Databricks v1.71.0, Jun 9 25

Databricks v1.71.0 published on Monday, Jun 9, 2025 by Pulumi

databricks.getRecipientFederationPolicy

Explore with Pulumi AI

Databricks v1.71.0 published on Monday, Jun 9, 2025 by Pulumi

Using getRecipientFederationPolicy

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getRecipientFederationPolicy(args: GetRecipientFederationPolicyArgs, opts?: InvokeOptions): Promise<GetRecipientFederationPolicyResult>
function getRecipientFederationPolicyOutput(args: GetRecipientFederationPolicyOutputArgs, opts?: InvokeOptions): Output<GetRecipientFederationPolicyResult>

def get_recipient_federation_policy(comment: Optional[str] = None,
                                    name: Optional[str] = None,
                                    oidc_policy: Optional[GetRecipientFederationPolicyOidcPolicy] = None,
                                    opts: Optional[InvokeOptions] = None) -> GetRecipientFederationPolicyResult
def get_recipient_federation_policy_output(comment: Optional[pulumi.Input[str]] = None,
                                    name: Optional[pulumi.Input[str]] = None,
                                    oidc_policy: Optional[pulumi.Input[GetRecipientFederationPolicyOidcPolicyArgs]] = None,
                                    opts: Optional[InvokeOptions] = None) -> Output[GetRecipientFederationPolicyResult]

func LookupRecipientFederationPolicy(ctx *Context, args *LookupRecipientFederationPolicyArgs, opts ...InvokeOption) (*LookupRecipientFederationPolicyResult, error)
func LookupRecipientFederationPolicyOutput(ctx *Context, args *LookupRecipientFederationPolicyOutputArgs, opts ...InvokeOption) LookupRecipientFederationPolicyResultOutput

> Note: This function is named LookupRecipientFederationPolicy in the Go SDK.

public static class GetRecipientFederationPolicy 
{
    public static Task<GetRecipientFederationPolicyResult> InvokeAsync(GetRecipientFederationPolicyArgs args, InvokeOptions? opts = null)
    public static Output<GetRecipientFederationPolicyResult> Invoke(GetRecipientFederationPolicyInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetRecipientFederationPolicyResult> getRecipientFederationPolicy(GetRecipientFederationPolicyArgs args, InvokeOptions options)
public static Output<GetRecipientFederationPolicyResult> getRecipientFederationPolicy(GetRecipientFederationPolicyArgs args, InvokeOptions options)

fn::invoke:
  function: databricks:index/getRecipientFederationPolicy:getRecipientFederationPolicy
  arguments:
    # arguments dictionary

The following arguments are supported:

Comment string: (string) - Description of the policy. This is a user-provided description
Name string: Name of the federation policy. A recipient can have multiple policies with different names. The name must contain only lowercase alphanumeric characters, numbers, and hyphens
OidcPolicy GetRecipientFederationPolicyOidcPolicy: (OidcFederationPolicy) - Specifies the policy to use for validating OIDC claims in the federated tokens

Comment string: (string) - Description of the policy. This is a user-provided description
Name string: Name of the federation policy. A recipient can have multiple policies with different names. The name must contain only lowercase alphanumeric characters, numbers, and hyphens
OidcPolicy GetRecipientFederationPolicyOidcPolicy: (OidcFederationPolicy) - Specifies the policy to use for validating OIDC claims in the federated tokens

comment String: (string) - Description of the policy. This is a user-provided description
name String: Name of the federation policy. A recipient can have multiple policies with different names. The name must contain only lowercase alphanumeric characters, numbers, and hyphens
oidcPolicy GetRecipientFederationPolicyOidcPolicy: (OidcFederationPolicy) - Specifies the policy to use for validating OIDC claims in the federated tokens

comment string: (string) - Description of the policy. This is a user-provided description
name string: Name of the federation policy. A recipient can have multiple policies with different names. The name must contain only lowercase alphanumeric characters, numbers, and hyphens
oidcPolicy GetRecipientFederationPolicyOidcPolicy: (OidcFederationPolicy) - Specifies the policy to use for validating OIDC claims in the federated tokens

comment str: (string) - Description of the policy. This is a user-provided description
name str: Name of the federation policy. A recipient can have multiple policies with different names. The name must contain only lowercase alphanumeric characters, numbers, and hyphens
oidc_policy GetRecipientFederationPolicyOidcPolicy: (OidcFederationPolicy) - Specifies the policy to use for validating OIDC claims in the federated tokens

comment String: (string) - Description of the policy. This is a user-provided description
name String: Name of the federation policy. A recipient can have multiple policies with different names. The name must contain only lowercase alphanumeric characters, numbers, and hyphens
oidcPolicy Property Map: (OidcFederationPolicy) - Specifies the policy to use for validating OIDC claims in the federated tokens

getRecipientFederationPolicy Result

The following output properties are available:

CreateTime string: (string) - System-generated timestamp indicating when the policy was created
Id string: (string) - Unique, immutable system-generated identifier for the federation policy
UpdateTime string: (string) - System-generated timestamp indicating when the policy was last updated
Comment string: (string) - Description of the policy. This is a user-provided description
Name string: (string) - Name of the federation policy. A recipient can have multiple policies with different names. The name must contain only lowercase alphanumeric characters, numbers, and hyphens
OidcPolicy GetRecipientFederationPolicyOidcPolicy: (OidcFederationPolicy) - Specifies the policy to use for validating OIDC claims in the federated tokens

CreateTime string: (string) - System-generated timestamp indicating when the policy was created
Id string: (string) - Unique, immutable system-generated identifier for the federation policy
UpdateTime string: (string) - System-generated timestamp indicating when the policy was last updated
Comment string: (string) - Description of the policy. This is a user-provided description
Name string: (string) - Name of the federation policy. A recipient can have multiple policies with different names. The name must contain only lowercase alphanumeric characters, numbers, and hyphens
OidcPolicy GetRecipientFederationPolicyOidcPolicy: (OidcFederationPolicy) - Specifies the policy to use for validating OIDC claims in the federated tokens

createTime String: (string) - System-generated timestamp indicating when the policy was created
id String: (string) - Unique, immutable system-generated identifier for the federation policy
updateTime String: (string) - System-generated timestamp indicating when the policy was last updated
comment String: (string) - Description of the policy. This is a user-provided description
name String: (string) - Name of the federation policy. A recipient can have multiple policies with different names. The name must contain only lowercase alphanumeric characters, numbers, and hyphens
oidcPolicy GetRecipientFederationPolicyOidcPolicy: (OidcFederationPolicy) - Specifies the policy to use for validating OIDC claims in the federated tokens

createTime string: (string) - System-generated timestamp indicating when the policy was created
id string: (string) - Unique, immutable system-generated identifier for the federation policy
updateTime string: (string) - System-generated timestamp indicating when the policy was last updated
comment string: (string) - Description of the policy. This is a user-provided description
name string: (string) - Name of the federation policy. A recipient can have multiple policies with different names. The name must contain only lowercase alphanumeric characters, numbers, and hyphens
oidcPolicy GetRecipientFederationPolicyOidcPolicy: (OidcFederationPolicy) - Specifies the policy to use for validating OIDC claims in the federated tokens

create_time str: (string) - System-generated timestamp indicating when the policy was created
id str: (string) - Unique, immutable system-generated identifier for the federation policy
update_time str: (string) - System-generated timestamp indicating when the policy was last updated
comment str: (string) - Description of the policy. This is a user-provided description
name str: (string) - Name of the federation policy. A recipient can have multiple policies with different names. The name must contain only lowercase alphanumeric characters, numbers, and hyphens
oidc_policy GetRecipientFederationPolicyOidcPolicy: (OidcFederationPolicy) - Specifies the policy to use for validating OIDC claims in the federated tokens

createTime String: (string) - System-generated timestamp indicating when the policy was created
id String: (string) - Unique, immutable system-generated identifier for the federation policy
updateTime String: (string) - System-generated timestamp indicating when the policy was last updated
comment String: (string) - Description of the policy. This is a user-provided description
name String: (string) - Name of the federation policy. A recipient can have multiple policies with different names. The name must contain only lowercase alphanumeric characters, numbers, and hyphens
oidcPolicy Property Map: (OidcFederationPolicy) - Specifies the policy to use for validating OIDC claims in the federated tokens

Supporting Types

GetRecipientFederationPolicyOidcPolicy

Issuer string

(string) - The required token issuer, as specified in the 'iss' claim of federated tokens

Subject string

(string) - The required token subject, as specified in the subject claim of federated tokens. The subject claim identifies the identity of the user or machine accessing the resource. Examples for Entra ID (AAD):

U2M flow (group access): If the subject claim is groups, this must be the Object ID of the group in Entra ID.
U2M flow (user access): If the subject claim is oid, this must be the Object ID of the user in Entra ID.
M2M flow (OAuth App access): If the subject claim is azp, this must be the client ID of the OAuth app registered in Entra ID

SubjectClaim string

(string) - The claim that contains the subject of the token. Depending on the identity provider and the use case (U2M or M2M), this can vary:

For Entra ID (AAD):

U2M flow (group access): Use groups.
U2M flow (user access): Use oid.
M2M flow (OAuth App access): Use azp.

For other IdPs, refer to the specific IdP documentation.

Audiences List<string>

(list of string) - The allowed token audiences, as specified in the 'aud' claim of federated tokens. The audience identifier is intended to represent the recipient of the token. Can be any non-empty string value. As long as the audience in the token matches at least one audience in the policy,

Issuer string

(string) - The required token issuer, as specified in the 'iss' claim of federated tokens

Subject string

U2M flow (group access): If the subject claim is groups, this must be the Object ID of the group in Entra ID.
U2M flow (user access): If the subject claim is oid, this must be the Object ID of the user in Entra ID.
M2M flow (OAuth App access): If the subject claim is azp, this must be the client ID of the OAuth app registered in Entra ID

SubjectClaim string

(string) - The claim that contains the subject of the token. Depending on the identity provider and the use case (U2M or M2M), this can vary:

For Entra ID (AAD):

U2M flow (group access): Use groups.
U2M flow (user access): Use oid.
M2M flow (OAuth App access): Use azp.

For other IdPs, refer to the specific IdP documentation.

Audiences []string

issuer String

(string) - The required token issuer, as specified in the 'iss' claim of federated tokens

subject String

U2M flow (group access): If the subject claim is groups, this must be the Object ID of the group in Entra ID.
U2M flow (user access): If the subject claim is oid, this must be the Object ID of the user in Entra ID.
M2M flow (OAuth App access): If the subject claim is azp, this must be the client ID of the OAuth app registered in Entra ID

subjectClaim String

(string) - The claim that contains the subject of the token. Depending on the identity provider and the use case (U2M or M2M), this can vary:

For Entra ID (AAD):

U2M flow (group access): Use groups.
U2M flow (user access): Use oid.
M2M flow (OAuth App access): Use azp.

For other IdPs, refer to the specific IdP documentation.

audiences List<String>

issuer string

(string) - The required token issuer, as specified in the 'iss' claim of federated tokens

subject string

U2M flow (group access): If the subject claim is groups, this must be the Object ID of the group in Entra ID.
U2M flow (user access): If the subject claim is oid, this must be the Object ID of the user in Entra ID.
M2M flow (OAuth App access): If the subject claim is azp, this must be the client ID of the OAuth app registered in Entra ID

subjectClaim string

(string) - The claim that contains the subject of the token. Depending on the identity provider and the use case (U2M or M2M), this can vary:

For Entra ID (AAD):

U2M flow (group access): Use groups.
U2M flow (user access): Use oid.
M2M flow (OAuth App access): Use azp.

For other IdPs, refer to the specific IdP documentation.

audiences string[]

issuer str

(string) - The required token issuer, as specified in the 'iss' claim of federated tokens

subject str

U2M flow (group access): If the subject claim is groups, this must be the Object ID of the group in Entra ID.
U2M flow (user access): If the subject claim is oid, this must be the Object ID of the user in Entra ID.
M2M flow (OAuth App access): If the subject claim is azp, this must be the client ID of the OAuth app registered in Entra ID

subject_claim str

(string) - The claim that contains the subject of the token. Depending on the identity provider and the use case (U2M or M2M), this can vary:

For Entra ID (AAD):

U2M flow (group access): Use groups.
U2M flow (user access): Use oid.
M2M flow (OAuth App access): Use azp.

For other IdPs, refer to the specific IdP documentation.

audiences Sequence[str]

issuer String

(string) - The required token issuer, as specified in the 'iss' claim of federated tokens

subject String

U2M flow (group access): If the subject claim is groups, this must be the Object ID of the group in Entra ID.
U2M flow (user access): If the subject claim is oid, this must be the Object ID of the user in Entra ID.
M2M flow (OAuth App access): If the subject claim is azp, this must be the client ID of the OAuth app registered in Entra ID

subjectClaim String

(string) - The claim that contains the subject of the token. Depending on the identity provider and the use case (U2M or M2M), this can vary:

For Entra ID (AAD):

U2M flow (group access): Use groups.
U2M flow (user access): Use oid.
M2M flow (OAuth App access): Use azp.

For other IdPs, refer to the specific IdP documentation.

audiences List<String>

Package Details

Repository: databricks pulumi/pulumi-databricks
License: Apache-2.0
Notes: This Pulumi package is based on the databricks Terraform Provider.

Databricks v1.71.0 published on Monday, Jun 9, 2025 by Pulumi

pulumi/pulumi-databricks

databricks.getRecipientFederationPolicy

On this page

On this page

Using getRecipientFederationPolicy

getRecipientFederationPolicy Result

Supporting Types

GetRecipientFederationPolicyOidcPolicy

Package Details

On this page

On this page