Docs Packages
  1. Packages
  2. Databricks
  3. API Docs
  4. MetastoreDataAccess
Databricks v1.37.0 published on Thursday, Apr 25, 2024 by Pulumi
pulumi/pulumi-databricks

databricks.MetastoreDataAccess

Explore with Pulumi AI

databricks logo
Databricks v1.37.0 published on Thursday, Apr 25, 2024 by Pulumi
pulumi/pulumi-databricks

    Note This resource could be used with account or workspace-level provider.

    Optionally, each databricks.Metastore can have a default databricks.StorageCredential defined as databricks.MetastoreDataAccess. This will be used by Unity Catalog to access data in the root storage location if defined.

    Example Usage

    For AWS

    import * as pulumi from "@pulumi/pulumi";
import * as databricks from "@pulumi/databricks";

const _this = new databricks.Metastore("this", {
    name: "primary",
    storageRoot: `s3://${metastore.id}/metastore`,
    owner: "uc admins",
    region: "us-east-1",
    forceDestroy: true,
});
const thisMetastoreDataAccess = new databricks.MetastoreDataAccess("this", {
    metastoreId: _this.id,
    name: metastoreDataAccess.name,
    awsIamRole: {
        roleArn: metastoreDataAccess.arn,
    },
    isDefault: true,
});

    import pulumi
import pulumi_databricks as databricks

this = databricks.Metastore("this",
    name="primary",
    storage_root=f"s3://{metastore['id']}/metastore",
    owner="uc admins",
    region="us-east-1",
    force_destroy=True)
this_metastore_data_access = databricks.MetastoreDataAccess("this",
    metastore_id=this.id,
    name=metastore_data_access["name"],
    aws_iam_role=databricks.MetastoreDataAccessAwsIamRoleArgs(
        role_arn=metastore_data_access["arn"],
    ),
    is_default=True)

    package main

import (
	"fmt"

	"github.com/pulumi/pulumi-databricks/sdk/go/databricks"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		this, err := databricks.NewMetastore(ctx, "this", &databricks.MetastoreArgs{
			Name:         pulumi.String("primary"),
			StorageRoot:  pulumi.String(fmt.Sprintf("s3://%v/metastore", metastore.Id)),
			Owner:        pulumi.String("uc admins"),
			Region:       pulumi.String("us-east-1"),
			ForceDestroy: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		_, err = databricks.NewMetastoreDataAccess(ctx, "this", &databricks.MetastoreDataAccessArgs{
			MetastoreId: this.ID(),
			Name:        pulumi.Any(metastoreDataAccess.Name),
			AwsIamRole: &databricks.MetastoreDataAccessAwsIamRoleArgs{
				RoleArn: pulumi.Any(metastoreDataAccess.Arn),
			},
			IsDefault: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

    using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Databricks = Pulumi.Databricks;

return await Deployment.RunAsync(() => 
{
    var @this = new Databricks.Metastore("this", new()
    {
        Name = "primary",
        StorageRoot = $"s3://{metastore.Id}/metastore",
        Owner = "uc admins",
        Region = "us-east-1",
        ForceDestroy = true,
    });

    var thisMetastoreDataAccess = new Databricks.MetastoreDataAccess("this", new()
    {
        MetastoreId = @this.Id,
        Name = metastoreDataAccess.Name,
        AwsIamRole = new Databricks.Inputs.MetastoreDataAccessAwsIamRoleArgs
        {
            RoleArn = metastoreDataAccess.Arn,
        },
        IsDefault = true,
    });

});

    package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.databricks.Metastore;
import com.pulumi.databricks.MetastoreArgs;
import com.pulumi.databricks.MetastoreDataAccess;
import com.pulumi.databricks.MetastoreDataAccessArgs;
import com.pulumi.databricks.inputs.MetastoreDataAccessAwsIamRoleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var this_ = new Metastore("this", MetastoreArgs.builder()        
            .name("primary")
            .storageRoot(String.format("s3://%s/metastore", metastore.id()))
            .owner("uc admins")
            .region("us-east-1")
            .forceDestroy(true)
            .build());

        var thisMetastoreDataAccess = new MetastoreDataAccess("thisMetastoreDataAccess", MetastoreDataAccessArgs.builder()        
            .metastoreId(this_.id())
            .name(metastoreDataAccess.name())
            .awsIamRole(MetastoreDataAccessAwsIamRoleArgs.builder()
                .roleArn(metastoreDataAccess.arn())
                .build())
            .isDefault(true)
            .build());

    }
}

    resources:
  this:
    type: databricks:Metastore
    properties:
      name: primary
      storageRoot: s3://${metastore.id}/metastore
      owner: uc admins
      region: us-east-1
      forceDestroy: true
  thisMetastoreDataAccess:
    type: databricks:MetastoreDataAccess
    name: this
    properties:
      metastoreId: ${this.id}
      name: ${metastoreDataAccess.name}
      awsIamRole:
        roleArn: ${metastoreDataAccess.arn}
      isDefault: true

    For Azure using managed identity as credential (recommended)

    Create MetastoreDataAccess Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new MetastoreDataAccess(name: string, args?: MetastoreDataAccessArgs, opts?: CustomResourceOptions);
    @overload
def MetastoreDataAccess(resource_name: str,
                        args: Optional[MetastoreDataAccessArgs] = None,
                        opts: Optional[ResourceOptions] = None)

@overload
def MetastoreDataAccess(resource_name: str,
                        opts: Optional[ResourceOptions] = None,
                        aws_iam_role: Optional[MetastoreDataAccessAwsIamRoleArgs] = None,
                        azure_managed_identity: Optional[MetastoreDataAccessAzureManagedIdentityArgs] = None,
                        azure_service_principal: Optional[MetastoreDataAccessAzureServicePrincipalArgs] = None,
                        comment: Optional[str] = None,
                        databricks_gcp_service_account: Optional[MetastoreDataAccessDatabricksGcpServiceAccountArgs] = None,
                        force_destroy: Optional[bool] = None,
                        force_update: Optional[bool] = None,
                        gcp_service_account_key: Optional[MetastoreDataAccessGcpServiceAccountKeyArgs] = None,
                        is_default: Optional[bool] = None,
                        metastore_id: Optional[str] = None,
                        name: Optional[str] = None,
                        owner: Optional[str] = None,
                        read_only: Optional[bool] = None,
                        skip_validation: Optional[bool] = None)
    func NewMetastoreDataAccess(ctx *Context, name string, args *MetastoreDataAccessArgs, opts ...ResourceOption) (*MetastoreDataAccess, error)
    public MetastoreDataAccess(string name, MetastoreDataAccessArgs? args = null, CustomResourceOptions? opts = null)
    public MetastoreDataAccess(String name, MetastoreDataAccessArgs args)
public MetastoreDataAccess(String name, MetastoreDataAccessArgs args, CustomResourceOptions options)

    type: databricks:MetastoreDataAccess
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

    Parameters

    name string
    The unique name of the resource.
    args MetastoreDataAccessArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args MetastoreDataAccessArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args MetastoreDataAccessArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args MetastoreDataAccessArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args MetastoreDataAccessArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Example

    The following reference example uses placeholder values for all input properties.

    var metastoreDataAccessResource = new Databricks.MetastoreDataAccess("metastoreDataAccessResource", new()
{
    AwsIamRole = new Databricks.Inputs.MetastoreDataAccessAwsIamRoleArgs
    {
        RoleArn = "string",
        ExternalId = "string",
        UnityCatalogIamArn = "string",
    },
    AzureManagedIdentity = new Databricks.Inputs.MetastoreDataAccessAzureManagedIdentityArgs
    {
        AccessConnectorId = "string",
        CredentialId = "string",
        ManagedIdentityId = "string",
    },
    AzureServicePrincipal = new Databricks.Inputs.MetastoreDataAccessAzureServicePrincipalArgs
    {
        ApplicationId = "string",
        ClientSecret = "string",
        DirectoryId = "string",
    },
    Comment = "string",
    DatabricksGcpServiceAccount = new Databricks.Inputs.MetastoreDataAccessDatabricksGcpServiceAccountArgs
    {
        CredentialId = "string",
        Email = "string",
    },
    ForceDestroy = false,
    ForceUpdate = false,
    GcpServiceAccountKey = new Databricks.Inputs.MetastoreDataAccessGcpServiceAccountKeyArgs
    {
        Email = "string",
        PrivateKey = "string",
        PrivateKeyId = "string",
    },
    IsDefault = false,
    MetastoreId = "string",
    Name = "string",
    Owner = "string",
    ReadOnly = false,
    SkipValidation = false,
});

    example, err := databricks.NewMetastoreDataAccess(ctx, "metastoreDataAccessResource", &databricks.MetastoreDataAccessArgs{
	AwsIamRole: &databricks.MetastoreDataAccessAwsIamRoleArgs{
		RoleArn:            pulumi.String("string"),
		ExternalId:         pulumi.String("string"),
		UnityCatalogIamArn: pulumi.String("string"),
	},
	AzureManagedIdentity: &databricks.MetastoreDataAccessAzureManagedIdentityArgs{
		AccessConnectorId: pulumi.String("string"),
		CredentialId:      pulumi.String("string"),
		ManagedIdentityId: pulumi.String("string"),
	},
	AzureServicePrincipal: &databricks.MetastoreDataAccessAzureServicePrincipalArgs{
		ApplicationId: pulumi.String("string"),
		ClientSecret:  pulumi.String("string"),
		DirectoryId:   pulumi.String("string"),
	},
	Comment: pulumi.String("string"),
	DatabricksGcpServiceAccount: &databricks.MetastoreDataAccessDatabricksGcpServiceAccountArgs{
		CredentialId: pulumi.String("string"),
		Email:        pulumi.String("string"),
	},
	ForceDestroy: pulumi.Bool(false),
	ForceUpdate:  pulumi.Bool(false),
	GcpServiceAccountKey: &databricks.MetastoreDataAccessGcpServiceAccountKeyArgs{
		Email:        pulumi.String("string"),
		PrivateKey:   pulumi.String("string"),
		PrivateKeyId: pulumi.String("string"),
	},
	IsDefault:      pulumi.Bool(false),
	MetastoreId:    pulumi.String("string"),
	Name:           pulumi.String("string"),
	Owner:          pulumi.String("string"),
	ReadOnly:       pulumi.Bool(false),
	SkipValidation: pulumi.Bool(false),
})

    var metastoreDataAccessResource = new MetastoreDataAccess("metastoreDataAccessResource", MetastoreDataAccessArgs.builder()        
    .awsIamRole(MetastoreDataAccessAwsIamRoleArgs.builder()
        .roleArn("string")
        .externalId("string")
        .unityCatalogIamArn("string")
        .build())
    .azureManagedIdentity(MetastoreDataAccessAzureManagedIdentityArgs.builder()
        .accessConnectorId("string")
        .credentialId("string")
        .managedIdentityId("string")
        .build())
    .azureServicePrincipal(MetastoreDataAccessAzureServicePrincipalArgs.builder()
        .applicationId("string")
        .clientSecret("string")
        .directoryId("string")
        .build())
    .comment("string")
    .databricksGcpServiceAccount(MetastoreDataAccessDatabricksGcpServiceAccountArgs.builder()
        .credentialId("string")
        .email("string")
        .build())
    .forceDestroy(false)
    .forceUpdate(false)
    .gcpServiceAccountKey(MetastoreDataAccessGcpServiceAccountKeyArgs.builder()
        .email("string")
        .privateKey("string")
        .privateKeyId("string")
        .build())
    .isDefault(false)
    .metastoreId("string")
    .name("string")
    .owner("string")
    .readOnly(false)
    .skipValidation(false)
    .build());

    metastore_data_access_resource = databricks.MetastoreDataAccess("metastoreDataAccessResource",
    aws_iam_role=databricks.MetastoreDataAccessAwsIamRoleArgs(
        role_arn="string",
        external_id="string",
        unity_catalog_iam_arn="string",
    ),
    azure_managed_identity=databricks.MetastoreDataAccessAzureManagedIdentityArgs(
        access_connector_id="string",
        credential_id="string",
        managed_identity_id="string",
    ),
    azure_service_principal=databricks.MetastoreDataAccessAzureServicePrincipalArgs(
        application_id="string",
        client_secret="string",
        directory_id="string",
    ),
    comment="string",
    databricks_gcp_service_account=databricks.MetastoreDataAccessDatabricksGcpServiceAccountArgs(
        credential_id="string",
        email="string",
    ),
    force_destroy=False,
    force_update=False,
    gcp_service_account_key=databricks.MetastoreDataAccessGcpServiceAccountKeyArgs(
        email="string",
        private_key="string",
        private_key_id="string",
    ),
    is_default=False,
    metastore_id="string",
    name="string",
    owner="string",
    read_only=False,
    skip_validation=False)

    const metastoreDataAccessResource = new databricks.MetastoreDataAccess("metastoreDataAccessResource", {
    awsIamRole: {
        roleArn: "string",
        externalId: "string",
        unityCatalogIamArn: "string",
    },
    azureManagedIdentity: {
        accessConnectorId: "string",
        credentialId: "string",
        managedIdentityId: "string",
    },
    azureServicePrincipal: {
        applicationId: "string",
        clientSecret: "string",
        directoryId: "string",
    },
    comment: "string",
    databricksGcpServiceAccount: {
        credentialId: "string",
        email: "string",
    },
    forceDestroy: false,
    forceUpdate: false,
    gcpServiceAccountKey: {
        email: "string",
        privateKey: "string",
        privateKeyId: "string",
    },
    isDefault: false,
    metastoreId: "string",
    name: "string",
    owner: "string",
    readOnly: false,
    skipValidation: false,
});

    type: databricks:MetastoreDataAccess
properties:
    awsIamRole:
        externalId: string
        roleArn: string
        unityCatalogIamArn: string
    azureManagedIdentity:
        accessConnectorId: string
        credentialId: string
        managedIdentityId: string
    azureServicePrincipal:
        applicationId: string
        clientSecret: string
        directoryId: string
    comment: string
    databricksGcpServiceAccount:
        credentialId: string
        email: string
    forceDestroy: false
    forceUpdate: false
    gcpServiceAccountKey:
        email: string
        privateKey: string
        privateKeyId: string
    isDefault: false
    metastoreId: string
    name: string
    owner: string
    readOnly: false
    skipValidation: false

    MetastoreDataAccess Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The MetastoreDataAccess resource accepts the following input properties:

    awsIamRole Property Map
    azureManagedIdentity Property Map
    azureServicePrincipal Property Map
    comment String
    databricksGcpServiceAccount Property Map
    forceDestroy Boolean
    forceUpdate Boolean
    gcpServiceAccountKey Property Map
    isDefault Boolean
    whether to set this credential as the default for the metastore. In practice, this should always be true.
    metastoreId String
    name String
    owner String
    readOnly Boolean
    skipValidation Boolean

    Outputs

    All input properties are implicitly available as output properties. Additionally, the MetastoreDataAccess resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing MetastoreDataAccess Resource

    Get an existing MetastoreDataAccess resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: MetastoreDataAccessState, opts?: CustomResourceOptions): MetastoreDataAccess
    @staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        aws_iam_role: Optional[MetastoreDataAccessAwsIamRoleArgs] = None,
        azure_managed_identity: Optional[MetastoreDataAccessAzureManagedIdentityArgs] = None,
        azure_service_principal: Optional[MetastoreDataAccessAzureServicePrincipalArgs] = None,
        comment: Optional[str] = None,
        databricks_gcp_service_account: Optional[MetastoreDataAccessDatabricksGcpServiceAccountArgs] = None,
        force_destroy: Optional[bool] = None,
        force_update: Optional[bool] = None,
        gcp_service_account_key: Optional[MetastoreDataAccessGcpServiceAccountKeyArgs] = None,
        is_default: Optional[bool] = None,
        metastore_id: Optional[str] = None,
        name: Optional[str] = None,
        owner: Optional[str] = None,
        read_only: Optional[bool] = None,
        skip_validation: Optional[bool] = None) -> MetastoreDataAccess
    func GetMetastoreDataAccess(ctx *Context, name string, id IDInput, state *MetastoreDataAccessState, opts ...ResourceOption) (*MetastoreDataAccess, error)
    public static MetastoreDataAccess Get(string name, Input<string> id, MetastoreDataAccessState? state, CustomResourceOptions? opts = null)
    public static MetastoreDataAccess get(String name, Output<String> id, MetastoreDataAccessState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    awsIamRole Property Map
    azureManagedIdentity Property Map
    azureServicePrincipal Property Map
    comment String
    databricksGcpServiceAccount Property Map
    forceDestroy Boolean
    forceUpdate Boolean
    gcpServiceAccountKey Property Map
    isDefault Boolean
    whether to set this credential as the default for the metastore. In practice, this should always be true.
    metastoreId String
    name String
    owner String
    readOnly Boolean
    skipValidation Boolean

    Supporting Types

    MetastoreDataAccessAwsIamRole, MetastoreDataAccessAwsIamRoleArgs

    MetastoreDataAccessAzureManagedIdentity, MetastoreDataAccessAzureManagedIdentityArgs

    MetastoreDataAccessAzureServicePrincipal, MetastoreDataAccessAzureServicePrincipalArgs

    MetastoreDataAccessDatabricksGcpServiceAccount, MetastoreDataAccessDatabricksGcpServiceAccountArgs

    CredentialId string
    Email string
    CredentialId string
    Email string
    credentialId String
    email String
    credentialId string
    email string
    credentialId String
    email String

    MetastoreDataAccessGcpServiceAccountKey, MetastoreDataAccessGcpServiceAccountKeyArgs

    Email string
    PrivateKey string
    PrivateKeyId string
    Email string
    PrivateKey string
    PrivateKeyId string
    email String
    privateKey String
    privateKeyId String
    email string
    privateKey string
    privateKeyId string
    email String
    privateKey String
    privateKeyId String

    Import

    This resource can be imported by combination of metastore id and the data access name.

    bash

    $ pulumi import databricks:index/metastoreDataAccess:MetastoreDataAccess this '<metastore_id>|<name>'

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    databricks pulumi/pulumi-databricks
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the databricks Terraform Provider.
    databricks logo
    Databricks v1.37.0 published on Thursday, Apr 25, 2024 by Pulumi
    pulumi/pulumi-databricks