aws-native.datazone.getPolicyGrant

Explore with Pulumi AI

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.34.0 published on Friday, Sep 12, 2025 by Pulumi

pulumi/pulumi-aws-native

Policy Grant in AWS DataZone is an explicit authorization assignment that allows a specific principal (user, group, or project) to perform particular actions (such as creating glossary terms, managing projects, or accessing resources) on governed resources within a certain scope (like a Domain Unit or Project). Policy Grants are essentially the mechanism by which DataZone enforces fine-grained, role-based access control beyond what is possible through AWS IAM alone.

Using getPolicyGrant

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getPolicyGrant(args: GetPolicyGrantArgs, opts?: InvokeOptions): Promise<GetPolicyGrantResult>
function getPolicyGrantOutput(args: GetPolicyGrantOutputArgs, opts?: InvokeOptions): Output<GetPolicyGrantResult>

def get_policy_grant(domain_identifier: Optional[str] = None,
                     entity_identifier: Optional[str] = None,
                     entity_type: Optional[PolicyGrantTargetEntityType] = None,
                     grant_id: Optional[str] = None,
                     policy_type: Optional[str] = None,
                     opts: Optional[InvokeOptions] = None) -> GetPolicyGrantResult
def get_policy_grant_output(domain_identifier: Optional[pulumi.Input[str]] = None,
                     entity_identifier: Optional[pulumi.Input[str]] = None,
                     entity_type: Optional[pulumi.Input[PolicyGrantTargetEntityType]] = None,
                     grant_id: Optional[pulumi.Input[str]] = None,
                     policy_type: Optional[pulumi.Input[str]] = None,
                     opts: Optional[InvokeOptions] = None) -> Output[GetPolicyGrantResult]

func LookupPolicyGrant(ctx *Context, args *LookupPolicyGrantArgs, opts ...InvokeOption) (*LookupPolicyGrantResult, error)
func LookupPolicyGrantOutput(ctx *Context, args *LookupPolicyGrantOutputArgs, opts ...InvokeOption) LookupPolicyGrantResultOutput

> Note: This function is named LookupPolicyGrant in the Go SDK.

public static class GetPolicyGrant 
{
    public static Task<GetPolicyGrantResult> InvokeAsync(GetPolicyGrantArgs args, InvokeOptions? opts = null)
    public static Output<GetPolicyGrantResult> Invoke(GetPolicyGrantInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetPolicyGrantResult> getPolicyGrant(GetPolicyGrantArgs args, InvokeOptions options)
public static Output<GetPolicyGrantResult> getPolicyGrant(GetPolicyGrantArgs args, InvokeOptions options)

fn::invoke:
  function: aws-native:datazone:getPolicyGrant
  arguments:
    # arguments dictionary

The following arguments are supported:

DomainIdentifier string: The ID of the domain where you want to add a policy grant.
EntityIdentifier string: The ID of the entity (resource) to which you want to add a policy grant.
EntityType Pulumi.AwsNative.DataZone.PolicyGrantTargetEntityType: The type of entity (resource) to which the grant is added.
GrantId string: The unique identifier of the policy grant returned by the AddPolicyGrant API
PolicyType string: The type of policy that you want to grant.

DomainIdentifier string: The ID of the domain where you want to add a policy grant.
EntityIdentifier string: The ID of the entity (resource) to which you want to add a policy grant.
EntityType PolicyGrantTargetEntityType: The type of entity (resource) to which the grant is added.
GrantId string: The unique identifier of the policy grant returned by the AddPolicyGrant API
PolicyType string: The type of policy that you want to grant.

domainIdentifier String: The ID of the domain where you want to add a policy grant.
entityIdentifier String: The ID of the entity (resource) to which you want to add a policy grant.
entityType PolicyGrantTargetEntityType: The type of entity (resource) to which the grant is added.
grantId String: The unique identifier of the policy grant returned by the AddPolicyGrant API
policyType String: The type of policy that you want to grant.

domainIdentifier string: The ID of the domain where you want to add a policy grant.
entityIdentifier string: The ID of the entity (resource) to which you want to add a policy grant.
entityType PolicyGrantTargetEntityType: The type of entity (resource) to which the grant is added.
grantId string: The unique identifier of the policy grant returned by the AddPolicyGrant API
policyType string: The type of policy that you want to grant.

domain_identifier str: The ID of the domain where you want to add a policy grant.
entity_identifier str: The ID of the entity (resource) to which you want to add a policy grant.
entity_type PolicyGrantTargetEntityType: The type of entity (resource) to which the grant is added.
grant_id str: The unique identifier of the policy grant returned by the AddPolicyGrant API
policy_type str: The type of policy that you want to grant.

domainIdentifier String: The ID of the domain where you want to add a policy grant.
entityIdentifier String: The ID of the entity (resource) to which you want to add a policy grant.
entityType "DomainUnit" | "EnvironmentBlueprintConfiguration" | "EnvironmentProfile" | "ASSET_TYPE": The type of entity (resource) to which the grant is added.
grantId String: The unique identifier of the policy grant returned by the AddPolicyGrant API
policyType String: The type of policy that you want to grant.

getPolicyGrant Result

The following output properties are available:

CreatedAt string: Specifies the timestamp at which policy grant member was created.
CreatedBy string: Specifies the user who created the policy grant member.
GrantId string: The unique identifier of the policy grant returned by the AddPolicyGrant API

CreatedAt string: Specifies the timestamp at which policy grant member was created.
CreatedBy string: Specifies the user who created the policy grant member.
GrantId string: The unique identifier of the policy grant returned by the AddPolicyGrant API

createdAt String: Specifies the timestamp at which policy grant member was created.
createdBy String: Specifies the user who created the policy grant member.
grantId String: The unique identifier of the policy grant returned by the AddPolicyGrant API

createdAt string: Specifies the timestamp at which policy grant member was created.
createdBy string: Specifies the user who created the policy grant member.
grantId string: The unique identifier of the policy grant returned by the AddPolicyGrant API

created_at str: Specifies the timestamp at which policy grant member was created.
created_by str: Specifies the user who created the policy grant member.
grant_id str: The unique identifier of the policy grant returned by the AddPolicyGrant API

createdAt String: Specifies the timestamp at which policy grant member was created.
createdBy String: Specifies the user who created the policy grant member.
grantId String: The unique identifier of the policy grant returned by the AddPolicyGrant API

Supporting Types

PolicyGrantTargetEntityType

Package Details

Repository: AWS Native pulumi/pulumi-aws-native
License: Apache-2.0

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.34.0 published on Friday, Sep 12, 2025 by Pulumi

pulumi/pulumi-aws-native

aws-native.datazone.getPolicyGrant

On this page

On this page

Using getPolicyGrant

getPolicyGrant Result

Supporting Types

PolicyGrantTargetEntityType

Package Details

On this page

On this page