databricks.getAwsCrossAccountPolicy
Explore with Pulumi AI
Note This resource has an evolving API, which may change in future versions of the provider. Please always consult latest documentation in case of any questions.
This data source constructs necessary AWS cross-account policy for you, which is based on official documentation.
Related Resources
The following resources are used in the same context:
- Provisioning AWS Databricks E2 with a Hub & Spoke firewall for data exfiltration protection guide
- databricks.getAwsAssumeRolePolicy data to construct the necessary AWS STS assume role policy.
- databricks.getAwsBucketPolicy data to configure a simple access policy for AWS S3 buckets, so that Databricks can access data in it.
- databricks.InstanceProfile to manage AWS EC2 instance profiles that users can launch databricks.Cluster and access data, like databricks_mount.
Example Usage
For more detailed usage please see databricks.getAwsAssumeRolePolicy or databricks_
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Databricks = Pulumi.Databricks;
return await Deployment.RunAsync(() =>
{
var @this = Databricks.GetAwsCrossAccountPolicy.Invoke();
});
package main
import (
"github.com/pulumi/pulumi-databricks/sdk/go/databricks"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := databricks.GetAwsCrossAccountPolicy(ctx, nil, nil)
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.databricks.DatabricksFunctions;
import com.pulumi.databricks.inputs.GetAwsCrossAccountPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var this = DatabricksFunctions.getAwsCrossAccountPolicy();
}
}
import pulumi
import pulumi_databricks as databricks
this = databricks.get_aws_cross_account_policy()
import * as pulumi from "@pulumi/pulumi";
import * as databricks from "@pulumi/databricks";
const this = databricks.getAwsCrossAccountPolicy({});
variables:
this:
fn::invoke:
Function: databricks:getAwsCrossAccountPolicy
Arguments: {}
Using getAwsCrossAccountPolicy
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getAwsCrossAccountPolicy(args: GetAwsCrossAccountPolicyArgs, opts?: InvokeOptions): Promise<GetAwsCrossAccountPolicyResult>
function getAwsCrossAccountPolicyOutput(args: GetAwsCrossAccountPolicyOutputArgs, opts?: InvokeOptions): Output<GetAwsCrossAccountPolicyResult>
def get_aws_cross_account_policy(pass_roles: Optional[Sequence[str]] = None,
opts: Optional[InvokeOptions] = None) -> GetAwsCrossAccountPolicyResult
def get_aws_cross_account_policy_output(pass_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetAwsCrossAccountPolicyResult]
func GetAwsCrossAccountPolicy(ctx *Context, args *GetAwsCrossAccountPolicyArgs, opts ...InvokeOption) (*GetAwsCrossAccountPolicyResult, error)
func GetAwsCrossAccountPolicyOutput(ctx *Context, args *GetAwsCrossAccountPolicyOutputArgs, opts ...InvokeOption) GetAwsCrossAccountPolicyResultOutput
> Note: This function is named GetAwsCrossAccountPolicy
in the Go SDK.
public static class GetAwsCrossAccountPolicy
{
public static Task<GetAwsCrossAccountPolicyResult> InvokeAsync(GetAwsCrossAccountPolicyArgs args, InvokeOptions? opts = null)
public static Output<GetAwsCrossAccountPolicyResult> Invoke(GetAwsCrossAccountPolicyInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetAwsCrossAccountPolicyResult> getAwsCrossAccountPolicy(GetAwsCrossAccountPolicyArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: databricks:index/getAwsCrossAccountPolicy:getAwsCrossAccountPolicy
arguments:
# arguments dictionary
The following arguments are supported:
- Pass
Roles List<string> List of Data IAM role ARNs that are explicitly granted
iam:PassRole
action.
- Pass
Roles []string List of Data IAM role ARNs that are explicitly granted
iam:PassRole
action.
- pass
Roles List<String> List of Data IAM role ARNs that are explicitly granted
iam:PassRole
action.
- pass
Roles string[] List of Data IAM role ARNs that are explicitly granted
iam:PassRole
action.
- pass_
roles Sequence[str] List of Data IAM role ARNs that are explicitly granted
iam:PassRole
action.
- pass
Roles List<String> List of Data IAM role ARNs that are explicitly granted
iam:PassRole
action.
getAwsCrossAccountPolicy Result
The following output properties are available:
- id str
The provider-assigned unique ID for this managed resource.
- json str
AWS IAM Policy JSON document
- pass_
roles Sequence[str]
Package Details
- Repository
- databricks pulumi/pulumi-databricks
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
databricks
Terraform Provider.