Docs Home
Databricks v1.71.0 published on Monday, Jun 9, 2025 by Pulumi
databricks.getRecipientFederationPolicies
Explore with Pulumi AI
Using getRecipientFederationPolicies
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getRecipientFederationPolicies(opts?: InvokeOptions): Promise<GetRecipientFederationPoliciesResult>
function getRecipientFederationPoliciesOutput(opts?: InvokeOptions): Output<GetRecipientFederationPoliciesResult>def get_recipient_federation_policies(opts: Optional[InvokeOptions] = None) -> GetRecipientFederationPoliciesResult
def get_recipient_federation_policies_output(opts: Optional[InvokeOptions] = None) -> Output[GetRecipientFederationPoliciesResult]func GetRecipientFederationPolicies(ctx *Context, opts ...InvokeOption) (*GetRecipientFederationPoliciesResult, error)
func GetRecipientFederationPoliciesOutput(ctx *Context, opts ...InvokeOption) GetRecipientFederationPoliciesResultOutput> Note: This function is named GetRecipientFederationPolicies in the Go SDK.
public static class GetRecipientFederationPolicies
{
public static Task<GetRecipientFederationPoliciesResult> InvokeAsync(InvokeOptions? opts = null)
public static Output<GetRecipientFederationPoliciesResult> Invoke(InvokeOptions? opts = null)
}public static CompletableFuture<GetRecipientFederationPoliciesResult> getRecipientFederationPolicies(InvokeOptions options)
public static Output<GetRecipientFederationPoliciesResult> getRecipientFederationPolicies(InvokeOptions options)
fn::invoke:
function: databricks:index/getRecipientFederationPolicies:getRecipientFederationPolicies
arguments:
# arguments dictionarygetRecipientFederationPolicies Result
The following output properties are available:
- Id string
- The provider-assigned unique ID for this managed resource.
- Policies
List<Get
Recipient Federation Policies Policy>
- Id string
- The provider-assigned unique ID for this managed resource.
- Policies
[]Get
Recipient Federation Policies Policy
- id String
- The provider-assigned unique ID for this managed resource.
- policies
List<Get
Recipient Federation Policies Policy>
- id string
- The provider-assigned unique ID for this managed resource.
- policies
Get
Recipient Federation Policies Policy[]
- id str
- The provider-assigned unique ID for this managed resource.
- policies
Sequence[Get
Recipient Federation Policies Policy]
- id String
- The provider-assigned unique ID for this managed resource.
- policies List<Property Map>
Supporting Types
GetRecipientFederationPoliciesPolicy
- Create
Time string - (string) - System-generated timestamp indicating when the policy was created
- Id string
- (string) - Unique, immutable system-generated identifier for the federation policy
- Update
Time string - (string) - System-generated timestamp indicating when the policy was last updated
- Comment string
- (string) - Description of the policy. This is a user-provided description
- Name string
- (string) - Name of the federation policy. A recipient can have multiple policies with different names. The name must contain only lowercase alphanumeric characters, numbers, and hyphens
- Oidc
Policy GetRecipient Federation Policies Policy Oidc Policy - (OidcFederationPolicy) - Specifies the policy to use for validating OIDC claims in the federated tokens
- Create
Time string - (string) - System-generated timestamp indicating when the policy was created
- Id string
- (string) - Unique, immutable system-generated identifier for the federation policy
- Update
Time string - (string) - System-generated timestamp indicating when the policy was last updated
- Comment string
- (string) - Description of the policy. This is a user-provided description
- Name string
- (string) - Name of the federation policy. A recipient can have multiple policies with different names. The name must contain only lowercase alphanumeric characters, numbers, and hyphens
- Oidc
Policy GetRecipient Federation Policies Policy Oidc Policy - (OidcFederationPolicy) - Specifies the policy to use for validating OIDC claims in the federated tokens
- create
Time String - (string) - System-generated timestamp indicating when the policy was created
- id String
- (string) - Unique, immutable system-generated identifier for the federation policy
- update
Time String - (string) - System-generated timestamp indicating when the policy was last updated
- comment String
- (string) - Description of the policy. This is a user-provided description
- name String
- (string) - Name of the federation policy. A recipient can have multiple policies with different names. The name must contain only lowercase alphanumeric characters, numbers, and hyphens
- oidc
Policy GetRecipient Federation Policies Policy Oidc Policy - (OidcFederationPolicy) - Specifies the policy to use for validating OIDC claims in the federated tokens
- create
Time string - (string) - System-generated timestamp indicating when the policy was created
- id string
- (string) - Unique, immutable system-generated identifier for the federation policy
- update
Time string - (string) - System-generated timestamp indicating when the policy was last updated
- comment string
- (string) - Description of the policy. This is a user-provided description
- name string
- (string) - Name of the federation policy. A recipient can have multiple policies with different names. The name must contain only lowercase alphanumeric characters, numbers, and hyphens
- oidc
Policy GetRecipient Federation Policies Policy Oidc Policy - (OidcFederationPolicy) - Specifies the policy to use for validating OIDC claims in the federated tokens
- create_
time str - (string) - System-generated timestamp indicating when the policy was created
- id str
- (string) - Unique, immutable system-generated identifier for the federation policy
- update_
time str - (string) - System-generated timestamp indicating when the policy was last updated
- comment str
- (string) - Description of the policy. This is a user-provided description
- name str
- (string) - Name of the federation policy. A recipient can have multiple policies with different names. The name must contain only lowercase alphanumeric characters, numbers, and hyphens
- oidc_
policy GetRecipient Federation Policies Policy Oidc Policy - (OidcFederationPolicy) - Specifies the policy to use for validating OIDC claims in the federated tokens
- create
Time String - (string) - System-generated timestamp indicating when the policy was created
- id String
- (string) - Unique, immutable system-generated identifier for the federation policy
- update
Time String - (string) - System-generated timestamp indicating when the policy was last updated
- comment String
- (string) - Description of the policy. This is a user-provided description
- name String
- (string) - Name of the federation policy. A recipient can have multiple policies with different names. The name must contain only lowercase alphanumeric characters, numbers, and hyphens
- oidc
Policy Property Map - (OidcFederationPolicy) - Specifies the policy to use for validating OIDC claims in the federated tokens
GetRecipientFederationPoliciesPolicyOidcPolicy
- Issuer string
- (string) - The required token issuer, as specified in the 'iss' claim of federated tokens
- Subject string
- (string) - The required token subject, as specified in the subject claim of federated tokens.
The subject claim identifies the identity of the user or machine accessing the resource.
Examples for Entra ID (AAD):
- U2M flow (group access): If the subject claim is
groups, this must be the Object ID of the group in Entra ID. - U2M flow (user access): If the subject claim is
oid, this must be the Object ID of the user in Entra ID. - M2M flow (OAuth App access): If the subject claim is
azp, this must be the client ID of the OAuth app registered in Entra ID
- U2M flow (group access): If the subject claim is
- Subject
Claim string - (string) - The claim that contains the subject of the token.
Depending on the identity provider and the use case (U2M or M2M), this can vary:
- For Entra ID (AAD):
- U2M flow (group access): Use
groups. - U2M flow (user access): Use
oid. - M2M flow (OAuth App access): Use
azp.
- For other IdPs, refer to the specific IdP documentation.
- Audiences List<string>
- (list of string) - The allowed token audiences, as specified in the 'aud' claim of federated tokens. The audience identifier is intended to represent the recipient of the token. Can be any non-empty string value. As long as the audience in the token matches at least one audience in the policy,
- Issuer string
- (string) - The required token issuer, as specified in the 'iss' claim of federated tokens
- Subject string
- (string) - The required token subject, as specified in the subject claim of federated tokens.
The subject claim identifies the identity of the user or machine accessing the resource.
Examples for Entra ID (AAD):
- U2M flow (group access): If the subject claim is
groups, this must be the Object ID of the group in Entra ID. - U2M flow (user access): If the subject claim is
oid, this must be the Object ID of the user in Entra ID. - M2M flow (OAuth App access): If the subject claim is
azp, this must be the client ID of the OAuth app registered in Entra ID
- U2M flow (group access): If the subject claim is
- Subject
Claim string - (string) - The claim that contains the subject of the token.
Depending on the identity provider and the use case (U2M or M2M), this can vary:
- For Entra ID (AAD):
- U2M flow (group access): Use
groups. - U2M flow (user access): Use
oid. - M2M flow (OAuth App access): Use
azp.
- For other IdPs, refer to the specific IdP documentation.
- Audiences []string
- (list of string) - The allowed token audiences, as specified in the 'aud' claim of federated tokens. The audience identifier is intended to represent the recipient of the token. Can be any non-empty string value. As long as the audience in the token matches at least one audience in the policy,
- issuer String
- (string) - The required token issuer, as specified in the 'iss' claim of federated tokens
- subject String
- (string) - The required token subject, as specified in the subject claim of federated tokens.
The subject claim identifies the identity of the user or machine accessing the resource.
Examples for Entra ID (AAD):
- U2M flow (group access): If the subject claim is
groups, this must be the Object ID of the group in Entra ID. - U2M flow (user access): If the subject claim is
oid, this must be the Object ID of the user in Entra ID. - M2M flow (OAuth App access): If the subject claim is
azp, this must be the client ID of the OAuth app registered in Entra ID
- U2M flow (group access): If the subject claim is
- subject
Claim String - (string) - The claim that contains the subject of the token.
Depending on the identity provider and the use case (U2M or M2M), this can vary:
- For Entra ID (AAD):
- U2M flow (group access): Use
groups. - U2M flow (user access): Use
oid. - M2M flow (OAuth App access): Use
azp.
- For other IdPs, refer to the specific IdP documentation.
- audiences List<String>
- (list of string) - The allowed token audiences, as specified in the 'aud' claim of federated tokens. The audience identifier is intended to represent the recipient of the token. Can be any non-empty string value. As long as the audience in the token matches at least one audience in the policy,
- issuer string
- (string) - The required token issuer, as specified in the 'iss' claim of federated tokens
- subject string
- (string) - The required token subject, as specified in the subject claim of federated tokens.
The subject claim identifies the identity of the user or machine accessing the resource.
Examples for Entra ID (AAD):
- U2M flow (group access): If the subject claim is
groups, this must be the Object ID of the group in Entra ID. - U2M flow (user access): If the subject claim is
oid, this must be the Object ID of the user in Entra ID. - M2M flow (OAuth App access): If the subject claim is
azp, this must be the client ID of the OAuth app registered in Entra ID
- U2M flow (group access): If the subject claim is
- subject
Claim string - (string) - The claim that contains the subject of the token.
Depending on the identity provider and the use case (U2M or M2M), this can vary:
- For Entra ID (AAD):
- U2M flow (group access): Use
groups. - U2M flow (user access): Use
oid. - M2M flow (OAuth App access): Use
azp.
- For other IdPs, refer to the specific IdP documentation.
- audiences string[]
- (list of string) - The allowed token audiences, as specified in the 'aud' claim of federated tokens. The audience identifier is intended to represent the recipient of the token. Can be any non-empty string value. As long as the audience in the token matches at least one audience in the policy,
- issuer str
- (string) - The required token issuer, as specified in the 'iss' claim of federated tokens
- subject str
- (string) - The required token subject, as specified in the subject claim of federated tokens.
The subject claim identifies the identity of the user or machine accessing the resource.
Examples for Entra ID (AAD):
- U2M flow (group access): If the subject claim is
groups, this must be the Object ID of the group in Entra ID. - U2M flow (user access): If the subject claim is
oid, this must be the Object ID of the user in Entra ID. - M2M flow (OAuth App access): If the subject claim is
azp, this must be the client ID of the OAuth app registered in Entra ID
- U2M flow (group access): If the subject claim is
- subject_
claim str - (string) - The claim that contains the subject of the token.
Depending on the identity provider and the use case (U2M or M2M), this can vary:
- For Entra ID (AAD):
- U2M flow (group access): Use
groups. - U2M flow (user access): Use
oid. - M2M flow (OAuth App access): Use
azp.
- For other IdPs, refer to the specific IdP documentation.
- audiences Sequence[str]
- (list of string) - The allowed token audiences, as specified in the 'aud' claim of federated tokens. The audience identifier is intended to represent the recipient of the token. Can be any non-empty string value. As long as the audience in the token matches at least one audience in the policy,
- issuer String
- (string) - The required token issuer, as specified in the 'iss' claim of federated tokens
- subject String
- (string) - The required token subject, as specified in the subject claim of federated tokens.
The subject claim identifies the identity of the user or machine accessing the resource.
Examples for Entra ID (AAD):
- U2M flow (group access): If the subject claim is
groups, this must be the Object ID of the group in Entra ID. - U2M flow (user access): If the subject claim is
oid, this must be the Object ID of the user in Entra ID. - M2M flow (OAuth App access): If the subject claim is
azp, this must be the client ID of the OAuth app registered in Entra ID
- U2M flow (group access): If the subject claim is
- subject
Claim String - (string) - The claim that contains the subject of the token.
Depending on the identity provider and the use case (U2M or M2M), this can vary:
- For Entra ID (AAD):
- U2M flow (group access): Use
groups. - U2M flow (user access): Use
oid. - M2M flow (OAuth App access): Use
azp.
- For other IdPs, refer to the specific IdP documentation.
- audiences List<String>
- (list of string) - The allowed token audiences, as specified in the 'aud' claim of federated tokens. The audience identifier is intended to represent the recipient of the token. Can be any non-empty string value. As long as the audience in the token matches at least one audience in the policy,
Package Details
- Repository
- databricks pulumi/pulumi-databricks
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
databricksTerraform Provider.