Group

Databricks v1.92.0, May 12 26

Viewing docs for Databricks v1.92.0
published on Tuesday, May 12, 2026 by Pulumi

Schema (JSON)

pulumi/pulumi-databricks

Viewing docs for Databricks v1.92.0
published on Tuesday, May 12, 2026 by Pulumi

Schema (JSON)

pulumi/pulumi-databricks

This resource allows you to manage both account groups and workspace-local groups. You can use the databricks.GroupMember resource to assign Databricks users, service principals as well as other groups as members of the group. This is useful if you are using an application to sync users & groups with SCIM API.

This resource can be used with an account or workspace-level provider.

To assign an account level group to a workspace use databricks_mws_permission_assignment.

Entitlements, like, allowClusterCreate, allowInstancePoolCreate, databricksSqlAccess, workspaceAccess applicable only for workspace-level groups. Use databricks.Entitlements resource to assign entitlements inside a workspace to account-level groups.

To create account groups in the Databricks account, the provider must be configured accordingly. On AWS deployment with host = "https://accounts.cloud.databricks.com" and accountId = "00000000-0000-0000-0000-000000000000". On Azure deployments host = "https://accounts.azuredatabricks.net", accountId = "00000000-0000-0000-0000-000000000000" and using AAD tokens as authentication.

Recommended to use along with Identity Provider SCIM provisioning to populate users into those groups:

Example Usage

Creating some group

import * as pulumi from "@pulumi/pulumi";
import * as databricks from "@pulumi/databricks";

const _this = new databricks.Group("this", {
    displayName: "Some Group",
    allowClusterCreate: true,
    allowInstancePoolCreate: true,
});

import pulumi
import pulumi_databricks as databricks

this = databricks.Group("this",
    display_name="Some Group",
    allow_cluster_create=True,
    allow_instance_pool_create=True)

package main

import (
	"github.com/pulumi/pulumi-databricks/sdk/go/databricks"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := databricks.NewGroup(ctx, "this", &databricks.GroupArgs{
			DisplayName:             pulumi.String("Some Group"),
			AllowClusterCreate:      pulumi.Bool(true),
			AllowInstancePoolCreate: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Databricks = Pulumi.Databricks;

return await Deployment.RunAsync(() => 
{
    var @this = new Databricks.Group("this", new()
    {
        DisplayName = "Some Group",
        AllowClusterCreate = true,
        AllowInstancePoolCreate = true,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.databricks.Group;
import com.pulumi.databricks.GroupArgs;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var this_ = new Group("this", GroupArgs.builder()
            .displayName("Some Group")
            .allowClusterCreate(true)
            .allowInstancePoolCreate(true)
            .build());

    }
}

resources:
  this:
    type: databricks:Group
    properties:
      displayName: Some Group
      allowClusterCreate: true
      allowInstancePoolCreate: true

Example coming soon!

Adding databricks.User as databricks.GroupMember of some group

import * as pulumi from "@pulumi/pulumi";
import * as databricks from "@pulumi/databricks";

const _this = new databricks.Group("this", {
    displayName: "Some Group",
    allowClusterCreate: true,
    allowInstancePoolCreate: true,
});
const thisUser = new databricks.User("this", {userName: "someone@example.com"});
const vipMember = new databricks.GroupMember("vip_member", {
    groupId: _this.id,
    memberId: thisUser.id,
});

import pulumi
import pulumi_databricks as databricks

this = databricks.Group("this",
    display_name="Some Group",
    allow_cluster_create=True,
    allow_instance_pool_create=True)
this_user = databricks.User("this", user_name="someone@example.com")
vip_member = databricks.GroupMember("vip_member",
    group_id=this.id,
    member_id=this_user.id)

package main

import (
	"github.com/pulumi/pulumi-databricks/sdk/go/databricks"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		this, err := databricks.NewGroup(ctx, "this", &databricks.GroupArgs{
			DisplayName:             pulumi.String("Some Group"),
			AllowClusterCreate:      pulumi.Bool(true),
			AllowInstancePoolCreate: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		thisUser, err := databricks.NewUser(ctx, "this", &databricks.UserArgs{
			UserName: pulumi.String("someone@example.com"),
		})
		if err != nil {
			return err
		}
		_, err = databricks.NewGroupMember(ctx, "vip_member", &databricks.GroupMemberArgs{
			GroupId:  this.ID(),
			MemberId: thisUser.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Databricks = Pulumi.Databricks;

return await Deployment.RunAsync(() => 
{
    var @this = new Databricks.Group("this", new()
    {
        DisplayName = "Some Group",
        AllowClusterCreate = true,
        AllowInstancePoolCreate = true,
    });

    var thisUser = new Databricks.User("this", new()
    {
        UserName = "someone@example.com",
    });

    var vipMember = new Databricks.GroupMember("vip_member", new()
    {
        GroupId = @this.Id,
        MemberId = thisUser.Id,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.databricks.Group;
import com.pulumi.databricks.GroupArgs;
import com.pulumi.databricks.User;
import com.pulumi.databricks.UserArgs;
import com.pulumi.databricks.GroupMember;
import com.pulumi.databricks.GroupMemberArgs;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var this_ = new Group("this", GroupArgs.builder()
            .displayName("Some Group")
            .allowClusterCreate(true)
            .allowInstancePoolCreate(true)
            .build());

        var thisUser = new User("thisUser", UserArgs.builder()
            .userName("someone@example.com")
            .build());

        var vipMember = new GroupMember("vipMember", GroupMemberArgs.builder()
            .groupId(this_.id())
            .memberId(thisUser.id())
            .build());

    }
}

resources:
  this:
    type: databricks:Group
    properties:
      displayName: Some Group
      allowClusterCreate: true
      allowInstancePoolCreate: true
  thisUser:
    type: databricks:User
    name: this
    properties:
      userName: someone@example.com
  vipMember:
    type: databricks:GroupMember
    name: vip_member
    properties:
      groupId: ${this.id}
      memberId: ${thisUser.id}

Example coming soon!

Creating group in AWS Databricks account:

import * as pulumi from "@pulumi/pulumi";
import * as databricks from "@pulumi/databricks";

const _this = new databricks.Group("this", {displayName: "Some Group"});

import pulumi
import pulumi_databricks as databricks

this = databricks.Group("this", display_name="Some Group")

package main

import (
	"github.com/pulumi/pulumi-databricks/sdk/go/databricks"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := databricks.NewGroup(ctx, "this", &databricks.GroupArgs{
			DisplayName: pulumi.String("Some Group"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Databricks = Pulumi.Databricks;

return await Deployment.RunAsync(() => 
{
    var @this = new Databricks.Group("this", new()
    {
        DisplayName = "Some Group",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.databricks.Group;
import com.pulumi.databricks.GroupArgs;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var this_ = new Group("this", GroupArgs.builder()
            .displayName("Some Group")
            .build());

    }
}

resources:
  this:
    type: databricks:Group
    properties:
      displayName: Some Group

Example coming soon!

Creating group in Azure Databricks account:

import * as pulumi from "@pulumi/pulumi";
import * as databricks from "@pulumi/databricks";

const _this = new databricks.Group("this", {displayName: "Some Group"});

import pulumi
import pulumi_databricks as databricks

this = databricks.Group("this", display_name="Some Group")

package main

import (
	"github.com/pulumi/pulumi-databricks/sdk/go/databricks"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := databricks.NewGroup(ctx, "this", &databricks.GroupArgs{
			DisplayName: pulumi.String("Some Group"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Databricks = Pulumi.Databricks;

return await Deployment.RunAsync(() => 
{
    var @this = new Databricks.Group("this", new()
    {
        DisplayName = "Some Group",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.databricks.Group;
import com.pulumi.databricks.GroupArgs;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var this_ = new Group("this", GroupArgs.builder()
            .displayName("Some Group")
            .build());

    }
}

resources:
  this:
    type: databricks:Group
    properties:
      displayName: Some Group

Example coming soon!

Create Group Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Group(name: string, args?: GroupArgs, opts?: CustomResourceOptions);

@overload
def Group(resource_name: str,
          args: Optional[GroupArgs] = None,
          opts: Optional[ResourceOptions] = None)

@overload
def Group(resource_name: str,
          opts: Optional[ResourceOptions] = None,
          acl_principal_id: Optional[str] = None,
          allow_cluster_create: Optional[bool] = None,
          allow_instance_pool_create: Optional[bool] = None,
          api: Optional[str] = None,
          databricks_sql_access: Optional[bool] = None,
          display_name: Optional[str] = None,
          external_id: Optional[str] = None,
          force: Optional[bool] = None,
          provider_config: Optional[GroupProviderConfigArgs] = None,
          url: Optional[str] = None,
          workspace_access: Optional[bool] = None,
          workspace_consume: Optional[bool] = None)

func NewGroup(ctx *Context, name string, args *GroupArgs, opts ...ResourceOption) (*Group, error)

public Group(string name, GroupArgs? args = null, CustomResourceOptions? opts = null)

public Group(String name, GroupArgs args)
public Group(String name, GroupArgs args, CustomResourceOptions options)

type: databricks:Group
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

resource "databricks_group" "name" {
    # resource properties
}

Parameters

name string: The unique name of the resource.
args GroupArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args GroupArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args GroupArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args GroupArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args GroupArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var groupResource = new Databricks.Group("groupResource", new()
{
    AclPrincipalId = "string",
    AllowClusterCreate = false,
    AllowInstancePoolCreate = false,
    Api = "string",
    DatabricksSqlAccess = false,
    DisplayName = "string",
    ExternalId = "string",
    Force = false,
    ProviderConfig = new Databricks.Inputs.GroupProviderConfigArgs
    {
        WorkspaceId = "string",
    },
    Url = "string",
    WorkspaceAccess = false,
    WorkspaceConsume = false,
});

example, err := databricks.NewGroup(ctx, "groupResource", &databricks.GroupArgs{
	AclPrincipalId:          pulumi.String("string"),
	AllowClusterCreate:      pulumi.Bool(false),
	AllowInstancePoolCreate: pulumi.Bool(false),
	Api:                     pulumi.String("string"),
	DatabricksSqlAccess:     pulumi.Bool(false),
	DisplayName:             pulumi.String("string"),
	ExternalId:              pulumi.String("string"),
	Force:                   pulumi.Bool(false),
	ProviderConfig: &databricks.GroupProviderConfigArgs{
		WorkspaceId: pulumi.String("string"),
	},
	Url:              pulumi.String("string"),
	WorkspaceAccess:  pulumi.Bool(false),
	WorkspaceConsume: pulumi.Bool(false),
})

resource "databricks_group" "groupResource" {
  acl_principal_id           = "string"
  allow_cluster_create       = false
  allow_instance_pool_create = false
  api                        = "string"
  databricks_sql_access      = false
  display_name               = "string"
  external_id                = "string"
  force                      = false
  provider_config = {
    workspace_id = "string"
  }
  url               = "string"
  workspace_access  = false
  workspace_consume = false
}

var groupResource = new Group("groupResource", GroupArgs.builder()
    .aclPrincipalId("string")
    .allowClusterCreate(false)
    .allowInstancePoolCreate(false)
    .api("string")
    .databricksSqlAccess(false)
    .displayName("string")
    .externalId("string")
    .force(false)
    .providerConfig(GroupProviderConfigArgs.builder()
        .workspaceId("string")
        .build())
    .url("string")
    .workspaceAccess(false)
    .workspaceConsume(false)
    .build());

group_resource = databricks.Group("groupResource",
    acl_principal_id="string",
    allow_cluster_create=False,
    allow_instance_pool_create=False,
    api="string",
    databricks_sql_access=False,
    display_name="string",
    external_id="string",
    force=False,
    provider_config={
        "workspace_id": "string",
    },
    url="string",
    workspace_access=False,
    workspace_consume=False)

const groupResource = new databricks.Group("groupResource", {
    aclPrincipalId: "string",
    allowClusterCreate: false,
    allowInstancePoolCreate: false,
    api: "string",
    databricksSqlAccess: false,
    displayName: "string",
    externalId: "string",
    force: false,
    providerConfig: {
        workspaceId: "string",
    },
    url: "string",
    workspaceAccess: false,
    workspaceConsume: false,
});

type: databricks:Group
properties:
    aclPrincipalId: string
    allowClusterCreate: false
    allowInstancePoolCreate: false
    api: string
    databricksSqlAccess: false
    displayName: string
    externalId: string
    force: false
    providerConfig:
        workspaceId: string
    url: string
    workspaceAccess: false
    workspaceConsume: false

Group Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Group resource accepts the following input properties:

AclPrincipalId string: identifier for use in databricks_access_control_rule_set, e.g. groups/Some Group.
AllowClusterCreate bool: This is a field to allow the group to have cluster create privileges. More fine grained permissions could be assigned with databricks.Permissions and clusterId argument. Everyone without allowClusterCreate argument set, but with permission to use Cluster Policy would be able to create clusters, but within boundaries of that specific policy.
AllowInstancePoolCreate bool: This is a field to allow the group to have instance pool create privileges. More fine grained permissions could be assigned with databricks.Permissions and instancePoolId argument.
Api string: Specifies whether to use account-level or workspace-level API. Valid values are account and workspace. When not set, the API level is inferred from the provider host.
DatabricksSqlAccess bool: This is a field to allow the group to have access to Databricks SQL UI, Databricks One and through databricks_sql_endpoint.
DisplayName string: This is the display name for the given group.
ExternalId string: ID of the group in an external identity provider.
Force bool: Ignore cannot create group: Group with name X already exists. errors and implicitly import the specific group into Pulumi state, enforcing entitlements defined in the instance of resource. This functionality is experimental and is designed to simplify corner cases, like Azure Active Directory synchronisation.
ProviderConfig GroupProviderConfig
Url string
WorkspaceAccess bool: This is a field to allow the group to have access to a Databricks Workspace UI and Databricks One.
WorkspaceConsume bool: This is a field to allow the group to have access only to Databricks One. Couldn't be used with workspaceAccess or databricksSqlAccess.

AclPrincipalId string: identifier for use in databricks_access_control_rule_set, e.g. groups/Some Group.
AllowClusterCreate bool: This is a field to allow the group to have cluster create privileges. More fine grained permissions could be assigned with databricks.Permissions and clusterId argument. Everyone without allowClusterCreate argument set, but with permission to use Cluster Policy would be able to create clusters, but within boundaries of that specific policy.
AllowInstancePoolCreate bool: This is a field to allow the group to have instance pool create privileges. More fine grained permissions could be assigned with databricks.Permissions and instancePoolId argument.
Api string: Specifies whether to use account-level or workspace-level API. Valid values are account and workspace. When not set, the API level is inferred from the provider host.
DatabricksSqlAccess bool: This is a field to allow the group to have access to Databricks SQL UI, Databricks One and through databricks_sql_endpoint.
DisplayName string: This is the display name for the given group.
ExternalId string: ID of the group in an external identity provider.
Force bool: Ignore cannot create group: Group with name X already exists. errors and implicitly import the specific group into Pulumi state, enforcing entitlements defined in the instance of resource. This functionality is experimental and is designed to simplify corner cases, like Azure Active Directory synchronisation.
ProviderConfig GroupProviderConfigArgs
Url string
WorkspaceAccess bool: This is a field to allow the group to have access to a Databricks Workspace UI and Databricks One.
WorkspaceConsume bool: This is a field to allow the group to have access only to Databricks One. Couldn't be used with workspaceAccess or databricksSqlAccess.

acl_principal_id string: identifier for use in databricks_access_control_rule_set, e.g. groups/Some Group.
allow_cluster_create bool: This is a field to allow the group to have cluster create privileges. More fine grained permissions could be assigned with databricks.Permissions and clusterId argument. Everyone without allowClusterCreate argument set, but with permission to use Cluster Policy would be able to create clusters, but within boundaries of that specific policy.
allow_instance_pool_create bool: This is a field to allow the group to have instance pool create privileges. More fine grained permissions could be assigned with databricks.Permissions and instancePoolId argument.
api string: Specifies whether to use account-level or workspace-level API. Valid values are account and workspace. When not set, the API level is inferred from the provider host.
databricks_sql_access bool: This is a field to allow the group to have access to Databricks SQL UI, Databricks One and through databricks_sql_endpoint.
display_name string: This is the display name for the given group.
external_id string: ID of the group in an external identity provider.
force bool: Ignore cannot create group: Group with name X already exists. errors and implicitly import the specific group into Pulumi state, enforcing entitlements defined in the instance of resource. This functionality is experimental and is designed to simplify corner cases, like Azure Active Directory synchronisation.
provider_config object
url string
workspace_access bool: This is a field to allow the group to have access to a Databricks Workspace UI and Databricks One.
workspace_consume bool: This is a field to allow the group to have access only to Databricks One. Couldn't be used with workspaceAccess or databricksSqlAccess.

aclPrincipalId String: identifier for use in databricks_access_control_rule_set, e.g. groups/Some Group.
allowClusterCreate Boolean: This is a field to allow the group to have cluster create privileges. More fine grained permissions could be assigned with databricks.Permissions and clusterId argument. Everyone without allowClusterCreate argument set, but with permission to use Cluster Policy would be able to create clusters, but within boundaries of that specific policy.
allowInstancePoolCreate Boolean: This is a field to allow the group to have instance pool create privileges. More fine grained permissions could be assigned with databricks.Permissions and instancePoolId argument.
api String: Specifies whether to use account-level or workspace-level API. Valid values are account and workspace. When not set, the API level is inferred from the provider host.
databricksSqlAccess Boolean: This is a field to allow the group to have access to Databricks SQL UI, Databricks One and through databricks_sql_endpoint.
displayName String: This is the display name for the given group.
externalId String: ID of the group in an external identity provider.
force Boolean: Ignore cannot create group: Group with name X already exists. errors and implicitly import the specific group into Pulumi state, enforcing entitlements defined in the instance of resource. This functionality is experimental and is designed to simplify corner cases, like Azure Active Directory synchronisation.
providerConfig GroupProviderConfig
url String
workspaceAccess Boolean: This is a field to allow the group to have access to a Databricks Workspace UI and Databricks One.
workspaceConsume Boolean: This is a field to allow the group to have access only to Databricks One. Couldn't be used with workspaceAccess or databricksSqlAccess.

aclPrincipalId string: identifier for use in databricks_access_control_rule_set, e.g. groups/Some Group.
allowClusterCreate boolean: This is a field to allow the group to have cluster create privileges. More fine grained permissions could be assigned with databricks.Permissions and clusterId argument. Everyone without allowClusterCreate argument set, but with permission to use Cluster Policy would be able to create clusters, but within boundaries of that specific policy.
allowInstancePoolCreate boolean: This is a field to allow the group to have instance pool create privileges. More fine grained permissions could be assigned with databricks.Permissions and instancePoolId argument.
api string: Specifies whether to use account-level or workspace-level API. Valid values are account and workspace. When not set, the API level is inferred from the provider host.
databricksSqlAccess boolean: This is a field to allow the group to have access to Databricks SQL UI, Databricks One and through databricks_sql_endpoint.
displayName string: This is the display name for the given group.
externalId string: ID of the group in an external identity provider.
force boolean: Ignore cannot create group: Group with name X already exists. errors and implicitly import the specific group into Pulumi state, enforcing entitlements defined in the instance of resource. This functionality is experimental and is designed to simplify corner cases, like Azure Active Directory synchronisation.
providerConfig GroupProviderConfig
url string
workspaceAccess boolean: This is a field to allow the group to have access to a Databricks Workspace UI and Databricks One.
workspaceConsume boolean: This is a field to allow the group to have access only to Databricks One. Couldn't be used with workspaceAccess or databricksSqlAccess.

acl_principal_id str: identifier for use in databricks_access_control_rule_set, e.g. groups/Some Group.
allow_cluster_create bool: This is a field to allow the group to have cluster create privileges. More fine grained permissions could be assigned with databricks.Permissions and clusterId argument. Everyone without allowClusterCreate argument set, but with permission to use Cluster Policy would be able to create clusters, but within boundaries of that specific policy.
allow_instance_pool_create bool: This is a field to allow the group to have instance pool create privileges. More fine grained permissions could be assigned with databricks.Permissions and instancePoolId argument.
api str: Specifies whether to use account-level or workspace-level API. Valid values are account and workspace. When not set, the API level is inferred from the provider host.
databricks_sql_access bool: This is a field to allow the group to have access to Databricks SQL UI, Databricks One and through databricks_sql_endpoint.
display_name str: This is the display name for the given group.
external_id str: ID of the group in an external identity provider.
force bool: Ignore cannot create group: Group with name X already exists. errors and implicitly import the specific group into Pulumi state, enforcing entitlements defined in the instance of resource. This functionality is experimental and is designed to simplify corner cases, like Azure Active Directory synchronisation.
provider_config GroupProviderConfigArgs
url str
workspace_access bool: This is a field to allow the group to have access to a Databricks Workspace UI and Databricks One.
workspace_consume bool: This is a field to allow the group to have access only to Databricks One. Couldn't be used with workspaceAccess or databricksSqlAccess.

aclPrincipalId String: identifier for use in databricks_access_control_rule_set, e.g. groups/Some Group.
allowClusterCreate Boolean: This is a field to allow the group to have cluster create privileges. More fine grained permissions could be assigned with databricks.Permissions and clusterId argument. Everyone without allowClusterCreate argument set, but with permission to use Cluster Policy would be able to create clusters, but within boundaries of that specific policy.
allowInstancePoolCreate Boolean: This is a field to allow the group to have instance pool create privileges. More fine grained permissions could be assigned with databricks.Permissions and instancePoolId argument.
api String: Specifies whether to use account-level or workspace-level API. Valid values are account and workspace. When not set, the API level is inferred from the provider host.
databricksSqlAccess Boolean: This is a field to allow the group to have access to Databricks SQL UI, Databricks One and through databricks_sql_endpoint.
displayName String: This is the display name for the given group.
externalId String: ID of the group in an external identity provider.
force Boolean: Ignore cannot create group: Group with name X already exists. errors and implicitly import the specific group into Pulumi state, enforcing entitlements defined in the instance of resource. This functionality is experimental and is designed to simplify corner cases, like Azure Active Directory synchronisation.
providerConfig Property Map
url String
workspaceAccess Boolean: This is a field to allow the group to have access to a Databricks Workspace UI and Databricks One.
workspaceConsume Boolean: This is a field to allow the group to have access only to Databricks One. Couldn't be used with workspaceAccess or databricksSqlAccess.

Outputs

All input properties are implicitly available as output properties. Additionally, the Group resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing Group Resource

Get an existing Group resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: GroupState, opts?: CustomResourceOptions): Group

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        acl_principal_id: Optional[str] = None,
        allow_cluster_create: Optional[bool] = None,
        allow_instance_pool_create: Optional[bool] = None,
        api: Optional[str] = None,
        databricks_sql_access: Optional[bool] = None,
        display_name: Optional[str] = None,
        external_id: Optional[str] = None,
        force: Optional[bool] = None,
        provider_config: Optional[GroupProviderConfigArgs] = None,
        url: Optional[str] = None,
        workspace_access: Optional[bool] = None,
        workspace_consume: Optional[bool] = None) -> Group

func GetGroup(ctx *Context, name string, id IDInput, state *GroupState, opts ...ResourceOption) (*Group, error)

public static Group Get(string name, Input<string> id, GroupState? state, CustomResourceOptions? opts = null)

public static Group get(String name, Output<String> id, GroupState state, CustomResourceOptions options)

resources:  _:    type: databricks:Group    get:      id: ${id}

import {
  to = databricks_group.example
  id = "${id}"
}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AclPrincipalId string: identifier for use in databricks_access_control_rule_set, e.g. groups/Some Group.
AllowClusterCreate bool: This is a field to allow the group to have cluster create privileges. More fine grained permissions could be assigned with databricks.Permissions and clusterId argument. Everyone without allowClusterCreate argument set, but with permission to use Cluster Policy would be able to create clusters, but within boundaries of that specific policy.
AllowInstancePoolCreate bool: This is a field to allow the group to have instance pool create privileges. More fine grained permissions could be assigned with databricks.Permissions and instancePoolId argument.
Api string: Specifies whether to use account-level or workspace-level API. Valid values are account and workspace. When not set, the API level is inferred from the provider host.
DatabricksSqlAccess bool: This is a field to allow the group to have access to Databricks SQL UI, Databricks One and through databricks_sql_endpoint.
DisplayName string: This is the display name for the given group.
ExternalId string: ID of the group in an external identity provider.
Force bool: Ignore cannot create group: Group with name X already exists. errors and implicitly import the specific group into Pulumi state, enforcing entitlements defined in the instance of resource. This functionality is experimental and is designed to simplify corner cases, like Azure Active Directory synchronisation.
ProviderConfig GroupProviderConfig
Url string
WorkspaceAccess bool: This is a field to allow the group to have access to a Databricks Workspace UI and Databricks One.
WorkspaceConsume bool: This is a field to allow the group to have access only to Databricks One. Couldn't be used with workspaceAccess or databricksSqlAccess.

AclPrincipalId string: identifier for use in databricks_access_control_rule_set, e.g. groups/Some Group.
AllowClusterCreate bool: This is a field to allow the group to have cluster create privileges. More fine grained permissions could be assigned with databricks.Permissions and clusterId argument. Everyone without allowClusterCreate argument set, but with permission to use Cluster Policy would be able to create clusters, but within boundaries of that specific policy.
AllowInstancePoolCreate bool: This is a field to allow the group to have instance pool create privileges. More fine grained permissions could be assigned with databricks.Permissions and instancePoolId argument.
Api string: Specifies whether to use account-level or workspace-level API. Valid values are account and workspace. When not set, the API level is inferred from the provider host.
DatabricksSqlAccess bool: This is a field to allow the group to have access to Databricks SQL UI, Databricks One and through databricks_sql_endpoint.
DisplayName string: This is the display name for the given group.
ExternalId string: ID of the group in an external identity provider.
Force bool: Ignore cannot create group: Group with name X already exists. errors and implicitly import the specific group into Pulumi state, enforcing entitlements defined in the instance of resource. This functionality is experimental and is designed to simplify corner cases, like Azure Active Directory synchronisation.
ProviderConfig GroupProviderConfigArgs
Url string
WorkspaceAccess bool: This is a field to allow the group to have access to a Databricks Workspace UI and Databricks One.
WorkspaceConsume bool: This is a field to allow the group to have access only to Databricks One. Couldn't be used with workspaceAccess or databricksSqlAccess.

acl_principal_id string: identifier for use in databricks_access_control_rule_set, e.g. groups/Some Group.
allow_cluster_create bool: This is a field to allow the group to have cluster create privileges. More fine grained permissions could be assigned with databricks.Permissions and clusterId argument. Everyone without allowClusterCreate argument set, but with permission to use Cluster Policy would be able to create clusters, but within boundaries of that specific policy.
allow_instance_pool_create bool: This is a field to allow the group to have instance pool create privileges. More fine grained permissions could be assigned with databricks.Permissions and instancePoolId argument.
api string: Specifies whether to use account-level or workspace-level API. Valid values are account and workspace. When not set, the API level is inferred from the provider host.
databricks_sql_access bool: This is a field to allow the group to have access to Databricks SQL UI, Databricks One and through databricks_sql_endpoint.
display_name string: This is the display name for the given group.
external_id string: ID of the group in an external identity provider.
force bool: Ignore cannot create group: Group with name X already exists. errors and implicitly import the specific group into Pulumi state, enforcing entitlements defined in the instance of resource. This functionality is experimental and is designed to simplify corner cases, like Azure Active Directory synchronisation.
provider_config object
url string
workspace_access bool: This is a field to allow the group to have access to a Databricks Workspace UI and Databricks One.
workspace_consume bool: This is a field to allow the group to have access only to Databricks One. Couldn't be used with workspaceAccess or databricksSqlAccess.

aclPrincipalId String: identifier for use in databricks_access_control_rule_set, e.g. groups/Some Group.
allowClusterCreate Boolean: This is a field to allow the group to have cluster create privileges. More fine grained permissions could be assigned with databricks.Permissions and clusterId argument. Everyone without allowClusterCreate argument set, but with permission to use Cluster Policy would be able to create clusters, but within boundaries of that specific policy.
allowInstancePoolCreate Boolean: This is a field to allow the group to have instance pool create privileges. More fine grained permissions could be assigned with databricks.Permissions and instancePoolId argument.
api String: Specifies whether to use account-level or workspace-level API. Valid values are account and workspace. When not set, the API level is inferred from the provider host.
databricksSqlAccess Boolean: This is a field to allow the group to have access to Databricks SQL UI, Databricks One and through databricks_sql_endpoint.
displayName String: This is the display name for the given group.
externalId String: ID of the group in an external identity provider.
force Boolean: Ignore cannot create group: Group with name X already exists. errors and implicitly import the specific group into Pulumi state, enforcing entitlements defined in the instance of resource. This functionality is experimental and is designed to simplify corner cases, like Azure Active Directory synchronisation.
providerConfig GroupProviderConfig
url String
workspaceAccess Boolean: This is a field to allow the group to have access to a Databricks Workspace UI and Databricks One.
workspaceConsume Boolean: This is a field to allow the group to have access only to Databricks One. Couldn't be used with workspaceAccess or databricksSqlAccess.

aclPrincipalId string: identifier for use in databricks_access_control_rule_set, e.g. groups/Some Group.
allowClusterCreate boolean: This is a field to allow the group to have cluster create privileges. More fine grained permissions could be assigned with databricks.Permissions and clusterId argument. Everyone without allowClusterCreate argument set, but with permission to use Cluster Policy would be able to create clusters, but within boundaries of that specific policy.
allowInstancePoolCreate boolean: This is a field to allow the group to have instance pool create privileges. More fine grained permissions could be assigned with databricks.Permissions and instancePoolId argument.
api string: Specifies whether to use account-level or workspace-level API. Valid values are account and workspace. When not set, the API level is inferred from the provider host.
databricksSqlAccess boolean: This is a field to allow the group to have access to Databricks SQL UI, Databricks One and through databricks_sql_endpoint.
displayName string: This is the display name for the given group.
externalId string: ID of the group in an external identity provider.
force boolean: Ignore cannot create group: Group with name X already exists. errors and implicitly import the specific group into Pulumi state, enforcing entitlements defined in the instance of resource. This functionality is experimental and is designed to simplify corner cases, like Azure Active Directory synchronisation.
providerConfig GroupProviderConfig
url string
workspaceAccess boolean: This is a field to allow the group to have access to a Databricks Workspace UI and Databricks One.
workspaceConsume boolean: This is a field to allow the group to have access only to Databricks One. Couldn't be used with workspaceAccess or databricksSqlAccess.

acl_principal_id str: identifier for use in databricks_access_control_rule_set, e.g. groups/Some Group.
allow_cluster_create bool: This is a field to allow the group to have cluster create privileges. More fine grained permissions could be assigned with databricks.Permissions and clusterId argument. Everyone without allowClusterCreate argument set, but with permission to use Cluster Policy would be able to create clusters, but within boundaries of that specific policy.
allow_instance_pool_create bool: This is a field to allow the group to have instance pool create privileges. More fine grained permissions could be assigned with databricks.Permissions and instancePoolId argument.
api str: Specifies whether to use account-level or workspace-level API. Valid values are account and workspace. When not set, the API level is inferred from the provider host.
databricks_sql_access bool: This is a field to allow the group to have access to Databricks SQL UI, Databricks One and through databricks_sql_endpoint.
display_name str: This is the display name for the given group.
external_id str: ID of the group in an external identity provider.
force bool: Ignore cannot create group: Group with name X already exists. errors and implicitly import the specific group into Pulumi state, enforcing entitlements defined in the instance of resource. This functionality is experimental and is designed to simplify corner cases, like Azure Active Directory synchronisation.
provider_config GroupProviderConfigArgs
url str
workspace_access bool: This is a field to allow the group to have access to a Databricks Workspace UI and Databricks One.
workspace_consume bool: This is a field to allow the group to have access only to Databricks One. Couldn't be used with workspaceAccess or databricksSqlAccess.

aclPrincipalId String: identifier for use in databricks_access_control_rule_set, e.g. groups/Some Group.
allowClusterCreate Boolean: This is a field to allow the group to have cluster create privileges. More fine grained permissions could be assigned with databricks.Permissions and clusterId argument. Everyone without allowClusterCreate argument set, but with permission to use Cluster Policy would be able to create clusters, but within boundaries of that specific policy.
allowInstancePoolCreate Boolean: This is a field to allow the group to have instance pool create privileges. More fine grained permissions could be assigned with databricks.Permissions and instancePoolId argument.
api String: Specifies whether to use account-level or workspace-level API. Valid values are account and workspace. When not set, the API level is inferred from the provider host.
databricksSqlAccess Boolean: This is a field to allow the group to have access to Databricks SQL UI, Databricks One and through databricks_sql_endpoint.
displayName String: This is the display name for the given group.
externalId String: ID of the group in an external identity provider.
force Boolean: Ignore cannot create group: Group with name X already exists. errors and implicitly import the specific group into Pulumi state, enforcing entitlements defined in the instance of resource. This functionality is experimental and is designed to simplify corner cases, like Azure Active Directory synchronisation.
providerConfig Property Map
url String
workspaceAccess Boolean: This is a field to allow the group to have access to a Databricks Workspace UI and Databricks One.
workspaceConsume Boolean: This is a field to allow the group to have access only to Databricks One. Couldn't be used with workspaceAccess or databricksSqlAccess.