 

          The ARN for the Amazon Redshift IAM Identity Center application.

          
        

        - **IdcOnboardStatus** *(string) --* 

          The onboarding status for the Amazon Redshift IAM Identity Center application.

          
        

        - **AuthorizedTokenIssuerList** *(list) --* 

          The authorized token issuer list for the Amazon Redshift IAM Identity Center application.

          
          

          - *(dict) --* 

            The authorized token issuer for the Amazon Redshift IAM Identity Center application.

            
            

            - **TrustedTokenIssuerArn** *(string) --* 

              The ARN for the authorized token issuer for integrating Amazon Redshift with IDC Identity Center.

              
            

            - **AuthorizedAudiencesList** *(list) --* 

              The list of audiences for the authorized token issuer for integrating Amazon Redshift with IDC Identity Center.

              
              

              - *(string) --* 
          
        
      
        

        - **ServiceIntegrations** *(list) --* 

          A list of service integrations for the Redshift IAM Identity Center application.

          
          

          - *(dict) --* 

            A list of service integrations.

            .. note::    This is a Tagged Union structure. Only one of the     following top level keys will be set: ``LakeFormation``, ``S3AccessGrants``, ``Redshift``.     If a client receives an unknown member it will     set ``SDK_UNKNOWN_MEMBER`` as the top level key,     which maps to the name or tag of the unknown     member. The structure of ``SDK_UNKNOWN_MEMBER`` is     as follows::

                        'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}


          
            

            - **LakeFormation** *(list) --* 

              A list of scopes set up for Lake Formation integration.

              
              

              - *(dict) --* 

                A list of scopes set up for Lake Formation integration.

                .. note::    This is a Tagged Union structure. Only one of the     following top level keys will be set: ``LakeFormationQuery``.     If a client receives an unknown member it will     set ``SDK_UNKNOWN_MEMBER`` as the top level key,     which maps to the name or tag of the unknown     member. The structure of ``SDK_UNKNOWN_MEMBER`` is     as follows::

                                'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}


              
                

                - **LakeFormationQuery** *(dict) --* 

                  The Lake Formation scope.

                  
                  

                  - **Authorization** *(string) --* 

                    Determines whether the query scope is enabled or disabled.

                    
              
            
          
            

            - **S3AccessGrants** *(list) --* 

              A list of scopes set up for S3 Access Grants integration.

              
              

              - *(dict) --* 

                A list of scopes set up for S3 Access Grants integration.

                .. note::    This is a Tagged Union structure. Only one of the     following top level keys will be set: ``ReadWriteAccess``.     If a client receives an unknown member it will     set ``SDK_UNKNOWN_MEMBER`` as the top level key,     which maps to the name or tag of the unknown     member. The structure of ``SDK_UNKNOWN_MEMBER`` is     as follows::

                                'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}


              
                

                - **ReadWriteAccess** *(dict) --* 

                  The S3 Access Grants scope.

                  
                  

                  - **Authorization** *(string) --* 

                    Determines whether the read/write scope is enabled or disabled.

                    
              
            
          
            

            - **Redshift** *(list) --* 

              A list of scopes set up for Amazon Redshift integration.

              
              

              - *(dict) --* 

                A union structure that defines the scope of Amazon Redshift service integrations. Contains configuration for different integration types such as Amazon Redshift.

                .. note::    This is a Tagged Union structure. Only one of the     following top level keys will be set: ``Connect``.     If a client receives an unknown member it will     set ``SDK_UNKNOWN_MEMBER`` as the top level key,     which maps to the name or tag of the unknown     member. The structure of ``SDK_UNKNOWN_MEMBER`` is     as follows::

                                'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}


              
                

                - **Connect** *(dict) --* 

                  The Amazon Redshift connect integration scope configuration. Defines authorization settings for Amazon Redshift connect service integration.

                  
                  

                  - **Authorization** *(string) --* 

                    Determines whether the Amazon Redshift connect integration is enabled or disabled for the application.

                    
              
            
          
        
      
        

        - **ApplicationType** *(string) --* 

          The type of application being created. Valid values are ``None`` or ``Lakehouse``. Use ``Lakehouse`` to enable Amazon Redshift federated permissions on cluster.

          
        

        - **Tags** *(list) --* 

          A list of tags.

          
          

          - *(dict) --* 

            A tag consisting of a name/value pair for a resource.

            
            

            - **Key** *(string) --* 

              The key, or name, for the resource tag.

              
            

            - **Value** *(string) --* 

              The value for the resource tag.

              
        
      
        

        - **SsoTagKeys** *(list) --* 

          A list of tags keys that Redshift Identity Center applications copy to IAM Identity Center. For each input key, the tag corresponding to the key-value pair is propagated.

          
          

          - *(string) --* 
      
    
  
  **Exceptions**
  
  *   :py:class:`Redshift.Client.exceptions.RedshiftIdcApplicationNotExistsFault`

  
  *   :py:class:`Redshift.Client.exceptions.DependentServiceUnavailableFault`

  
  *   :py:class:`Redshift.Client.exceptions.UnsupportedOperationFault`

  
  *   :py:class:`Redshift.Client.exceptions.DependentServiceAccessDeniedFault`

  