Databricks

v0.4.0 published on Wednesday, Apr 20, 2022 by Pulumi

getAwsCrossAccountPolicy

Note This resource has an evolving API, which may change in future versions of the provider. Please always consult latest documentation in case of any questions.

This data source constructs necessary AWS cross-account policy for you, which is based on official documentation.

The following resources are used in the same context:

  • Provisioning AWS Databricks E2 with a Hub & Spoke firewall for data exfiltration protection guide
  • databricks.getAwsAssumeRolePolicy data to construct the necessary AWS STS assume role policy.
  • databricks.getAwsBucketPolicy data to configure a simple access policy for AWS S3 buckets, so that Databricks can access data in it.
  • databricks.InstanceProfile to manage AWS EC2 instance profiles that users can launch databricks.Cluster and access data, like databricks_mount.

Example Usage

using Pulumi;
using Databricks = Pulumi.Databricks;

class MyStack : Stack
{
    public MyStack()
    {
        var @this = Output.Create(Databricks.GetAwsCrossAccountPolicy.InvokeAsync());
    }

}
package main

import (
	"github.com/pulumi/pulumi-databricks/sdk/go/databricks"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := databricks.GetAwsCrossAccountPolicy(ctx, nil, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

Coming soon!

import pulumi
import pulumi_databricks as databricks

this = databricks.get_aws_cross_account_policy()
import * as pulumi from "@pulumi/pulumi";
import * as databricks from "@pulumi/databricks";

const thisAwsCrossAccountPolicy = pulumi.output(databricks.getAwsCrossAccountPolicy());

Coming soon!

Using getAwsCrossAccountPolicy

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getAwsCrossAccountPolicy(args: GetAwsCrossAccountPolicyArgs, opts?: InvokeOptions): Promise<GetAwsCrossAccountPolicyResult>
function getAwsCrossAccountPolicyOutput(args: GetAwsCrossAccountPolicyOutputArgs, opts?: InvokeOptions): Output<GetAwsCrossAccountPolicyResult>
def get_aws_cross_account_policy(pass_roles: Optional[Sequence[str]] = None,
                                 opts: Optional[InvokeOptions] = None) -> GetAwsCrossAccountPolicyResult
def get_aws_cross_account_policy_output(pass_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                                 opts: Optional[InvokeOptions] = None) -> Output[GetAwsCrossAccountPolicyResult]
func GetAwsCrossAccountPolicy(ctx *Context, args *GetAwsCrossAccountPolicyArgs, opts ...InvokeOption) (*GetAwsCrossAccountPolicyResult, error)
func GetAwsCrossAccountPolicyOutput(ctx *Context, args *GetAwsCrossAccountPolicyOutputArgs, opts ...InvokeOption) GetAwsCrossAccountPolicyResultOutput

> Note: This function is named GetAwsCrossAccountPolicy in the Go SDK.

public static class GetAwsCrossAccountPolicy 
{
    public static Task<GetAwsCrossAccountPolicyResult> InvokeAsync(GetAwsCrossAccountPolicyArgs args, InvokeOptions? opts = null)
    public static Output<GetAwsCrossAccountPolicyResult> Invoke(GetAwsCrossAccountPolicyInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetAwsCrossAccountPolicyResult> getAwsCrossAccountPolicy(GetAwsCrossAccountPolicyArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
Fn::Invoke:
  Function: databricks:index/getAwsCrossAccountPolicy:getAwsCrossAccountPolicy
  Arguments:
    # Arguments dictionary

The following arguments are supported:

PassRoles List<string>

List of Data IAM role ARNs that are explicitly granted iam:PassRole action.

PassRoles []string

List of Data IAM role ARNs that are explicitly granted iam:PassRole action.

passRoles List<String>

List of Data IAM role ARNs that are explicitly granted iam:PassRole action.

passRoles string[]

List of Data IAM role ARNs that are explicitly granted iam:PassRole action.

pass_roles Sequence[str]

List of Data IAM role ARNs that are explicitly granted iam:PassRole action.

passRoles List<String>

List of Data IAM role ARNs that are explicitly granted iam:PassRole action.

getAwsCrossAccountPolicy Result

The following output properties are available:

Id string

The provider-assigned unique ID for this managed resource.

Json string

AWS IAM Policy JSON document

PassRoles List<string>
Id string

The provider-assigned unique ID for this managed resource.

Json string

AWS IAM Policy JSON document

PassRoles []string
id String

The provider-assigned unique ID for this managed resource.

json String

AWS IAM Policy JSON document

passRoles List<String>
id string

The provider-assigned unique ID for this managed resource.

json string

AWS IAM Policy JSON document

passRoles string[]
id str

The provider-assigned unique ID for this managed resource.

json str

AWS IAM Policy JSON document

pass_roles Sequence[str]
id String

The provider-assigned unique ID for this managed resource.

json String

AWS IAM Policy JSON document

passRoles List<String>

Package Details

Repository
https://github.com/pulumi/pulumi-databricks
License
Apache-2.0
Notes

This Pulumi package is based on the databricks Terraform Provider.