Viewing docs for Databricks v0.4.0 (Older version)
published on Monday, Mar 9, 2026 by Pulumi
published on Monday, Mar 9, 2026 by Pulumi
Viewing docs for Databricks v0.4.0 (Older version)
published on Monday, Mar 9, 2026 by Pulumi
published on Monday, Mar 9, 2026 by Pulumi
Related Resources
The following resources are used in the same context:
- Provisioning Databricks on AWS guide.
- databricks.MwsCustomerManagedKeys to configure KMS keys for new workspaces within AWS.
- databricks.MwsLogDelivery to configure delivery of billable usage logs and audit logs.
- databricks.MwsNetworks to configure VPC & subnets for new workspaces within AWS.
- databricks.MwsStorageConfigurations to configure root bucket new workspaces within AWS.
- databricks.MwsWorkspaces to set up workspaces in E2 architecture on AWS.
Example Usage
Note
using Pulumi;
using Aws = Pulumi.Aws;
using Databricks = Pulumi.Databricks;
class MyStack : Stack
{
public MyStack()
{
var config = new Config();
var databricksAccountId = config.RequireObject<dynamic>("databricksAccountId");
var thisAwsAssumeRolePolicy = Output.Create(Databricks.GetAwsAssumeRolePolicy.InvokeAsync(new Databricks.GetAwsAssumeRolePolicyArgs
{
ExternalId = databricksAccountId,
}));
var crossAccountRole = new Aws.Iam.Role("crossAccountRole", new Aws.Iam.RoleArgs
{
AssumeRolePolicy = thisAwsAssumeRolePolicy.Apply(thisAwsAssumeRolePolicy => thisAwsAssumeRolePolicy.Json),
Tags = @var.Tags,
});
var thisAwsCrossAccountPolicy = Output.Create(Databricks.GetAwsCrossAccountPolicy.InvokeAsync());
var thisRolePolicy = new Aws.Iam.RolePolicy("thisRolePolicy", new Aws.Iam.RolePolicyArgs
{
Role = crossAccountRole.Id,
Policy = thisAwsCrossAccountPolicy.Apply(thisAwsCrossAccountPolicy => thisAwsCrossAccountPolicy.Json),
});
var thisMwsCredentials = new Databricks.MwsCredentials("thisMwsCredentials", new Databricks.MwsCredentialsArgs
{
AccountId = databricksAccountId,
CredentialsName = $"{local.Prefix}-creds",
RoleArn = crossAccountRole.Arn,
}, new CustomResourceOptions
{
Provider = databricks.Mws,
});
}
}
package main
import (
"fmt"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi-databricks/sdk/go/databricks"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
databricksAccountId := cfg.RequireObject("databricksAccountId")
thisAwsAssumeRolePolicy, err := databricks.GetAwsAssumeRolePolicy(ctx, &GetAwsAssumeRolePolicyArgs{
ExternalId: databricksAccountId,
}, nil)
if err != nil {
return err
}
crossAccountRole, err := iam.NewRole(ctx, "crossAccountRole", &iam.RoleArgs{
AssumeRolePolicy: pulumi.String(thisAwsAssumeRolePolicy.Json),
Tags: pulumi.Any(_var.Tags),
})
if err != nil {
return err
}
thisAwsCrossAccountPolicy, err := databricks.GetAwsCrossAccountPolicy(ctx, nil, nil)
if err != nil {
return err
}
_, err = iam.NewRolePolicy(ctx, "thisRolePolicy", &iam.RolePolicyArgs{
Role: crossAccountRole.ID(),
Policy: pulumi.String(thisAwsCrossAccountPolicy.Json),
})
if err != nil {
return err
}
_, err = databricks.NewMwsCredentials(ctx, "thisMwsCredentials", &databricks.MwsCredentialsArgs{
AccountId: pulumi.Any(databricksAccountId),
CredentialsName: pulumi.String(fmt.Sprintf("%v%v", local.Prefix, "-creds")),
RoleArn: crossAccountRole.Arn,
}, pulumi.Provider(databricks.Mws))
if err != nil {
return err
}
return nil
})
}
Example coming soon!
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as databricks from "@pulumi/databricks";
const config = new pulumi.Config();
const databricksAccountId = config.requireObject("databricksAccountId");
const thisAwsAssumeRolePolicy = databricks.getAwsAssumeRolePolicy({
externalId: databricksAccountId,
});
const crossAccountRole = new aws.iam.Role("crossAccountRole", {
assumeRolePolicy: thisAwsAssumeRolePolicy.then(thisAwsAssumeRolePolicy => thisAwsAssumeRolePolicy.json),
tags: _var.tags,
});
const thisAwsCrossAccountPolicy = databricks.getAwsCrossAccountPolicy({});
const thisRolePolicy = new aws.iam.RolePolicy("thisRolePolicy", {
role: crossAccountRole.id,
policy: thisAwsCrossAccountPolicy.then(thisAwsCrossAccountPolicy => thisAwsCrossAccountPolicy.json),
});
const thisMwsCredentials = new databricks.MwsCredentials("thisMwsCredentials", {
accountId: databricksAccountId,
credentialsName: `${local.prefix}-creds`,
roleArn: crossAccountRole.arn,
}, {
provider: databricks.mws,
});
import pulumi
import pulumi_aws as aws
import pulumi_databricks as databricks
config = pulumi.Config()
databricks_account_id = config.require_object("databricksAccountId")
this_aws_assume_role_policy = databricks.get_aws_assume_role_policy(external_id=databricks_account_id)
cross_account_role = aws.iam.Role("crossAccountRole",
assume_role_policy=this_aws_assume_role_policy.json,
tags=var["tags"])
this_aws_cross_account_policy = databricks.get_aws_cross_account_policy()
this_role_policy = aws.iam.RolePolicy("thisRolePolicy",
role=cross_account_role.id,
policy=this_aws_cross_account_policy.json)
this_mws_credentials = databricks.MwsCredentials("thisMwsCredentials",
account_id=databricks_account_id,
credentials_name=f"{local['prefix']}-creds",
role_arn=cross_account_role.arn,
opts=pulumi.ResourceOptions(provider=databricks["mws"]))
Example coming soon!
Create MwsCredentials Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new MwsCredentials(name: string, args: MwsCredentialsArgs, opts?: CustomResourceOptions);@overload
def MwsCredentials(resource_name: str,
args: MwsCredentialsArgs,
opts: Optional[ResourceOptions] = None)
@overload
def MwsCredentials(resource_name: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
credentials_name: Optional[str] = None,
role_arn: Optional[str] = None)func NewMwsCredentials(ctx *Context, name string, args MwsCredentialsArgs, opts ...ResourceOption) (*MwsCredentials, error)public MwsCredentials(string name, MwsCredentialsArgs args, CustomResourceOptions? opts = null)
public MwsCredentials(String name, MwsCredentialsArgs args)
public MwsCredentials(String name, MwsCredentialsArgs args, CustomResourceOptions options)
type: databricks:MwsCredentials
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args MwsCredentialsArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args MwsCredentialsArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args MwsCredentialsArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args MwsCredentialsArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args MwsCredentialsArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var mwsCredentialsResource = new Databricks.MwsCredentials("mwsCredentialsResource", new()
{
AccountId = "string",
CredentialsName = "string",
RoleArn = "string",
});
example, err := databricks.NewMwsCredentials(ctx, "mwsCredentialsResource", &databricks.MwsCredentialsArgs{
AccountId: pulumi.String("string"),
CredentialsName: pulumi.String("string"),
RoleArn: pulumi.String("string"),
})
var mwsCredentialsResource = new MwsCredentials("mwsCredentialsResource", MwsCredentialsArgs.builder()
.accountId("string")
.credentialsName("string")
.roleArn("string")
.build());
mws_credentials_resource = databricks.MwsCredentials("mwsCredentialsResource",
account_id="string",
credentials_name="string",
role_arn="string")
const mwsCredentialsResource = new databricks.MwsCredentials("mwsCredentialsResource", {
accountId: "string",
credentialsName: "string",
roleArn: "string",
});
type: databricks:MwsCredentials
properties:
accountId: string
credentialsName: string
roleArn: string
MwsCredentials Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The MwsCredentials resource accepts the following input properties:
- Account
Id string - Account Id that could be found in the bottom left corner of Accounts Console
- Credentials
Name string - name of credentials to register
- Role
Arn string - ARN of cross-account role
- Account
Id string - Account Id that could be found in the bottom left corner of Accounts Console
- Credentials
Name string - name of credentials to register
- Role
Arn string - ARN of cross-account role
- account
Id String - Account Id that could be found in the bottom left corner of Accounts Console
- credentials
Name String - name of credentials to register
- role
Arn String - ARN of cross-account role
- account
Id string - Account Id that could be found in the bottom left corner of Accounts Console
- credentials
Name string - name of credentials to register
- role
Arn string - ARN of cross-account role
- account_
id str - Account Id that could be found in the bottom left corner of Accounts Console
- credentials_
name str - name of credentials to register
- role_
arn str - ARN of cross-account role
- account
Id String - Account Id that could be found in the bottom left corner of Accounts Console
- credentials
Name String - name of credentials to register
- role
Arn String - ARN of cross-account role
Outputs
All input properties are implicitly available as output properties. Additionally, the MwsCredentials resource produces the following output properties:
- Creation
Time int - (Integer) time of credentials registration
- Credentials
Id string - (String) identifier of credentials
- External
Id string - Id string
- The provider-assigned unique ID for this managed resource.
- Creation
Time int - (Integer) time of credentials registration
- Credentials
Id string - (String) identifier of credentials
- External
Id string - Id string
- The provider-assigned unique ID for this managed resource.
- creation
Time Integer - (Integer) time of credentials registration
- credentials
Id String - (String) identifier of credentials
- external
Id String - id String
- The provider-assigned unique ID for this managed resource.
- creation
Time number - (Integer) time of credentials registration
- credentials
Id string - (String) identifier of credentials
- external
Id string - id string
- The provider-assigned unique ID for this managed resource.
- creation_
time int - (Integer) time of credentials registration
- credentials_
id str - (String) identifier of credentials
- external_
id str - id str
- The provider-assigned unique ID for this managed resource.
- creation
Time Number - (Integer) time of credentials registration
- credentials
Id String - (String) identifier of credentials
- external
Id String - id String
- The provider-assigned unique ID for this managed resource.
Look up Existing MwsCredentials Resource
Get an existing MwsCredentials resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: MwsCredentialsState, opts?: CustomResourceOptions): MwsCredentials@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
creation_time: Optional[int] = None,
credentials_id: Optional[str] = None,
credentials_name: Optional[str] = None,
external_id: Optional[str] = None,
role_arn: Optional[str] = None) -> MwsCredentialsfunc GetMwsCredentials(ctx *Context, name string, id IDInput, state *MwsCredentialsState, opts ...ResourceOption) (*MwsCredentials, error)public static MwsCredentials Get(string name, Input<string> id, MwsCredentialsState? state, CustomResourceOptions? opts = null)public static MwsCredentials get(String name, Output<String> id, MwsCredentialsState state, CustomResourceOptions options)resources: _: type: databricks:MwsCredentials get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Id string - Account Id that could be found in the bottom left corner of Accounts Console
- Creation
Time int - (Integer) time of credentials registration
- Credentials
Id string - (String) identifier of credentials
- Credentials
Name string - name of credentials to register
- External
Id string - Role
Arn string - ARN of cross-account role
- Account
Id string - Account Id that could be found in the bottom left corner of Accounts Console
- Creation
Time int - (Integer) time of credentials registration
- Credentials
Id string - (String) identifier of credentials
- Credentials
Name string - name of credentials to register
- External
Id string - Role
Arn string - ARN of cross-account role
- account
Id String - Account Id that could be found in the bottom left corner of Accounts Console
- creation
Time Integer - (Integer) time of credentials registration
- credentials
Id String - (String) identifier of credentials
- credentials
Name String - name of credentials to register
- external
Id String - role
Arn String - ARN of cross-account role
- account
Id string - Account Id that could be found in the bottom left corner of Accounts Console
- creation
Time number - (Integer) time of credentials registration
- credentials
Id string - (String) identifier of credentials
- credentials
Name string - name of credentials to register
- external
Id string - role
Arn string - ARN of cross-account role
- account_
id str - Account Id that could be found in the bottom left corner of Accounts Console
- creation_
time int - (Integer) time of credentials registration
- credentials_
id str - (String) identifier of credentials
- credentials_
name str - name of credentials to register
- external_
id str - role_
arn str - ARN of cross-account role
- account
Id String - Account Id that could be found in the bottom left corner of Accounts Console
- creation
Time Number - (Integer) time of credentials registration
- credentials
Id String - (String) identifier of credentials
- credentials
Name String - name of credentials to register
- external
Id String - role
Arn String - ARN of cross-account role
Import
-> Note Importing this resource is not currently supported.
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- databricks pulumi/pulumi-databricks
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
databricksTerraform Provider.
Viewing docs for Databricks v0.4.0 (Older version)
published on Monday, Mar 9, 2026 by Pulumi
published on Monday, Mar 9, 2026 by Pulumi
