swagger: '2.0' info: title: Data Lake API description: >- Service for storing Objects, download objects, add extended metadata tags, subscribe for notifications, import tenant specific MindSphere Time Series data, and enable data access using cross account access and STS in Integrated MindSphere Data Lake. - Objects reside in user specified path like below example. Extension in object name is optional. Root path can be denoted as "/" /basefolder/subfolder/objectname.objectext - The following generic error codes might occur at any of the specified operations. Generic errors are prefixed with 'mdsp.core.generic.'. - missingParameter - invalidParameter - missingRequestBodyProperty - invalidRequestBodyProperty - unauthorized - forbidden - noMatch - unsupportedMediaType - tooManyRequests - internalServerError version: "3.4.1" x-visibility: external schemes: - https basePath: /api/datalake/v3 tags: - name: Objects Metadata Catalog Operations description: Data Lake objects metadata catalog operations. - name: Object Access Operations description: Data Lake object access operations. - name: Object Operations description: Data Lake object operations. - name: Object Event Subscription Operations description: >- Tenants can choose to be notified for object events (add, update or delete) for their space in Data Lake. - name: Time Series Bulk Import description: Time Series Bulk Import Operations. - name: Object Operations with Access Token description: >- Tenants can request for access token to make direct object operations in object storage securityDefinitions: datalakeservice: type: oauth2 flow: accessCode authorizationUrl: 'https://oauth.simple.api/authorization' tokenUrl: 'https://oauth.simple.api/token' scopes: dl.ds.r: read object dl.ds.w: write object dl.ds.d: delete object dl.de.r: read event subscription dl.de.w: create event subscription dl.de.d: delete event subscription dl.da.r: read object for data access dl.da.w: write object for data access dl.da.d: delete object for data access dl.dat.r: read object for data access token dl.dat.w: write scope to enable write data access token dl.dat.d: delete scope to enable delete data access token dl.tsi.w: create time series import dl.tsi.r: read time series imports dl.tsi.d: delete time series import paths: /generateUploadObjectUrls: post: summary: Generate signed URLs to upload an object. tags: - Object Access Operations description: Generate signed URLs to upload one or more objects. operationId: generateUploadObjectUrls security: - datalakeservice: - dl.ds.w parameters: - name: generateUrlPayload in: body description: upload payload with path details array and optional subtenat id schema: $ref: '#/definitions/GenerateUrlPayload' produces: - application/json responses: '201': description: Signed URL response for upload schema: $ref: '#/definitions/SignedUrlResponse' '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
pathTooLong Value of request body property complete path, which is, the default path {defaultpath} and input path must be no longer than 1024 characters.
pathHasInvalidCharacters Characters used for values of request body property paths[].path must be in the character set '[a-zA-Z0-9.!*'() _-/=]'.Spaces are not allowed at beginning or at end. Also, consecutive spaces are not allowed.
pathInvalid Provided property paths[].path is invalid.
noSuchSubtenant Provided subtenant does not belong to tenant.
tooManyPaths A maximum of 30 paths can be provided per request.
agentPathMismatch Agent ID from agent authorization token and path requested for upload do not match.
schema: $ref: '#/definitions/Errors' '403': $ref: '#/responses/SubtenantIdNotAllowed' default: description: Other error with any status code and response body format. /generateDownloadObjectUrls: post: summary: Generate signed URLs to download for single object. tags: - Object Access Operations description: Generate signed URLs to download for single object. operationId: generateDownloadObjectUrls security: - datalakeservice: - dl.ds.r parameters: - name: generateUrlPayload in: body description: download payload with path details array and optional subtenat id schema: $ref: '#/definitions/GenerateUrlPayload' produces: - application/json responses: '201': description: Signed URL response for download schema: $ref: '#/definitions/SignedUrlResponse' '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
pathTooLong Value of request body property complete path, which is, the default path {defaultpath} and input path must be no longer than 1024 characters.
pathHasInvalidCharacters Characters used for values of request body property paths[].path must be in the character set '[a-zA-Z0-9.!*'() _-/=]'.Spaces are not allowed at beginning or at end. Also, consecutive spaces are not allowed.
pathInvalid Provided property paths[].path is invalid.
noSuchSubtenant Provided subtenant does not belong to tenant.
tooManyPaths A maximum of 1 paths can be provided per request.
objectNotAccessible Object with storage class COLD is not accessible.
schema: $ref: '#/definitions/Errors' '403': $ref: '#/responses/SubtenantIdNotAllowed' '404': description: | Not Found. Possible errors:
Code Suffix Message (parametrized)
objectNotFoundError Object not found.
schema: $ref: '#/definitions/Errors' default: description: Other error with any status code and response body format. '/objects': get: summary: Query objects. tags: - Object Operations description: >- Retrieve information on existing objects. In case a folder is specified as input path, all child objects within the folder are returned. Objects in sub-folders of the given folder are not returned. In case a file is specified as input path, only the file is returned. Only the objects of one tenant or subtenant are returned. In case a tenant wants to retrieve information on a subtenant's objects, the subtenantId query parameter must be used. operationId: queryObjects security: - datalakeservice: - dl.ds.r produces: - application/json parameters: - name: path in: query required: false default: "/" type: string description: | Path to folder or file object. In case of folder, all child objects are returned. In case of file, only the corresponding object is returned. - name: subtenantId in: query description: Only to be used by tenants, to address a subtenant's object. If not provided by a tenant, its own object is addressed. Subtenants are not allowed to use this parameter and can only address their own object. type: string - $ref: '#/parameters/PageToken' responses: '200': description: List of folders and objects. schema: $ref: '#/definitions/ObjectListResponse' '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
parameterPathTooLong Parameter complete path, which is, the default path {defaultpath} and input path must be no longer than 1024 characters.
parameterPathInvalid Provided parameter path is invalid.
noSuchSubtenant Provided subtenant does not belong to tenant.
schema: $ref: '#/definitions/Errors' '403': $ref: '#/responses/SubtenantIdNotAllowed' '404': description: | Not Found. Possible errors:
Code Suffix Message (parametrized)
pathNotFound Requested path not found.
schema: $ref: '#/definitions/Errors' default: description: Other error with any status code and response body format. '/objects/{path}': delete: summary: delete an object. tags: - Object Operations description: Delete the object for the specified path. operationId: deleteObject security: - datalakeservice: - dl.ds.d produces: - application/json parameters: - $ref: '#/parameters/path' - name: subtenantId in: query description: Only to be used by tenants, to address a subtenant's object. If not provided by a tenant, its own object is addressed. Subtenants are not allowed to use this parameter and can only address their own object. type: string responses: '204': description: deleted '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
parameterPathTooLong Parameter complete path, which is, the default path {defaultpath} and input path must be no longer than 1024 characters.
parameterPathInvalid Provided parameter path is invalid.
noSuchSubtenant Provided subtenant does not belong to tenant.
schema: $ref: '#/definitions/Errors' '403': $ref: '#/responses/SubtenantIdNotAllowed' '404': description: | Not Found. Possible errors:
Code Suffix Message (parametrized)
objectNotFoundError Object not found.
schema: $ref: '#/definitions/Errors' default: description: Other error with any status code and response body format. '/deleteObjectsJobs': post: summary: Delete multiple objects in bulk. tags: - Object Operations description: Create asynchronous job to delete multiple objects for the specified paths. If any of the given paths doesn't exist then job will return status as COMPLETED_WITH_ERRORS.

Jobs which are completed with or without errors would be deleted periodically.

Data once deleted cannot be recovered. operationId: createDeleteObjectsJob security: - datalakeservice: - dl.ds.d produces: - application/json parameters: - name: DeleteObjectsJob in: body description: Delete Objects Job required: true schema: $ref: '#/definitions/DeleteObjectsJobRequest' responses: '202': description: Accepted schema: $ref: '#/definitions/DeleteObjectsJobResponse' '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
pathTooLong Path '{path}' must be no longer than 1024 characters.
pathInvalid Provided path '{path}' is invalid.
pathDuplicate Provided path '{path}' is duplicate.
noSuchSubtenant Provided subtenant does not belong to tenant.
schema: $ref: '#/definitions/Errors' '403': $ref: '#/responses/SubtenantIdNotAllowed' default: description: Other error with any status code and response body format. get: summary: Fetch details of all the Delete Objects Jobs. tags: - Object Operations description: >- Retrieve list of all the Delete Objects Jobs. operationId: getAllDeleteObjectsJob security: - datalakeservice: - dl.ds.r produces: - application/json parameters: - $ref: '#/parameters/page' - $ref: '#/parameters/deleteSize' - name: filter in: query type: string description: | JSON-based filter expression. Supported values: 'subtenantId' and 'status'. Supported operations: 'eq'. Decoded example for exact match: { "subtenantId": "204a896c-a23a-11e9-a2a3-2a2ae2dbcce4", "status": "IN_PROGRESS" } responses: '200': description: List of Delete Objects Jobs. schema: $ref: '#/definitions/DeleteObjectsJobList' '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
noSuchSubtenant Provided subtenant does not belong to tenant.
invalidPageSize Page size cannot exceed {maxPageSize}.
invalidStatus Provided job status is not valid.
schema: $ref: '#/definitions/Errors' '403': $ref: '#/responses/SubtenantIdNotAllowed' default: description: Other error with any status code and response body format. /deleteObjectsJobs/{id}: get: summary: Fetch status and details of Delete Objects Job. tags: - Object Operations description: >- Retrieve information of given Delete Objects Job.
Only the objects of one tenant or subtenant are returned. In case a tenant wants to retrieve information on a subtenant's objects, the subtenantId query parameter must be used. operationId: getDeleteObjectsJob security: - datalakeservice: - dl.ds.r produces: - application/json parameters: - name: id in: path description: Unique identifier of the Delete Objects Job required: true type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' responses: '200': description: List of folders and objects. schema: $ref: '#/definitions/DeleteObjectsJobResponse' '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
noSuchSubtenant Provided subtenant does not belong to tenant.
schema: $ref: '#/definitions/Errors' '403': $ref: '#/responses/SubtenantIdNotAllowed' '404': description: | Not Found. Possible errors:
Code Suffix Message (parametrized)
jobNotFound Requested job not found.
schema: $ref: '#/definitions/Errors' default: description: Other error with any status code and response body format. '/deleteObjectsJobs/{id}/errors': get: summary: Fetch errors of Delete Objects Job. tags: - Object Operations description: >- Retrieve errors of given Delete Objects Job. This endpoint should be called only when /deleteObjectsJobs/{id} returns status as COMPLETED_WITH_ERRORS
Only the objects of one tenant or subtenant are returned. In case a tenant wants to retrieve information on a subtenant's objects, the subtenantId query parameter must be used. operationId: getDeleteObjectsJobErrors security: - datalakeservice: - dl.ds.r produces: - application/json parameters: - name: id in: path description: Unique identifier of the Delete Objects Job required: true type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' responses: '200': description: Status of Delete Objects Job and list of objects for which delete failed.. schema: $ref: '#/definitions/DeleteObjectsJobErrorDetailsResponse' '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
noSuchSubtenant Provided subtenant does not belong to tenant.
invalidJobStatus Provided Job doesn't have status as COMPLETED_WITH_ERRORS.
schema: $ref: '#/definitions/Errors' '403': $ref: '#/responses/SubtenantIdNotAllowed' '404': description: | Not Found. Possible errors:
Code Suffix Message (parametrized)
jobNotFound Requested job not found.
schema: $ref: '#/definitions/Errors' default: description: Other error with any status code and response body format. /crossAccounts: post: summary: Create a cross account tags: - Object Access Operations description: Create a cross account on which access needs to be given for paths. * If, in request body subtenant is denoted as "**", it is a special cross account. In this case, on this cross account, tenant implicitly gets Read Only access to the storage account's root level data path for itself and for all its subtenants. For this case, the authorization token should be that of the tenant. operationId: createCrossAccount security: - datalakeservice: - dl.da.w parameters: - name: crossAccountRequest in: body description: Cross Account Request required: true schema: $ref: '#/definitions/CrossAccountRequest' consumes: - application/json produces: - application/json responses: '201': description: created headers: ETag: type: number description: ETag of the resource schema: $ref: '#/definitions/CrossAccount' '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
invalidAccessorAccountId Accessor account Id is invalid.
noSuchSubtenant Provided subtenant does not belong to tenant.
parameterTooLong Input parameter {name} must be no longer than {length} characters.
schema: $ref: '#/definitions/Errors' '403': $ref: '#/responses/SubtenantIdNotAllowed' '409': $ref: '#/responses/CrossAccountConflicts' default: description: Other error with any status code and response body format. get: summary: Get a list of cross accounts tags: - Object Access Operations description: Get list of cross accounts on which access was given. * If requester is tenant, all the cross account for the tenant as well as its all subtenants are returned. * If requester is a subtenant, all the cross accounts for the subtenant are returned. * If tenant wants to filter results for a particular subtenant, filter query parameter subtenantId can be used. This filter query parameter is applicable only if the requester is tenant. operationId: listCrossAccount security: - datalakeservice: - dl.da.r parameters: - $ref: '#/parameters/page' - $ref: '#/parameters/size' - name: filter in: query type: string description: | JSON-based filter expression. Supported values: 'subtenantId'. Supported operations: 'eq'. Decoded example value: { "subtenantId": "204a896c-a23a-11e9-a2a3-2a2ae2dbcce4" } produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CrossAccountListResource' '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
noSuchSubtenant Provided subtenant does not belong to tenant.
schema: $ref: '#/definitions/Errors' '403': $ref: '#/responses/SubtenantIdNotAllowed' default: description: Other error with any status code and response body format. /crossAccounts/{id}: get: summary: Get details of selected cross account tags: - Object Access Operations description: Get details of selected cross account. operationId: getCrossAccount security: - datalakeservice: - dl.da.r parameters: - name: id in: path description: unique identifier of the cross account required: true type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' produces: - application/json responses: '200': description: OK headers: ETag: type: integer description: ETag of the resource schema: $ref: '#/definitions/CrossAccount' '404': $ref: '#/responses/CrossAccountNotFound' default: description: Other error with any status code and response body format. patch: summary: Update a cross account tags: - Object Access Operations description: Update a cross account on which access needs to be managed. operationId: updateCrossAccount security: - datalakeservice: - dl.da.w parameters: - name: id in: path description: unique identifier of the cross account required: true type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' - $ref: '#/parameters/ifMatchMandatory' - name: crossAccountRequest in: body description: Cross Account Request required: true schema: $ref: '#/definitions/CrossAccountUpdateRequest' consumes: - application/json produces: - application/json responses: '200': description: OK headers: ETag: type: integer description: ETag of the resource schema: $ref: '#/definitions/CrossAccount' '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
parameterTooLong Input parameter {name} must be no longer than {length} characters.
schema: $ref: '#/definitions/Errors' '404': $ref: '#/responses/CrossAccountNotFound' '409': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
nameConflict Cross account with given name already exists.
schema: $ref: '#/definitions/Errors' default: description: Other error with any status code and response body format. delete: summary: Delete cross account and corresponding accesses. tags: - Object Access Operations description: Delete cross account and corresponding accesses. operationId: deleteCrossAccount security: - datalakeservice: - dl.da.d parameters: - name: id in: path description: unique identifier of the cross account required: true type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' - $ref: '#/parameters/ifMatchMandatory' produces: - application/json responses: '204': description: Deleted '404': $ref: '#/responses/CrossAccountNotFound' default: description: Other error with any status code and response body format. /crossAccounts/{id}/accesses: post: summary: Create a cross account access tags: - Object Access Operations description: Create a cross account access. If the cross account is created for tenant and all subtenants (**), then this operation is implicitly handled and not allowed through API. Maximum 5 cross account accesses can be created with ENABLED status. Maximum 10 cross accounts can be created with DISABLED status. operationId: createCrossAccountAccess security: - datalakeservice: - dl.da.w parameters: - name: id in: path description: unique identifier of the cross account required: true type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' - name: crossAccountAccessRequest in: body description: Cross Account Access Request required: true schema: $ref: '#/definitions/CrossAccountAccessRequest' consumes: - application/json produces: - application/json responses: '201': description: created headers: ETag: type: integer description: ETag of the resource schema: $ref: '#/definitions/CrossAccountAccess' '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
maxEnabledLimitReached Maximum limit, {limit} reached for the enabled cross account accesses.
maxDisabledLimitReached Maximum limit, {limit} reached for the disabled cross account accesses.
pathLengthExceedError Path in request body property, must not be more than 500 characters long.
pathHasInvalidCharacters Characters used for values of request body property path must be in the character set '[a-zA-Z0-9.!*'() _-/=]'.Spaces are not allowed at beginning or at end. Also, consecutive spaces are not allowed.
immutableAccess Special Read Only access at root level for the storage account is already present. Create of a new access is not supported for this cross account.
parameterTooLong Input parameter {name} must be no longer than {length} characters.
schema: $ref: '#/definitions/Errors' '404': $ref: '#/responses/CrossAccountNotFound' '409': description: | Conflict. Possible errors:
Code Suffix Message (parametrized)
accessConflict Access with matching or overlapping path already exists.
schema: $ref: '#/definitions/Errors' default: description: Other error with any status code and response body format. get: summary: Get a list of cross account accesses tags: - Object Access Operations description: Get list of cross account accesses. operationId: listCrossAccountAccess security: - datalakeservice: - dl.da.r parameters: - name: id in: path description: unique identifier of the cross account required: true type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' - $ref: '#/parameters/page' - $ref: '#/parameters/size' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CrossAccountAccessListResource' '404': $ref: '#/responses/CrossAccountNotFound' default: description: Other error with any status code and response body format. /crossAccounts/{id}/accesses/{accessId}: get: summary: Get a selected access for a selected cross account tags: - Object Access Operations description: Get a selected access for a selected cross account. operationId: getCrossAccountAccess security: - datalakeservice: - dl.da.r parameters: - name: id in: path description: unique identifier of the cross account required: true type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' - name: accessId in: path description: unique identifier of the cross account access required: true type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' produces: - application/json responses: '200': description: OK headers: ETag: type: integer description: ETag of the resource schema: $ref: '#/definitions/CrossAccountAccess' '404': $ref: '#/responses/CrossAccountOrAccessNotFound' default: description: Other error with any status code and response body format. patch: summary: Update a cross account access tags: - Object Access Operations description: Update a cross account access. This operation is not allowed when the cross account is created for special case of tenant and all subtenants (**). Maximum 5 cross account accesses can be present with ENABLED status. Maximum 10 cross accounts can be present with DISABLED status. operationId: updateCrossAccountAccess security: - datalakeservice: - dl.da.w parameters: - name: id in: path description: unique identifier of the cross account required: true type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' - name: accessId in: path description: unique identifier of the cross account access required: true type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' - $ref: '#/parameters/ifMatchMandatory' - name: crossAccountAccessRequest in: body description: Cross Account Access Request required: true schema: $ref: '#/definitions/CrossAccountAccessRequest' consumes: - application/json produces: - application/json responses: '200': description: OK headers: ETag: type: integer description: ETag of the resource schema: $ref: '#/definitions/CrossAccountAccess' '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
maxEnabledLimitReached Maximum limit, {limit} reached for the enabled cross account accesses.
maxDisabledLimitReached Maximum limit, {limit} reached for the disabled cross account accesses.
pathTooLong Value of request body property path must be no longer than 500 characters.
pathHasInvalidCharacters Characters used for values of request body property path must be in the character set '[a-zA-Z0-9.!*'() _-/=]'.Spaces are not allowed at beginning or at end. Also, consecutive spaces are not allowed.
immutableAccess Special Read Only access at root level for the storage account. Update is not supported for this access.
parameterTooLong Input parameter {name} must be no longer than {length} characters.
schema: $ref: '#/definitions/Errors' '404': $ref: '#/responses/CrossAccountOrAccessNotFound' '409': description: | Conflict. Possible errors:
Code Suffix Message (parametrized)
accessConflict Access with matching or overlapping path already exists.
schema: $ref: '#/definitions/Errors' default: description: Other error with any status code and response body format. delete: summary: Delete a cross account access. tags: - Object Access Operations description: Delete a cross account access. If the cross account is created for tenant and all subtenants (**), then this operation is implicitly handled by deletion of cross account and not allowed through API operationId: deleteCrossAccountAccess security: - datalakeservice: - dl.da.d parameters: - name: id in: path description: unique identifier of the cross account required: true type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' - name: accessId in: path description: unique identifier of the cross account required: true type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' - $ref: '#/parameters/ifMatchMandatory' produces: - application/json responses: '204': description: deleted '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
immutableAccess Special Read Only access at root level for the storag account. Delete is not supported for this access. Delete the cross account if required.
schema: $ref: '#/definitions/Errors' '404': $ref: '#/responses/CrossAccountOrAccessNotFound' default: description: Other error with any status code and response body format. /accessTokenPermissions: post: summary: Allows to give write premission on folder/path tags: - Object Operations with Access Token description: >- Allows users (tenant) to give write permission on folder/path. This API can only be accessed by tenant admin. Tenant admin can also provide write permission on subtenant folder. Write permission on root folder can also be given, except TSI folder operationId: accessTokenPermissions security: - datalakeservice: - dl.dat.w produces: - application/json parameters: - name: writePathPayload in: body description: Optional subtenantId (if path for write permission belongs to the tenant) schema: $ref: '#/definitions/AccessTokenPermissionRequest' responses: '201': description: >- Created. schema: $ref: '#/definitions/AccessTokenPermissionResource' '400': description: | Bad request. Possible errors:

Code Suffix Message (parametrized)
accessNotAllowedForPath Access not allowed for given path {path}.
pathHasInvalidCharacters Characters used for values of request body property paths[].path must be in the character set '[a-zA-Z0-9.!*'() _-/=]'.Spaces are not allowed at beginning or at end. Also, consecutive spaces are not allowed.
pathTooLong Path must be no longer than 1024 characters.
noSuchSubtenant Provided subtenant does not belong to tenant.
invalidPermission Invalid input parameter permission {permission}.
tooManyAccessTokenPermissions  For Tenant/Subtenant access on more than {max} prefix is not allowed.
schema: $ref: '#/definitions/Errors' '403': $ref: '#/responses/SubtenantIdNotAllowed' default: description: Other error with any status code and response body format. get: summary: List all folders having write premission tags: - Object Operations with Access Token description: List all folders having write permission. This API can be accessed by tenant admin, to list all write permission folders including of subtenants. Subtenant can access this API, to get list write permission folders owned by subtenant.

Limitations

*

Size parameter value should not be more than 1000.

operationId: listAccessTokenPermissions security: - datalakeservice: - dl.dat.r parameters: - $ref: '#/parameters/page' - $ref: '#/parameters/size' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AccessTokenPermissionResources' default: description: Other error with any status code and response body format. /accessTokenPermissions/{id}: get: summary: Details of the write folder request for the given id tags: - Object Operations with Access Token description: Details of the write folder request for the given id This API can be accessed by tenant admin, to get details of the request including for subtenants. Subtenant can access this API, to get details of the request belongs to their write folder. operationId: getAccessTokenPermissions security: - datalakeservice: - dl.dat.r parameters: - name: id in: path description: Unique identifier of the write enabled folders required: true type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AccessTokenPermissionResource' '404': description: | Not Found. Possible errors:
Code Suffix Message (parametrized)
accessTokenPermissionsNotFound  Access Token Permissions Not Found.
schema: $ref: '#/definitions/Errors' default: description: Other error with any status code and response body format. delete: summary: Delete write permission on folder for the given id tags: - Object Operations with Access Token description: Delete write permission on folder for the given id This API can be accessed by tenant admin only operationId: deleteAccessTokenPermissions security: - datalakeservice: - dl.dat.d parameters: - name: id in: path description: Unique identifier of the write enabled folders required: true type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' produces: - application/json responses: '204': description: deleted '403': description: | Forbidden. Possible errors:
Code Suffix Message (parametrized)
subtenantNotAllowed Only tenants can address a subtenant's resource.
schema: $ref: '#/definitions/Errors' '404': description: | Not Found. Possible errors:
Code Suffix Message (parametrized)
accessTokenPermissionsNotFound  Access Token Permissions Not Found.
schema: $ref: '#/definitions/Errors' default: description: Other error with any status code and response body format. /generateAccessToken: post: summary: Generate AWS STS token tags: - Object Operations with Access Token description: Allows users to request temporary, limited-privilege AWS credentials to get read-only or write-only access on the URI returned in the response. * Read permission will always be on the root level. * Path field is optional for READ permission - If value for path is not provided then it will be considered on root level ("/"). * Ensure to enable write access on the path before requesting token with write permission. * Write access can be enabled using POST /accessTokenPermissions endpoint. * An access token requested for a given path also automatically gives access to all subpaths of the path. For example, if an access token is requested for path /a and there are subpaths /a/b and /a/b/c, the token allows to access those too. * An access token with write permissions can only be requested for the paths defined by resource accessTokenPermissions. An acecss token with read permissions can only be requested for the root path /. operationId: generateAccessToken security: - datalakeservice: - dl.dat.r produces: - application/json parameters: - name: stsPayload in: body description: Optional subtenant ID (if tenant is performing action on behalf of subtenant) schema: $ref: '#/definitions/GenerateSTSPayload' responses: '200': description: >- STS Token (temporary access token to access S3) and AWS S3 bucket Name schema: $ref: '#/definitions/AccessTokens' '400': description: | Bad request. Possible errors:

Code Suffix Message (parametrized)
pathTooLong Path must be no longer than 1024 characters.
pathHasInvalidCharacters  Characters used for values of request body property paths[].path must be in the character set '[a-zA-Z0-9.!*'() _-/=]'.Spaces are not allowed at beginning or at end. Also, consecutive spaces are not allowed.
noSuchSubtenant Provided subtenant does not belong to tenant.
invalidDurationSeconds Input parameter durationSeconds must be between {minDurationSeconds} and {maxDurationSeconds} seconds.
invalidPermission Invalid input parameter permission {permission}.
accessTokenNotEnabled Access token permission {permission} is not enabled for path {path}.
schema: $ref: '#/definitions/Errors' '403': description: | Forbidden. Possible errors:
Code Suffix Message (parametrized)
subtenantIdNotAllowed Only tenants can address a subtenant's resource using subtenantId.
schema: $ref: '#/definitions/Errors' default: description: Other error with any status code and response body format. '/objectMetadata/{path}': put: summary: Create/Update Metadata for the object. tags: - Objects Metadata Catalog Operations description: Create/Update metadata. If tenant is operating for a subtenant object, he should specify subtenant in request query parameter. If path contains special characters which require URL encoding, it should be done as appropriate. Maximum 8 tags are allowed, where each tag can be maximum 128 characters. operationId: createOrUpdateObjectMetadata security: - datalakeservice: - dl.ds.w parameters: - $ref: '#/parameters/path' - name: subtenantId in: query description: Only to be used by tenants, to address a subtenant's object metadata. If not provided by a tenant, its own object metadata is addressed. Subtenants are not allowed to use this parameter and can only address their own object metadata. e.g. subtenantId "204a896c-a23a-11e9-a2a3-2a2ae2dbcce4" type: string - name: metadata in: body description: Metadata required: true schema: $ref: '#/definitions/Metadata' consumes: - application/json responses: '201': description: Created '204': description: No Content '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
parameterPathTooLong Parameter complete path, which is, the default path {defaultpath} and input path must be no longer than 1024 characters.
parameterPathInvalid Provided parameter path is invalid.
tooManyTags More than 8 tags are not allowed.
tagTooLong Tag length must not be greater than 128 characters.
noSuchSubtenant Provided subtenant does not belong to tenant.
schema: $ref: '#/definitions/Errors' '403': $ref: '#/responses/SubtenantIdNotAllowed' default: description: Other error with any status code and response body format. get: summary: Get Metadata for the object. tags: - Objects Metadata Catalog Operations description: Get Metadata for the object. If tenant is operating for a subtenant object, he should specify subtenant in request query parameter. If path contains special characters which require URL encoding, it should be done as appropriate. operationId: retrieveObjectMetadata security: - datalakeservice: - dl.ds.r parameters: - $ref: '#/parameters/path' - name: subtenantId in: query description: Only to be used by tenants, to address a subtenant's object metadata. If not provided by a tenant, its own object metadata is addressed. Subtenants are not allowed to use this parameter and can only address their own object metadata. e.g. subtenantId "204a896c-a23a-11e9-a2a3-2a2ae2dbcce4" type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ObjectMetaDataResponse' '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
parameterPathTooLong Parameter complete path, which is, the default path {defaultpath} and input path must be no longer than 1024 characters.
parameterPathInvalid Provided parameter path is invalid.
noSuchSubtenant Provided subtenant does not belong to tenant.
schema: $ref: '#/definitions/Errors' '403': $ref: '#/responses/SubtenantIdNotAllowed' '404': description: | Not Found. Possible errors:
Code Suffix Message (parametrized)
objectMetadataNotFound Object metadata not found.
schema: $ref: '#/definitions/Errors' default: description: Other error with any status code and response body format. /objectMetadata: get: summary: Get a list of metadata tags: - Objects Metadata Catalog Operations description: Get Metadata for the object. operationId: queryObjectMetadata security: - datalakeservice: - dl.ds.r parameters: - name: subtenantId in: query description: Specifies the search based on subtenantId. if, subtenantId is denoted as "**", it will search for data in tenants & all subtenants. type: string - $ref: '#/parameters/filter' - $ref: '#/parameters/size' - $ref: '#/parameters/page' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SearchResponse' '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
noFilterProvided "Query parameter 'filter' cannot be Null or Empty and should have only one operator from the list [or,and,none].
onlyOneOperatorIsAllowed Filter criteria accepts only one operator from the list [or,and,none].
orOperatorIsEmpty Filter criteria for operator 'or' cannot be empty or null.
andOperatorIsEmpty Filter criteria for operator 'and' cannot be empty or null.
propertiesLessThanTwo 'and/or' operator must have minimum two properties from this list [name,size,tags,lastModified,location].
propertiesMoreThanOne 'none' operator must have only one property from this list [name,size,tags,lastModified,location].
nameIsEmpty 'name' cannot be empty or null and must have 'contains' as property.
locationIsEmpty 'location' cannot be empty or null and must have 'contains' as property.
sizeIsEmpty 'size' cannot be empty or null and must have only one property from this list [greaterThan,lessThan,eq,between].
lastModifiedIsEmpty 'lastModified' cannot be empty or null and must have only one property from this list [eq,before,after,between].
tagIsEmpty tags cannot be empty or null and must have a property 'in'. Property 'in' uses a list of Strings.
sizeEqPropertyIsInvalid Value must be greater than zero for 'size' filter with property 'eq'.
sizeGreaterThanPropertyIsInvalid Value must be greater than zero for 'size' filter with property 'greaterThan'
sizeLessThanPropertyIsInvalid Value must be greater than zero for 'size' filter with property 'lessThan'.
sizeBetweenIsInvalid Value for the property 'between' for 'size' filter must be a list of two elements with value greater than zero.
betweenRangeIsInvalid Range values set for the property 'between' is invalid. First value should be less than second and difference between them should be greater than one.
eqDateFormatIsInvalid Date format set for the property 'eq' is invalid. Date Format must be in the ISO Format e.g. 2017-01-20T11:00:00.000Z.
beforeDateFormatIsInvalid Date format set for the property 'before' is invalid. Date Format must be in the ISO Format e.g. 2017-01-20T11:00:00.000Z.
afterDateFormatIsInvalid Date format set for the property 'after' is invalid. Date format must be in the ISO Format e.g. 2017-01-20T11:00:00.000Z.
betweenDateFormatIsInvalid Value for the property 'between' must be a list of two elements in the ISO date format. e.g. [2017-01-20T11:00:00.000Z,2017-01-20T11:00:01.000Z].
zeroMaxRecords Query parameter 'maxRecords' must be greater than zero.
deserialzeError Error occured while deserializing one among the parameters[filter,sort].
parseError Unable to parse given in the parameter from the list [filter,sort].
missingParameterValue key is used but value is not provided for the parameter from the list [filter,sort,size].
schema: $ref: '#/definitions/Errors' default: description: Other error with any status code and response body format. /objectEventSubscriptions: post: summary: Create object event subscription. tags: - Object Event Subscription Operations description: >- Allows users to subscribe for event notifications generated when the objects of a tenant or subtenant are created, updated, or deleted. Multiple subscriptions for the same path can be created when each has a different destination. Similarly, multiple subscriptions for the same destination can be created when each has a different path. Maximum 15 subscriptions can be created for a tenant or for a subtenant. Path in request payload should be upto folders and not upto object e.g. "myfolder/mysubfolder" ### Notification Content Based on the configured subscriptions, event notification messages are published to the destination. The event notification content is formatted in JSON according to this example. If object operation happened in subtenant folder, both tenantId and subtenantId will be part of the message. If object operation happened in tenant folder, only tenantId will be part of the message.: { "path" : "/myfolder/mysubfolder/myobj.ext", "storageAccount" : "dlbucketname", "storagePath" : "/data/ten=mytenid/myfolder/mysubfolder/myobj.ext" "tenantId" : "mytenid", "subtenantId" : "204a896c-a23a-11e9-a2a3-2a2ae2dbcce4" "eventType" : "MODIFY", "timestamp" : "2019-05-17T14:47:44.351Z" } where - 'path' path applicable for supplying to Data Lake APIs like /objectMetadata - 'storageAccount' Bucket name in case of AWS S3 - 'storagePath' Complete S3 prefix path including the object name. Clients should not rely on a given path structure, but should treat storagePath as opaque. - 'tenantId' Tenant Id on whose bucket the object operation happened, resulting in notification message - 'subtenantId' Optional. Subtenant Id, in case the object operation happened for a subtenant, resuling in notification message - 'eventType' is either 'MODIFY' in case of creation or update, and 'DELETE' in case of object deletion. - 'timestamp' records the time when the event happened. It is formatted according to ISO 8601 extended date/time format 'YYYY-MM-DDThh:mm:ss.sssZ'. operationId: createObjectEventSubscription security: - datalakeservice: - dl.de.w parameters: - name: subscription in: body description: object event subscrition details required: true schema: $ref: '#/definitions/Subscription' consumes: - application/json produces: - application/json responses: '201': description: created headers: Location: type: string description: URL of the resource ETag: type: integer description: ETag of the resource schema: $ref: '#/definitions/SubscriptionResponse' '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
nameError Name should only have hyphen & alphanumeric characters and start & end with alphanumeric.
nameLengthError Name length is more than max permissible length({0}).
destinationSyntaxIncorrect Destination syntax is not correct.
maxLimitReached Maximum limit, 15 reached for subscriptions for the tenant/subtenant.
pathLengthExceedError Path in request body property, must not be more than 500 characters long.
pathHasInvalidCharacters Characters used for values of request body property path must be in the character set '[a-zA-Z0-9.!*'() _-/=]'.Spaces are not allowed at beginning or at end. Also, consecutive spaces are not allowed.
noSuchSubtenant Provided subtenant does not belong to tenant.
schema: $ref: '#/definitions/Errors' '403': $ref: '#/responses/SubtenantIdNotAllowed' '409': description: | Conflict. Possible errors:
Code Suffix Message (parametrized)
destinationConflict Existing subscription with id {id} found for same destination with exact or partial path match.
schema: $ref: '#/definitions/Errors' default: description: Other error with any status code and response body format. get: summary: List event subscriptions for the tenant or subtenant. tags: - Object Event Subscription Operations description: List object event subscriptions for the tenant or subtenant. If requester is tenant, all the subscriptions for the tenant as well as its all subtenants are returned. If requester is a subtenant, all the subscriptions for the subtenant are returned. If tenant wants to filter results for a particular subtenant, filter query parameter subtenantId can be used. This filter query parameter is applicable only if the requester is tenant. operationId: queryObjectEventSubscriptions security: - datalakeservice: - dl.de.r parameters: - $ref: '#/parameters/page' - $ref: '#/parameters/size' - name: filter in: query type: string description: | JSON-based filter expression. Supported values: 'subtenantId'. Supported operations: 'eq'. Decoded example value: { "subtenantId": "204a896c-a23a-11e9-a2a3-2a2ae2dbcce4" } produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SubscriptionListResource' default: description: Other error with any status code and response body format. '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
noSuchSubtenant Provided subtenant does not belong to tenant.
schema: $ref: '#/definitions/Errors' '403': $ref: '#/responses/SubtenantIdNotAllowed' '/objectEventSubscriptions/{id}': patch: summary: Update object event subscription by id. tags: - Object Event Subscription Operations description: Update object event subscription. operationId: patchObjectEventSubscription security: - datalakeservice: - dl.de.w parameters: - name: id in: path description: unique identifier of the subscription required: true type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' - $ref: '#/parameters/ifMatchMandatory' - name: subscription in: body description: object event subscrition details required: true schema: $ref: '#/definitions/SubscriptionUpdate' consumes: - application/json responses: '200': description: OK headers: Location: type: string description: URL of the resource ETag: type: integer description: ETag of the resource schema: $ref: '#/definitions/SubscriptionResponse' '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
nameError Name should only have hyphen & alphanumeric characters and start & end with alphanumeric.
nameLengthError Name length is more than max permissible length({0}).
destinationSyntaxIncorrect Destination syntax is not correct.
pathLengthExceedError Path in request body property, must not be more than 500 characters long.
pathHasInvalidCharacters Characters used for values of request body property path must be in the character set '[a-zA-Z0-9.!*'() _-/=]'.Spaces are not allowed at beginning or at end. Also, consecutive spaces are not allowed.
statusInvalid Status field value is invalid. Accepted values are {status}.
schema: $ref: '#/definitions/Errors' '404': description: | Not Found. Possible errors:
Code Suffix Message (parametrized)
subscriptionNotFound Subscription Not Found.
schema: $ref: '#/definitions/Errors' '409': description: | Conflict. Possible errors:
Code Suffix Message (parametrized)
destinationConflict Existing subscription with id {id} found for same destination with exact or partial path match.
subscriptionUpdated A different subscription version is available.
schema: $ref: '#/definitions/Errors' default: description: Other error with any status code and response body format. delete: summary: Delete object event subscription by id. tags: - Object Event Subscription Operations description: Delete object event subscription (Unsubscribe). operationId: deleteObjectEventSubscription security: - datalakeservice: - dl.de.d parameters: - name: id in: path description: unique identifier of the subscription required: true type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' - $ref: '#/parameters/ifMatchMandatory' produces: - application/json responses: '204': description: deleted '404': description: | Not Found. Possible errors:
Code Suffix Message (parametrized)
subscriptionNotFound Subscription Not Found.
schema: $ref: '#/definitions/Errors' '409': description: | Conflict. Possible errors:
Code Suffix Message (parametrized)
subsriptionConflict Subscription record changed in the background.
schema: $ref: '#/definitions/Errors' default: description: Other error with any status code and response body format. get: summary: Read object event subscription by id. tags: - Object Event Subscription Operations description: Read object event subscription for the tenant. operationId: retrieveObjectEventSubscription security: - datalakeservice: - dl.de.r parameters: - name: id in: path description: unique identifier of the subscrition required: true type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' produces: - application/json responses: '200': description: OK headers: ETag: type: integer description: ETag of the resource schema: $ref: '#/definitions/SubscriptionResponse' '404': description: | Not Found. Possible errors:
Code Suffix Message (parametrized)
subscriptionNotFound Subscription Not Found.
schema: $ref: '#/definitions/Errors' default: description: Other error with any status code and response body format. /timeSeriesImportJobs: post: summary: Creates a bulk import job of time series data into data lake. description: >- Creates an asynchronous job to bulk import time series data into data lake. The import takes into account time series data from the provided aspects associated to the provided assets, in the given time range. operationId: createTimeSeriesImportJob tags: - Time Series Bulk Import security: - datalakeservice: - dl.tsi.w parameters: - name: ImportJob in: body description: Bulk import job required: true schema: $ref: '#/definitions/ImportJobRequest' produces: - application/json responses: '202': description: Import job accepted. headers: Location: type: string description: URL for getting job status schema: $ref: '#/definitions/ImportJobResponse' '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
destinationPathLengthError Destination path, which is, the default path {defaultpath} and input path must be no longer than 1024 characters.
destinationError Destination must not be empty.
destinationCharactersError Characters used in the destinationPath must be in following character set [a-zA-Z0-9.!*'() _-].Spaces are not allowed at beginning or at end. Also, consecutive spaces are not allowed.
noSuchSubtenant Provided subtenant does not belong to tenant.
parameterTooLong Input parameter {name} must be no longer than {length} characters.
durationLimit Duration between {to} and {from} should be less than or equal to {days} days.
timestampMissing Value for fields [to] or [from] should not be empty.
timestampInvalid Value for fields [to] or [from] is in invalid format.
schema: $ref: '#/definitions/Errors' '403': $ref: '#/responses/SubtenantIdNotAllowed' '409': description: | Conflict. Possible errors:
Code Suffix Message (parametrized)
timeseriesImportJobConflict Existing timeseries bulk import job with id {id} found with same name {name}.
schema: $ref: '#/definitions/Errors' default: description: Other error with any status code and response body format. get: summary: Query all time series bulk import jobs. tags: - Time Series Bulk Import description: >- Query all time series bulk import jobs currently existing, which are owned by the client's tenant or subtenant. If requester is tenant, all the import jobs for the tenant as well as its all subtenants are returned. If requester is a subtenant, all the iport jobs for the subtenant are returned. If tenant wants to filter results for a particular subtenant, filter query parameter subtenantId can be used. This filter query parameter is applicable only if the requester is tenant. operationId: queryTimeSeriesImportJobs security: - datalakeservice: - dl.tsi.r parameters: - $ref: '#/parameters/page' - $ref: '#/parameters/size' - name: filter in: query type: string description: | JSON-based filter expression. Supported values: 'subtenantId'. Supported operations: 'eq'. Decoded example value: { "subtenantId": "204a896c-a23a-11e9-a2a3-2a2ae2dbcce4" } produces: - application/json responses: '200': description: A list of time series bulk import jobs. schema: $ref: '#/definitions/ImportJobListResource' '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
noSuchSubtenant Provided subtenant does not belong to tenant.
schema: $ref: '#/definitions/Errors' '403': $ref: '#/responses/SubtenantIdNotAllowed' default: description: Other error with any status code and response body format. '/timeSeriesImportJobs/{id}': get: summary: Retrieve status of time series bulk import job. tags: - Time Series Bulk Import description: >- Retrieve status of time series bulk import job. operationId: retrieveTimeSeriesImportJob security: - datalakeservice: - dl.tsi.r produces: - application/json parameters: - name: id in: path description: Unique id for getting status of the time series bulk import job. required: true type: string responses: '200': description: Time series bulk import job. schema: $ref: '#/definitions/ImportJobResponse' '404': description: | Not Found. Possible errors:
Code Suffix Message (parametrized)
jobNotFound Import job with id {id} not found.
schema: $ref: '#/definitions/Errors' default: description: Other error with any status code and response body format. delete: summary: Delete time series bulk import job by id. tags: - Time Series Bulk Import description: Delete completed time series bulk import job. operationId: deleteTimeSeriesImportJob security: - datalakeservice: - dl.tsi.d parameters: - name: id in: path description: Unique id of the time series bulk import job. required: true type: string produces: - application/json responses: '204': description: deleted '400': description: | Bad request. Possible errors:
Code Suffix Message (parametrized)
jobDeleteError Import job can not be deleted as its status is not Success or Failed.
schema: $ref: '#/definitions/Errors' '404': description: | Not Found. Possible errors:
Code Suffix Message (parametrized)
jobNotFound Import job with id {id} not found.
schema: $ref: '#/definitions/Errors' default: description: Other error with any status code and response body format. '/timeSeriesImportJobs/{id}/details': get: summary: Retreive details of a time series bulk import job. tags: - Time Series Bulk Import description: >- Retreive details of a time series bulk import job. Details are only available once a job is not any longer in status PENDING. operationId: retrieveTimeSeriesImportJobDetails security: - datalakeservice: - dl.tsi.r produces: - application/json parameters: - name: id in: path description: Unique id for getting status of the time series bulk import job. required: true type: string responses: '200': description: Time series bulk import job. schema: $ref: '#/definitions/ImportJobDetails' '404': description: | Not Found. Possible errors:
Code Suffix Message (parametrized)
jobNotFound Import job with id {id} not found.
jobDetailsNotFound No job details present while job status is PENDING
schema: $ref: '#/definitions/Errors' default: description: Other error with any status code and response body format. definitions: Errors: type: object description: Error response body model. properties: errors: type: array description: >- Concrete error codes and messages are defined at operation error response descriptions in this API specification. items: type: object properties: code: type: string description: Unique error code. Every code is bound to one message. format: mdsp.core.datalake. example: mdsp.core.datalake.exampleCode logref: type: string description: Logging correlation ID for debugging purposes. example: 0bff7e7a-cd25-4576-9908-4180ef086174 message: type: string description: Human readable error message in English. example: Example error message. messageParameters: type: array description: > In case an error message is parametrized, the parameter names and values are returned for, e.g., localization purposes. The parametrized error messages are defined at the operation error response descriptions in this API specification. Parameters are denoted by named placeholders '{\}' in the message specifications. At runtime, returned message placeholders are substituted by actual parameter values. items: type: object description: Message parameter properties: name: type: string description: >- Name of message parameter as specified in parametrized error message. value: type: string description: >- Value of message parameter as substituted in returned error message. example: - name: exampleParameterName value: '100' Metadata: type: object required: - tags properties: tags: description: Array of Metadata. type: array maxItems: 8 items: type: string maxLength: 128 example: tags: - tag1 - tag2 ObjectMetaDataResponse: type: object properties: name: description: Object Name type: string example: test1.csv path: description: Object path in Data Lake type: string example: /folder1/test1/test1.csv lastModified: description: Last Modified Time of the Object type: string format: date-time example: '2018-10-03T09:21:36.559Z' size: description: Size of the Object type: number example: 25 tags: description: Size of the Object type: array items: type: string example: - tag1 subtenantId: description: Optional, subtenant Id, if the object metadata belongs to subtenant type: string example: name: test1.csv location: Folder/test1.csv size: 25 lastModified: '2018-10-03T09:21:36.559Z' tags: - tag1 subtenantId: 204a896c-a23a-11e9-a2a3-2a2ae2dbcce4 SearchResponse: properties: objectMetadata: type: array items: $ref: '#/definitions/ObjectMetadata' page: $ref: '#/definitions/Page' example: objectMetadata: - name: test1.csv location: Folder/test1.csv size: 15 lastModified: '2018-10-03T09:22:36.559Z' tags: - tag1 - tag3 storageAccount: "dlbucketname" storagePath: "data/ten=tenantname/myfolder/mysubfolder OR data/sub=subtenantId/myfolder/mysubfolder" subtenantId: 204a896c-a23a-11e9-a2a3-2a2ae2dbcce4 - name: test1.csv location: Folder2/test1.csv size: 30 lastModified: '2018-10-03T09:22:36.559Z' tags: - tag2 page: size: 2 totalElements: 100 totalPages: 50 number: 2 ObjectMetadata: properties: name: description: Object Name type: string example: test1.csv location: description: Object Location in Data Lake type: string example: /folder1/test1/test1.csv lastModified: description: Last Modified Time of the Object type: string format: date-time example: '2018-10-03T09:21:36.559Z' size: description: Size of the Object type: number example: 25 tags: description: Size of the Object type: array items: type: string example: - tag1 storageAccount: type: string description: Name of the storage account, in case of AWS S3, it will be S3 bucket name example: "dlbucketname" storagePath: type: string minLength: 1 maxLength: 500 description: Path on which the subscription is created (upto folder level). Path should be absolute path excluding storage endpoint URL. example: "data/ten=tenantname/myfolder/mysubfolder OR data/sub=subtenantId/myfolder/mysubfolder" subtenantId: description: Optional, subtenant Id, if the object metadata belongs to subtenant type: string example: name: test1.csv location: Folder/test1.csv size: 25 lastModified: '2018-10-03T09:21:36.559Z' tags: - tag1 Sort: type: array maxItems: 1 items: $ref: '#/definitions/SortCriteria' description: Sort Request defined as array. Defined using Sort criteria object. example: - field: name order: ASC SortCriteria: type: object properties: field: type: string enum: - name - location - lastModified - size example: name description: >- Sort Criteria requested by User(name or location or lastModified or size). order: type: string enum: - DESC - ASC example: ASC default: ASC description: Sort Order SignedUrlResponse: type: object properties: objectUrls: $ref: '#/definitions/ObjectUrls' subtenantId: description: Optional, subtenant Id, if the generate Url request is for a subtenant type: string ObjectUrls: type: array items: type: object properties: signedUrl: type: string description: The signed url of the object. path: type: string description: The path for the signed url. GenerateUrlPayload: type: object properties: paths: $ref: '#/definitions/Paths' subtenantId: $ref: '#/definitions/SubtenantId' SubtenantId: type: string description: Only to be used by tenants, to assign the resource to a subtenant. If not provided by a tenant, the resource is assigned to the tenant. example: "204a896c-a23a-11e9-a2a3-2a2ae2dbcce4" Paths: type: array minItems: 1 maxItems: 30 items: $ref: '#/definitions/Path' Path: type: object required: - path properties: path: type: string maxLength: 1024 description: The path where to upload object using the signed url. The path should denote folders and object name. e.g. basefolder/subfolder/objectname.objectext example: "myfolder/mysubfolder/myobject.objext" GenerateSTSPayload: type: object properties: subtenantId: type: string description: Only to be used by tenants, to request access to the subtenant's paths. example: "204a896c-a23a-11e9-a2a3-2a2ae2dbcce4" path: type: string description: object path location on which STS token is requested. This is optional for READ permission - If value for path is not provided then it will be considered on root level ("/"). example: "/myfolder1/myfolder2" default: "/" durationSeconds: $ref: '#/definitions/AccessTokenDurationSeconds' permission: $ref: '#/definitions/AccessTokenPermission' AccessTokenDurationSeconds: type: integer description: Duration for which token will be valid this can be between 900 to 43200 (15 minutes to 12 hours). If value is not provided, the default value will be 3600 seconds(1 hour). example: 900 default: 3600 AccessTokenPermission: type: string enum: - READ - WRITE description: Access permission requested for the token. The permission could be READ or WRITE. Access Token with WRITE permission can be requested only on the paths for which WRITE access has been enabled. Default value will READ. example: "WRITE" default: "READ" AccessPermission: type: string enum: - WRITE description: Access permission requested to be set for the path. Currently READ is allowed for all tenants and subtenants at root level. User can manage WRITE permissions for the paths example: "WRITE" SubscriptionResponse: type: object required: - id - name - storageAccount - storagePath - path - destination - eTag - status properties: id: description: unique identifier of the subscription type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' example: "7dc53df5703e49b38670b1c468f47f1f" name: description: name for the event subscription. type: string example: 'my-subscription-name' storageAccount: type: string description: Name of the storage account, in case of AWS S3, it will be S3 bucket name example: "dlbucketname" storagePath: type: string minLength: 1 maxLength: 500 description: Path on which the subscription is created (upto folder level). Path should be absolute path excluding storage endpoint URL. example: "data/ten=tenantname/myfolder/mysubfolder OR data/sub=subtenantId/myfolder/mysubfolder" destination: description: endpoint where notification has to be published type: string example: 'aws-sns://arn:aws:sns:region:account-id:topicname' eTag: $ref: '#/definitions/ETag' subtenantId: description: Contains a subtenant ID in case the subscription is for a subtenant's path. Is omitted otherwise. type: string example: "204a896c-a23a-11e9-a2a3-2a2ae2dbcce4" status: description: Status of the destination endpoint. By default, status will be active. But, if destination is not reachable then it will be changed to inactive. Patch API can be used to make it Active again. Possible values are "ACTIVE" or "INACTIVE" type: string example: "ACTIVE" SubscriptionUpdate: type: object properties: name: description: name for the event subscription. If name in request is not provided, then default name will be created. type: string maxLength: 50 example: 'my-subscription-name' path: description: path on which events result in notification type: string example: 'myCustomPath' destination: description: endpoint where notification has to be published type: string example: 'aws-sns://arn:aws:sns:region:account-id:topicname' status: description: status for endpoint destination. "ACTIVE" is the only valid value type: string example: 'ACTIVE' Subscription: type: object required: - path - destination properties: name: description: name for the event subscription. If name in request is not provided, then default name will be created. type: string maxLength: 50 example: 'my-subscription-name' path: description: path on which events result in notification type: string minLength: 1 maxLength: 500 example: 'myfolder/mysubfolder' destination: description: endpoint where notification has to be published type: string example: 'aws-sns://arn:aws:sns:region:account-id:topicname' subtenantId: description: Only to be used by tenants, to create a subscription to a subtenant's path. If not provided by a tenant, the subscription is for the tenant's path. type: string example: "204a896c-a23a-11e9-a2a3-2a2ae2dbcce4" SubscriptionListResource: type: object properties: subscriptions: type: array items: $ref: '#/definitions/SubscriptionResponse' page: $ref: '#/definitions/Page' CrossAccountRequest: type: object required: - name - accessorAccountId - description properties: name: description: name of the cross account type: string accessorAccountId: description: account id of the accessor type: string example: "960568630345" description: type: string description: comment about why this cross account is required subtenantId: type: string description: Only to be used by tenants. In case a concrete subtenant ID is given, all accesses are to the subtenant's paths. In case ** is given, accesses are to the tenant's paths and all of its subtenants' paths. example: "204a896c-a23a-11e9-a2a3-2a2ae2dbcce4" CrossAccountUpdateRequest: type: object required: - name - description properties: name: description: name of the cross account type: string description: type: string description: comment about why this cross account is required CrossAccount: type: object required: - id - name - accessorAccountId - description - status - timestamp - eTag properties: id: description: Unique Id of the cross account resource type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' name: description: name of the cross account type: string accessorAccountId: description: account id of the accessor type: string example: "960768132345" description: description: comment about why this cross account is required type: string timestamp: type: string format: date-time description: date time (as defined by RFC 3339, section 5.6) when the access was given or changed for other attributes example: '2019-09-06T21:23:32.000Z' subtenantId: type: string description: | Contains a subtenant ID in case the cross account gives access to the subtenant's paths. Contains ** in case the cross account gives access to the tenant's paths and all of its subtenants' paths. Is omitted in case the cross account gives access to a tenant's paths only. example: "204a896c-a23a-11e9-a2a3-2a2ae2dbcce4" eTag: $ref: '#/definitions/ETag' CrossAccountListResource: type: object properties: crossAccounts: type: array items: $ref: '#/definitions/CrossAccount' page: $ref: '#/definitions/Page' CrossAccountAccessRequest: type: object properties: description: type: string description: justification about why the permissions are given to the path path: type: string default: '/' minLength: 1 maxLength: 500 description: Path on which the permissions are required. The path should be given upto folder (not upto object). example: "myfolder/mysubfolder" permission: $ref: '#/definitions/Permission' status: type: string enum: - ENABLED - DISABLED default: 'ENABLED' description: Status of the cross account access. If the quota of ENABLED cross account accesses is exhausted, then cross account access can be created with status as "DISABLED". example: "DISABLED" CrossAccountAccess: type: object required: - id - description - storageAccount - storagePath - permission - timestamp - eTag properties: id: description: Unique Id of the cross account access type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' description: type: string description: comment about why the permissions are given to the path storageAccount: type: string description: Name of the storage account, in case of AWS S3, it will be S3 bucket name example: "dlbucketname" storagePath: type: string minLength: 1 maxLength: 500 description: Path on which the permissions are given (upto folder level). Path should be absolute path excluding storage endpoint URL. example: "data/ten=tenantname/myfolder/mysubfolder OR data/sub=subtenantId/myfolder/mysubfolder" path: type: string minLength: 1 maxLength: 500 description: Path on which the permissions are given (upto folder level). example: "myfolder/mysubfolder" permission: $ref: '#/definitions/Permission' status: type: string enum: - ENABLED - DISABLED default: 'ENABLED' description: Status of the cross account access. example: "DISABLED" timestamp: type: string format: date-time description: Last changed timestamp for the access, according to ISO 8601 extended date/time format 'YYYY-MM-DDThh:mm:ss.sssZ' eTag: $ref: '#/definitions/ETag' CrossAccountAccessListResource: type: object properties: crossAccountAccesses: type: array items: $ref: '#/definitions/CrossAccountAccess' page: $ref: '#/definitions/Page' Permission: type: string enum: - READ - DELETE description: specific access example: "READ / DELETE" AccessTokens: type: object required: - credentials - storageAccount - storagePath properties: credentials: $ref: '#/definitions/Credentials' storageAccount: type: string description: Name of the storage account, in case of AWS S3, it will be S3 bucket name example: "dlbucketname" storagePath: type: string description: Path on which the STS token based permissions are given (upto folder level). Path should be absolute path excluding storage endpoint URL. example: "data/ten=tenantname OR data/sub=subtenantId" subtenantId: description: Optional, subtenant Id, if STS token is generated for path belonging to subtenant type: string example: "204a896c-a23a-11e9-a2a3-2a2ae2dbcce4" durationSeconds: $ref: '#/definitions/AccessTokenDurationSeconds' permission: $ref: '#/definitions/AccessTokenPermission' Credentials: type: object description: AWS STS token required: - secretAccessKey - accessKeyId - sessionToken properties: secretAccessKey: description: SECRET_ACCESS_KEY type: string example: AbCdEfGhIjKlMnOpQrStUvWxYz accessKeyId: description: ACCESS_KEY_ID type: string example: AbCdEfGhIjKlMnOpQrStUvWxYzAbCdEfGhIjKlMnOpQrStUvWxYz sessionToken: description: SESSION_TOKEN type: string example: >- AbCdEfGhIjKlMnOpQrStUvWxYzAbCdEfGhIjKlMnOpQrStUvWxYzAbCdEfGhIjKlMnOpQrStUvWxYzAbCdEfGhIjKlMnOpQrStUvWxYzAbCdEfGhIjKlMnOpQrStUvWxYzAbCdEfGhIjKlMnOpQrStUvWxYz ImportJobListResource: type: object properties: timeSeriesImportJobs: type: array items: $ref: '#/definitions/ImportJobResponse' page: $ref: '#/definitions/Page' ImportJobRequest: type: object required: - name - destinationPath - aspectNames - assetIds - to - from properties: name: description: Name of the time series bulk import job type: string destination: description: User specified destination folder type: string minLength: 1 maxLength: 1024 example: "myfolder/mysubfolder" subtenantId: type: string description: Only to be used by a tenant, to import the time series data to a subtenant's path. If omitted, data is imported to the tenant's path. example: "204a896c-a23a-11e9-a2a3-2a2ae2dbcce4" aspectNames: description: List of aspect names. type: array maxItems: 5 items: type: string assetIds: description: List of asset IDs. type: array maxItems: 50 items: type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' from: description: Beginning of the time range to read type: string format: 'YYYY-MM-DDThh:mm:ss.sssZ' example: '2017-12-11T13:36:00.000Z' to: description: End of the time range to read. type: string format: 'YYYY-MM-DDThh:mm:ss.sssZ' example: '2018-10-11T13:36:00.000Z' ImportJobResponse: type: object required: - id - name - destinationPath - status properties: id: description: Unique Id of the time series bulk import job type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' name: description: Name of the time series bulk import job type: string destinationPath: description: User specified destination folder type: string minLength: 1 maxLength: 500 example: "myfolder/mysubfolder" status: description: Status of the time series bulk import job type: string enum: - PENDING - QUEUED - IN_PROGRESS - SUCCESS - FAILED subtenantId: description: Contains a subtenant ID in case the target of the import is a subtenant's path. Is omitted otherwise. type: string example: "204a896c-a23a-11e9-a2a3-2a2ae2dbcce4" ImportJobDetails: allOf: - $ref: '#/definitions/ImportJobResponse' - type: object required: - aspectNames - assetIds - to - from - progress - fileCount properties: aspectNames: description: List of aspect names. type: array maxItems: 5 items: type: string assetIds: description: List of asset IDs. type: array maxItems: 50 items: type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' from: description: Beginning of the time range to read type: string format: 'YYYY-MM-DDThh:mm:ss.sssZ' example: '2017-12-11T13:36:00.000Z' to: description: End of the time range to read. type: string format: 'YYYY-MM-DDThh:mm:ss.sssZ' example: '2018-10-11T13:36:00.000Z' progress: description: >- Time series bulk import job progress. This is a number between 0.0 to 100.00 type: number format: double example: 10.0 fileCount: description: Number of files imported type: number example: 10 responseMessage: description: Response related to import job handling type: string storageAccount: type: string description: Name of the storage account, in case of AWS S3, it will be S3 bucket name example: "dlbucketname" storagePath: type: string minLength: 1 maxLength: 500 description: Path on which the subscription is created (upto folder level). Path should be absolute path excluding storage endpoint URL. example: "data/ten=tenantname/myfolder/mysubfolder OR data/sub=subtenantId/myfolder/mysubfolder" ObjectListResponse: allOf: - type: object required: [ storageAccount, path, objects ] properties: storageAccount: type: string description: Name of storage account, e.g. S3 Bucket name, Azure Blob Storage name path: type: string description: input path subtenantId: description: Is present, if the object is owned by a subtenant. type: string example: "204a896c-a23a-11e9-a2a3-2a2ae2dbcce4" objects: type: array items: type: object properties: path: type: string description: path including object name lastModified: type: string description: timestamp when this object was last modified size: type: number description: size of the object in bytes - $ref: '#/definitions/TokenPage' DeleteObjectsJobRequest: type: object properties: subtenantId: type: string description: Only to be used by a tenant, to import the time series data to a subtenant's path. If omitted, data is imported to the tenant's path. example: "204a896c-a23a-11e9-a2a3-2a2ae2dbcce4" objects: description: List of object paths to be deleted. type: array maxItems: 100 items: type: object properties: path: type: string description: path of object including object name DeleteObjectsJobResponse: type: object properties: id: description: Unique Id of the Delete Objects Job type: string minLength: 32 maxLength: 32 pattern: '[a-f0-9]{32}' example: "3b8aded7-d19c-4dff-af58-4a2840c3fe55" subtenantId: type: string description: Only to be used by a tenant, to import the time series data to a subtenant's path. If omitted, data is imported to the tenant's path. example: "204a896c-a23a-11e9-a2a3-2a2ae2dbcce4" progressDetails: $ref: '#/definitions/DeleteObjectsJobProgressDetails' status: $ref: '#/definitions/DeleteObjectsJobStatus' DeleteObjectsJobErrorDetailsResponse: type: object properties: objects: description: List of object paths to be deleted. type: array maxItems: 100 items: type: object properties: path: type: string description: path of object including object name status: type: string description: Status of the file to be deleted enum: - DELETED - FAILED - NOTFOUND default: "FAILED" DeleteObjectsJobProgressDetails: type: object properties: totalObjects: type: integer description: Count of files submitted to the Delete Objects Job inProgressObjects: type: integer description: Count of files which are being deleted by the Delete Objects Job deletedObjects: type: integer description: Count of files deleted successfully by the Delete Objects Job failedObjects: type: integer description: Count of files for which deletion failed by the Delete Objects Job DeleteObjectsJobStatus: type: string description: Status of the file to be deleted enum: - COMPLETED - IN_PROGRESS - COMPLETED_WITH_ERRORS DeleteObjectsJobList: type: object properties: deleteObjectsJobs: type: array items: $ref: '#/definitions/DeleteObjectsJobResponse' page: $ref: '#/definitions/Page' Page: type: object properties: size: type: integer totalElements: type: integer totalPages: type: integer number: type: integer TokenPage: type: object required: [ page ] properties: page: type: object properties: nextToken: type: string description: | Opaque token to next page. Can be used in query paramter 'pageToken' to request next page. The property is only present in case there is a next page. ETag: type: number description: ETag of the resource example: 1 AccessTokenPermissionRequest: type: object required: - path - permission properties: subtenantId: type: string description: Optional, when tenants want to give access to one of their subtenant's path example: "204a896c-a23a-11e9-a2a3-2a2ae2dbcce4" path: type: string description: Path on which write permission is required example: "/myfolder1/myfolder2" permission: $ref: '#/definitions/AccessPermission' AccessTokenPermissionResources: type: object properties: accessTokenPermissions: type: array items: $ref: '#/definitions/AccessTokenPermissionResource' page: $ref: '#/definitions/Page' AccessTokenPermissionResource: type: object required: - id - path properties: subtenantId: description: Optional, subtenant Id, for which path write permission request was raised type: string example: "204a896c-a23a-11e9-a2a3-2a2ae2dbcce4" id: type: string description: Auto generated unique id for request path: type: string description: Path on which write perission is given example: "/myfolder1/myfolder2" permission: $ref: '#/definitions/AccessPermission' created: description: Time when write premission for the path was created type: string example: "2019-11-12T13:36:00.000Z" parameters: maxRecords: name: maxRecords in: query type: integer description: >- Specifies the maximum records returned. This is encoded and is in JSON format. maximum: 100 sort: name: sort in: query type: string description: >- Specifies the ordering of returned elements. This is encoded and is in the JSON format. Query parameter 'sort' is an array and must have properties'field' and 'order'. The first property 'field' must be one from this list [name,location,lastModified,size]. The second property 'order' value must be one from this list [ASC,DESC] and is case sensitive. filter: name: filter in: query type: string description: >- Specifies the additional filtering criteria. This is encoded and is in the JSON format. 'filter' should have only one operator from the list [or,and,none]. 'none' operator must have only one property from this list [name,size,tags,lastModified,location]. 'and/or' operator must have minimum two properties from this list [name,size,tags,lastModified,location]. required: true searchNext: name: searchNext in: query type: string description: >- Specifies the search Next criteria. Query parameter 'searchNext' must have two objects with properties 'field' and 'next' set. The first object 'field' must be one from this list[name,location,lastModified,size]. The second object 'field' must be '_id'. page: name: page in: query type: integer default: 0 description: Specifies the requested page index size: name: size in: query type: integer default: 10 description: Specifies the number of elements in a page deleteSize: name: size in: query type: integer default: 10 & Max 500 description: Specifies the number of elements in a page subtenantId: name: subtenantId in: query description: Id of the subtenant on behalf of which tenant is performing the specified action. Optional, to be used only when tenant performs operation on behalf of subtenant. type: string path: name: path in: path description: path of an object denoting folders and object name. e.g. basefolder/subfolder/objectname.objectext required: true type: string minLength: 1 maxLength: 500 ifMatchMandatory: name: If-Match in: header description: ETag of the resource required: true type: integer format: int32 PageToken: name: pageToken in: query type: string description: | Selects next page. Value must be taken rom response body property 'page.nextToken'. If omitted, first page is returned. responses: SubtenantIdNotAllowed: description: | Forbidden. Possible errors:
Code Suffix Message (parametrized)
subtenantIdNotAllowed Only tenants can address a subtenant's resource using subtenantId.
schema: $ref: '#/definitions/Errors' CrossAccountNotFound: description: | Not Found. Possible errors:
Code Suffix Message (parametrized)
crossAccountNotFound Cross account not found.
schema: $ref: '#/definitions/Errors' CrossAccountOrAccessNotFound: description: | Not Found. Possible errors:
Code Suffix Message (parametrized)
crossAccountNotFound Cross account not found.
crossAccountAccessNotFound Cross account access not found.
schema: $ref: '#/definitions/Errors' CrossAccountConflicts: description: | Conflict. Possible errors:
Code Suffix Message (parametrized)
accessorAccountIdConflict Cross account with given accessor account ID already exists.
nameConflict Cross account with given name already exists.
schema: $ref: '#/definitions/Errors'