UNPKG

@pulumi/databricks

Version:

A Pulumi package for creating and managing databricks cloud resources.

www.pulumi.com

pulumi/pulumi-databricks

166 lines (165 loc) 7.15 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
import * as pulumi from "@pulumi/pulumi"; import * as inputs from "./types/input"; import * as outputs from "./types/output"; /** * [![GA](https://img.shields.io/badge/Release_Stage-GA-green)](https://docs.databricks.com/aws/en/release-notes/release-types) * * Service principal federation policies allow automated workloads running outside of Databricks to access Databricks APIs without the need for Databricks secrets. Your application (workload) authenticates to Databricks as a Databricks service principal using tokens issued by the workload runtime, for example Github Actions. * * A service principal federation policy is associated with a service principal in your Databricks account, and specifies: * * The identity provider (or issuer) from which the service principal can authenticate. * * The workload identity (or subject) that is permitted to authenticate as the Databricks service principal. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as databricks from "@pulumi/databricks"; * * const _this = new databricks.ServicePrincipalFederationPolicy("this", { * servicePrincipalId: 1234, * policyId: "my-policy", * oidcPolicy: { * issuer: "https://myidp.example.com", * subjectClaim: "sub", * subject: "subject-in-token-from-myidp", * }, * }); * ``` * * ## Import * * As of Pulumi v1.5, resources can be imported through configuration. * * hcl * * import { * * id = "service_principal_id,policy_id" * * to = databricks_service_principal_federation_policy.this * * } * * If you are using an older version of Pulumi, import the resource using the `pulumi import` command as follows: * * ```sh * $ pulumi import databricks:index/servicePrincipalFederationPolicy:ServicePrincipalFederationPolicy this "service_principal_id,policy_id" * ``` */ export declare class ServicePrincipalFederationPolicy extends pulumi.CustomResource { /** * Get an existing ServicePrincipalFederationPolicy resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ServicePrincipalFederationPolicyState, opts?: pulumi.CustomResourceOptions): ServicePrincipalFederationPolicy; /** * Returns true if the given object is an instance of ServicePrincipalFederationPolicy. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is ServicePrincipalFederationPolicy; /** * (string) - Creation time of the federation policy */ readonly createTime: pulumi.Output<string>; /** * Description of the federation policy */ readonly description: pulumi.Output<string | undefined>; /** * (string) - Resource name for the federation policy. Example values include * `accounts/<account-id>/federationPolicies/my-federation-policy` for Account Federation Policies, and * `accounts/<account-id>/servicePrincipals/<service-principal-id>/federationPolicies/my-federation-policy` * for Service Principal Federation Policies. Typically an output parameter, which does not need to be * specified in create or update requests. If specified in a request, must match the value in the * request URL */ readonly name: pulumi.Output<string>; readonly oidcPolicy: pulumi.Output<outputs.ServicePrincipalFederationPolicyOidcPolicy | undefined>; /** * (string) - The ID of the federation policy. Output only */ readonly policyId: pulumi.Output<string>; /** * (integer) - The service principal ID that this federation policy applies to. Output only. Only set for service principal federation policies */ readonly servicePrincipalId: pulumi.Output<number>; /** * (string) - Unique, immutable id of the federation policy */ readonly uid: pulumi.Output<string>; /** * (string) - Last update time of the federation policy */ readonly updateTime: pulumi.Output<string>; /** * Create a ServicePrincipalFederationPolicy resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args?: ServicePrincipalFederationPolicyArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering ServicePrincipalFederationPolicy resources. */ export interface ServicePrincipalFederationPolicyState { /** * (string) - Creation time of the federation policy */ createTime?: pulumi.Input<string>; /** * Description of the federation policy */ description?: pulumi.Input<string>; /** * (string) - Resource name for the federation policy. Example values include * `accounts/<account-id>/federationPolicies/my-federation-policy` for Account Federation Policies, and * `accounts/<account-id>/servicePrincipals/<service-principal-id>/federationPolicies/my-federation-policy` * for Service Principal Federation Policies. Typically an output parameter, which does not need to be * specified in create or update requests. If specified in a request, must match the value in the * request URL */ name?: pulumi.Input<string>; oidcPolicy?: pulumi.Input<inputs.ServicePrincipalFederationPolicyOidcPolicy>; /** * (string) - The ID of the federation policy. Output only */ policyId?: pulumi.Input<string>; /** * (integer) - The service principal ID that this federation policy applies to. Output only. Only set for service principal federation policies */ servicePrincipalId?: pulumi.Input<number>; /** * (string) - Unique, immutable id of the federation policy */ uid?: pulumi.Input<string>; /** * (string) - Last update time of the federation policy */ updateTime?: pulumi.Input<string>; } /** * The set of arguments for constructing a ServicePrincipalFederationPolicy resource. */ export interface ServicePrincipalFederationPolicyArgs { /** * Description of the federation policy */ description?: pulumi.Input<string>; oidcPolicy?: pulumi.Input<inputs.ServicePrincipalFederationPolicyOidcPolicy>; /** * (string) - The ID of the federation policy. Output only */ policyId?: pulumi.Input<string>; /** * (integer) - The service principal ID that this federation policy applies to. Output only. Only set for service principal federation policies */ servicePrincipalId?: pulumi.Input<number>; }