Docs Home
Databricks v1.68.0 published on Friday, Apr 25, 2025 by Pulumi
databricks.MetastoreDataAccess
Explore with Pulumi AI
This resource can be used with an account or workspace-level provider.
Optionally, each databricks.Metastore can have a default databricks.StorageCredential defined as databricks.MetastoreDataAccess. This will be used by Unity Catalog to access data in the root storage location if defined.
Example Usage
For AWS
import * as pulumi from "@pulumi/pulumi";
import * as databricks from "@pulumi/databricks";
const _this = new databricks.Metastore("this", {
name: "primary",
storageRoot: `s3://${metastore.id}/metastore`,
owner: "uc admins",
region: "us-east-1",
forceDestroy: true,
});
const thisMetastoreDataAccess = new databricks.MetastoreDataAccess("this", {
metastoreId: _this.id,
name: metastoreDataAccess.name,
awsIamRole: {
roleArn: metastoreDataAccess.arn,
},
isDefault: true,
});
import pulumi
import pulumi_databricks as databricks
this = databricks.Metastore("this",
name="primary",
storage_root=f"s3://{metastore['id']}/metastore",
owner="uc admins",
region="us-east-1",
force_destroy=True)
this_metastore_data_access = databricks.MetastoreDataAccess("this",
metastore_id=this.id,
name=metastore_data_access["name"],
aws_iam_role={
"role_arn": metastore_data_access["arn"],
},
is_default=True)
package main
import (
"fmt"
"github.com/pulumi/pulumi-databricks/sdk/go/databricks"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
this, err := databricks.NewMetastore(ctx, "this", &databricks.MetastoreArgs{
Name: pulumi.String("primary"),
StorageRoot: pulumi.Sprintf("s3://%v/metastore", metastore.Id),
Owner: pulumi.String("uc admins"),
Region: pulumi.String("us-east-1"),
ForceDestroy: pulumi.Bool(true),
})
if err != nil {
return err
}
_, err = databricks.NewMetastoreDataAccess(ctx, "this", &databricks.MetastoreDataAccessArgs{
MetastoreId: this.ID(),
Name: pulumi.Any(metastoreDataAccess.Name),
AwsIamRole: &databricks.MetastoreDataAccessAwsIamRoleArgs{
RoleArn: pulumi.Any(metastoreDataAccess.Arn),
},
IsDefault: pulumi.Bool(true),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Databricks = Pulumi.Databricks;
return await Deployment.RunAsync(() =>
{
var @this = new Databricks.Metastore("this", new()
{
Name = "primary",
StorageRoot = $"s3://{metastore.Id}/metastore",
Owner = "uc admins",
Region = "us-east-1",
ForceDestroy = true,
});
var thisMetastoreDataAccess = new Databricks.MetastoreDataAccess("this", new()
{
MetastoreId = @this.Id,
Name = metastoreDataAccess.Name,
AwsIamRole = new Databricks.Inputs.MetastoreDataAccessAwsIamRoleArgs
{
RoleArn = metastoreDataAccess.Arn,
},
IsDefault = true,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.databricks.Metastore;
import com.pulumi.databricks.MetastoreArgs;
import com.pulumi.databricks.MetastoreDataAccess;
import com.pulumi.databricks.MetastoreDataAccessArgs;
import com.pulumi.databricks.inputs.MetastoreDataAccessAwsIamRoleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var this_ = new Metastore("this", MetastoreArgs.builder()
.name("primary")
.storageRoot(String.format("s3://%s/metastore", metastore.id()))
.owner("uc admins")
.region("us-east-1")
.forceDestroy(true)
.build());
var thisMetastoreDataAccess = new MetastoreDataAccess("thisMetastoreDataAccess", MetastoreDataAccessArgs.builder()
.metastoreId(this_.id())
.name(metastoreDataAccess.name())
.awsIamRole(MetastoreDataAccessAwsIamRoleArgs.builder()
.roleArn(metastoreDataAccess.arn())
.build())
.isDefault(true)
.build());
}
}
resources:
this:
type: databricks:Metastore
properties:
name: primary
storageRoot: s3://${metastore.id}/metastore
owner: uc admins
region: us-east-1
forceDestroy: true
thisMetastoreDataAccess:
type: databricks:MetastoreDataAccess
name: this
properties:
metastoreId: ${this.id}
name: ${metastoreDataAccess.name}
awsIamRole:
roleArn: ${metastoreDataAccess.arn}
isDefault: true
For Azure using managed identity as credential (recommended)
Create MetastoreDataAccess Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new MetastoreDataAccess(name: string, args?: MetastoreDataAccessArgs, opts?: CustomResourceOptions);@overload
def MetastoreDataAccess(resource_name: str,
args: Optional[MetastoreDataAccessArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def MetastoreDataAccess(resource_name: str,
opts: Optional[ResourceOptions] = None,
aws_iam_role: Optional[MetastoreDataAccessAwsIamRoleArgs] = None,
azure_managed_identity: Optional[MetastoreDataAccessAzureManagedIdentityArgs] = None,
azure_service_principal: Optional[MetastoreDataAccessAzureServicePrincipalArgs] = None,
cloudflare_api_token: Optional[MetastoreDataAccessCloudflareApiTokenArgs] = None,
comment: Optional[str] = None,
databricks_gcp_service_account: Optional[MetastoreDataAccessDatabricksGcpServiceAccountArgs] = None,
force_destroy: Optional[bool] = None,
force_update: Optional[bool] = None,
gcp_service_account_key: Optional[MetastoreDataAccessGcpServiceAccountKeyArgs] = None,
is_default: Optional[bool] = None,
isolation_mode: Optional[str] = None,
metastore_id: Optional[str] = None,
name: Optional[str] = None,
owner: Optional[str] = None,
read_only: Optional[bool] = None,
skip_validation: Optional[bool] = None)func NewMetastoreDataAccess(ctx *Context, name string, args *MetastoreDataAccessArgs, opts ...ResourceOption) (*MetastoreDataAccess, error)public MetastoreDataAccess(string name, MetastoreDataAccessArgs? args = null, CustomResourceOptions? opts = null)public MetastoreDataAccess(String name, MetastoreDataAccessArgs args)
public MetastoreDataAccess(String name, MetastoreDataAccessArgs args, CustomResourceOptions options)
type: databricks:MetastoreDataAccess
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args MetastoreDataAccessArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args MetastoreDataAccessArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args MetastoreDataAccessArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args MetastoreDataAccessArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. MetastoreDataAccessArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var metastoreDataAccessResource = new Databricks.MetastoreDataAccess("metastoreDataAccessResource", new()
{
AwsIamRole = new Databricks.Inputs.MetastoreDataAccessAwsIamRoleArgs
{
RoleArn = "string",
ExternalId = "string",
UnityCatalogIamArn = "string",
},
AzureManagedIdentity = new Databricks.Inputs.MetastoreDataAccessAzureManagedIdentityArgs
{
AccessConnectorId = "string",
CredentialId = "string",
ManagedIdentityId = "string",
},
AzureServicePrincipal = new Databricks.Inputs.MetastoreDataAccessAzureServicePrincipalArgs
{
ApplicationId = "string",
ClientSecret = "string",
DirectoryId = "string",
},
CloudflareApiToken = new Databricks.Inputs.MetastoreDataAccessCloudflareApiTokenArgs
{
AccessKeyId = "string",
AccountId = "string",
SecretAccessKey = "string",
},
Comment = "string",
DatabricksGcpServiceAccount = new Databricks.Inputs.MetastoreDataAccessDatabricksGcpServiceAccountArgs
{
CredentialId = "string",
Email = "string",
},
ForceDestroy = false,
ForceUpdate = false,
GcpServiceAccountKey = new Databricks.Inputs.MetastoreDataAccessGcpServiceAccountKeyArgs
{
Email = "string",
PrivateKey = "string",
PrivateKeyId = "string",
},
IsDefault = false,
IsolationMode = "string",
MetastoreId = "string",
Name = "string",
Owner = "string",
ReadOnly = false,
SkipValidation = false,
});
example, err := databricks.NewMetastoreDataAccess(ctx, "metastoreDataAccessResource", &databricks.MetastoreDataAccessArgs{
AwsIamRole: &databricks.MetastoreDataAccessAwsIamRoleArgs{
RoleArn: pulumi.String("string"),
ExternalId: pulumi.String("string"),
UnityCatalogIamArn: pulumi.String("string"),
},
AzureManagedIdentity: &databricks.MetastoreDataAccessAzureManagedIdentityArgs{
AccessConnectorId: pulumi.String("string"),
CredentialId: pulumi.String("string"),
ManagedIdentityId: pulumi.String("string"),
},
AzureServicePrincipal: &databricks.MetastoreDataAccessAzureServicePrincipalArgs{
ApplicationId: pulumi.String("string"),
ClientSecret: pulumi.String("string"),
DirectoryId: pulumi.String("string"),
},
CloudflareApiToken: &databricks.MetastoreDataAccessCloudflareApiTokenArgs{
AccessKeyId: pulumi.String("string"),
AccountId: pulumi.String("string"),
SecretAccessKey: pulumi.String("string"),
},
Comment: pulumi.String("string"),
DatabricksGcpServiceAccount: &databricks.MetastoreDataAccessDatabricksGcpServiceAccountArgs{
CredentialId: pulumi.String("string"),
Email: pulumi.String("string"),
},
ForceDestroy: pulumi.Bool(false),
ForceUpdate: pulumi.Bool(false),
GcpServiceAccountKey: &databricks.MetastoreDataAccessGcpServiceAccountKeyArgs{
Email: pulumi.String("string"),
PrivateKey: pulumi.String("string"),
PrivateKeyId: pulumi.String("string"),
},
IsDefault: pulumi.Bool(false),
IsolationMode: pulumi.String("string"),
MetastoreId: pulumi.String("string"),
Name: pulumi.String("string"),
Owner: pulumi.String("string"),
ReadOnly: pulumi.Bool(false),
SkipValidation: pulumi.Bool(false),
})
var metastoreDataAccessResource = new MetastoreDataAccess("metastoreDataAccessResource", MetastoreDataAccessArgs.builder()
.awsIamRole(MetastoreDataAccessAwsIamRoleArgs.builder()
.roleArn("string")
.externalId("string")
.unityCatalogIamArn("string")
.build())
.azureManagedIdentity(MetastoreDataAccessAzureManagedIdentityArgs.builder()
.accessConnectorId("string")
.credentialId("string")
.managedIdentityId("string")
.build())
.azureServicePrincipal(MetastoreDataAccessAzureServicePrincipalArgs.builder()
.applicationId("string")
.clientSecret("string")
.directoryId("string")
.build())
.cloudflareApiToken(MetastoreDataAccessCloudflareApiTokenArgs.builder()
.accessKeyId("string")
.accountId("string")
.secretAccessKey("string")
.build())
.comment("string")
.databricksGcpServiceAccount(MetastoreDataAccessDatabricksGcpServiceAccountArgs.builder()
.credentialId("string")
.email("string")
.build())
.forceDestroy(false)
.forceUpdate(false)
.gcpServiceAccountKey(MetastoreDataAccessGcpServiceAccountKeyArgs.builder()
.email("string")
.privateKey("string")
.privateKeyId("string")
.build())
.isDefault(false)
.isolationMode("string")
.metastoreId("string")
.name("string")
.owner("string")
.readOnly(false)
.skipValidation(false)
.build());
metastore_data_access_resource = databricks.MetastoreDataAccess("metastoreDataAccessResource",
aws_iam_role={
"role_arn": "string",
"external_id": "string",
"unity_catalog_iam_arn": "string",
},
azure_managed_identity={
"access_connector_id": "string",
"credential_id": "string",
"managed_identity_id": "string",
},
azure_service_principal={
"application_id": "string",
"client_secret": "string",
"directory_id": "string",
},
cloudflare_api_token={
"access_key_id": "string",
"account_id": "string",
"secret_access_key": "string",
},
comment="string",
databricks_gcp_service_account={
"credential_id": "string",
"email": "string",
},
force_destroy=False,
force_update=False,
gcp_service_account_key={
"email": "string",
"private_key": "string",
"private_key_id": "string",
},
is_default=False,
isolation_mode="string",
metastore_id="string",
name="string",
owner="string",
read_only=False,
skip_validation=False)
const metastoreDataAccessResource = new databricks.MetastoreDataAccess("metastoreDataAccessResource", {
awsIamRole: {
roleArn: "string",
externalId: "string",
unityCatalogIamArn: "string",
},
azureManagedIdentity: {
accessConnectorId: "string",
credentialId: "string",
managedIdentityId: "string",
},
azureServicePrincipal: {
applicationId: "string",
clientSecret: "string",
directoryId: "string",
},
cloudflareApiToken: {
accessKeyId: "string",
accountId: "string",
secretAccessKey: "string",
},
comment: "string",
databricksGcpServiceAccount: {
credentialId: "string",
email: "string",
},
forceDestroy: false,
forceUpdate: false,
gcpServiceAccountKey: {
email: "string",
privateKey: "string",
privateKeyId: "string",
},
isDefault: false,
isolationMode: "string",
metastoreId: "string",
name: "string",
owner: "string",
readOnly: false,
skipValidation: false,
});
type: databricks:MetastoreDataAccess
properties:
awsIamRole:
externalId: string
roleArn: string
unityCatalogIamArn: string
azureManagedIdentity:
accessConnectorId: string
credentialId: string
managedIdentityId: string
azureServicePrincipal:
applicationId: string
clientSecret: string
directoryId: string
cloudflareApiToken:
accessKeyId: string
accountId: string
secretAccessKey: string
comment: string
databricksGcpServiceAccount:
credentialId: string
email: string
forceDestroy: false
forceUpdate: false
gcpServiceAccountKey:
email: string
privateKey: string
privateKeyId: string
isDefault: false
isolationMode: string
metastoreId: string
name: string
owner: string
readOnly: false
skipValidation: false
MetastoreDataAccess Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The MetastoreDataAccess resource accepts the following input properties:
- Aws
Iam Role 
Changes to this property will trigger replacement.Data Access Aws Iam Role - Azure
Managed Identity Data Access Azure Managed Identity - Azure
Service Principal Data Access Azure Service Principal - Cloudflare
Api Token Data Access Cloudflare Api Token - Comment
- Databricks
Gcp MetastoreService Account Data Access Databricks Gcp Service Account - Force
Destroy - Force
Update - Gcp
Service Account Key Data Access Gcp Service Account Key - Is
Default - whether to set this credential as the default for the metastore. In practice, this should always be true.
- Isolation
Mode string - Metastore
Id string - Name
- Owner string
- Read
Only - Skip
Validation
- Aws
Iam Role Data Access Aws Iam Role Args - Azure
Managed Identity Data Access Azure Managed Identity Args - Azure
Service Principal Data Access Azure Service Principal Args - Cloudflare
Api Token Data Access Cloudflare Api Token Args - Comment
- Databricks
Gcp MetastoreService Account Data Access Databricks Gcp Service Account Args - Force
Destroy - Force
Update - Gcp
Service Account Key Data Access Gcp Service Account Key Args - Is
Default - whether to set this credential as the default for the metastore. In practice, this should always be true.
- Isolation
Mode string - Metastore
Id string - Name
- Owner string
- Read
Only - Skip
Validation
- aws
Iam Role Data Access Aws Iam Role - azure
Managed Identity Data Access Azure Managed Identity - azure
Service Principal Data Access Azure Service Principal - cloudflare
Api Token Data Access Cloudflare Api Token - comment
- databricks
Gcp MetastoreService Account Data Access Databricks Gcp Service Account - force
Destroy - force
Update - gcp
Service Account Key Data Access Gcp Service Account Key - is
Default - whether to set this credential as the default for the metastore. In practice, this should always be true.
- isolation
Mode String - metastore
Id String - name
- owner String
- read
Only - skip
Validation
- aws
Iam Role Data Access Aws Iam Role - azure
Managed Identity Data Access Azure Managed Identity - azure
Service Principal Data Access Azure Service Principal - cloudflare
Api Token Data Access Cloudflare Api Token - comment
- databricks
Gcp MetastoreService Account Data Access Databricks Gcp Service Account - force
Destroy - force
Update - gcp
Service Account Key Data Access Gcp Service Account Key - is
Default - whether to set this credential as the default for the metastore. In practice, this should always be true.
- isolation
Mode string - metastore
Id string - name
- owner string
- read
Only - skip
Validation
- aws_
iam_ role Data Access Aws Iam Role Args - azure_
managed_ identity Data Access Azure Managed Identity Args - azure_
service_ principal Data Access Azure Service Principal Args - cloudflare_
api_ token Data Access Cloudflare Api Token Args - comment
- databricks_
gcp_ Metastoreservice_ account Data Access Databricks Gcp Service Account Args - force_
destroy - force_
update - gcp_
service_ account_ key Data Access Gcp Service Account Key Args - is_
default - whether to set this credential as the default for the metastore. In practice, this should always be true.
- isolation_
mode str - metastore_
id str - name
- owner str
- read_
only - skip_
validation
- aws
Iam Role - azure
Managed Identity - azure
Service Principal - cloudflare
Api Token - comment
- databricks
Gcp Property MapService Account - force
Destroy - force
Update - gcp
Service Account Key - is
Default - whether to set this credential as the default for the metastore. In practice, this should always be true.
- isolation
Mode String - metastore
Id String - name
- owner String
- read
Only - skip
Validation
Outputs
All input properties are implicitly available as output properties. Additionally, the MetastoreDataAccess resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing MetastoreDataAccess Resource
Get an existing MetastoreDataAccess resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: MetastoreDataAccessState, opts?: CustomResourceOptions): MetastoreDataAccess@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
aws_iam_role: Optional[MetastoreDataAccessAwsIamRoleArgs] = None,
azure_managed_identity: Optional[MetastoreDataAccessAzureManagedIdentityArgs] = None,
azure_service_principal: Optional[MetastoreDataAccessAzureServicePrincipalArgs] = None,
cloudflare_api_token: Optional[MetastoreDataAccessCloudflareApiTokenArgs] = None,
comment: Optional[str] = None,
databricks_gcp_service_account: Optional[MetastoreDataAccessDatabricksGcpServiceAccountArgs] = None,
force_destroy: Optional[bool] = None,
force_update: Optional[bool] = None,
gcp_service_account_key: Optional[MetastoreDataAccessGcpServiceAccountKeyArgs] = None,
is_default: Optional[bool] = None,
isolation_mode: Optional[str] = None,
metastore_id: Optional[str] = None,
name: Optional[str] = None,
owner: Optional[str] = None,
read_only: Optional[bool] = None,
skip_validation: Optional[bool] = None) -> MetastoreDataAccessfunc GetMetastoreDataAccess(ctx *Context, name string, id IDInput, state *MetastoreDataAccessState, opts ...ResourceOption) (*MetastoreDataAccess, error)public static MetastoreDataAccess Get(string name, Input<string> id, MetastoreDataAccessState? state, CustomResourceOptions? opts = null)public static MetastoreDataAccess get(String name, Output<String> id, MetastoreDataAccessState state, CustomResourceOptions options)resources: _: type: databricks:MetastoreDataAccess get: id: ${id}- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
The following state arguments are supported:
- Aws
Iam Role Data Access Aws Iam Role - Azure
Managed Identity Data Access Azure Managed Identity - Azure
Service Principal Data Access Azure Service Principal - Cloudflare
Api Token Data Access Cloudflare Api Token - Comment
- Databricks
Gcp MetastoreService Account Data Access Databricks Gcp Service Account - Force
Destroy - Force
Update - Gcp
Service Account Key Data Access Gcp Service Account Key - Is
Default - whether to set this credential as the default for the metastore. In practice, this should always be true.
- Isolation
Mode string - Metastore
Id string - Name
- Owner string
- Read
Only - Skip
Validation
- Aws
Iam Role Data Access Aws Iam Role Args - Azure
Managed Identity Data Access Azure Managed Identity Args - Azure
Service Principal Data Access Azure Service Principal Args - Cloudflare
Api Token Data Access Cloudflare Api Token Args - Comment
- Databricks
Gcp MetastoreService Account Data Access Databricks Gcp Service Account Args - Force
Destroy - Force
Update - Gcp
Service Account Key Data Access Gcp Service Account Key Args - Is
Default - whether to set this credential as the default for the metastore. In practice, this should always be true.
- Isolation
Mode string - Metastore
Id string - Name
- Owner string
- Read
Only - Skip
Validation
- aws
Iam Role Data Access Aws Iam Role - azure
Managed Identity Data Access Azure Managed Identity - azure
Service Principal Data Access Azure Service Principal - cloudflare
Api Token Data Access Cloudflare Api Token - comment
- databricks
Gcp MetastoreService Account Data Access Databricks Gcp Service Account - force
Destroy - force
Update - gcp
Service Account Key Data Access Gcp Service Account Key - is
Default - whether to set this credential as the default for the metastore. In practice, this should always be true.
- isolation
Mode String - metastore
Id String - name
- owner String
- read
Only - skip
Validation
- aws
Iam Role Data Access Aws Iam Role - azure
Managed Identity Data Access Azure Managed Identity - azure
Service Principal Data Access Azure Service Principal - cloudflare
Api Token Data Access Cloudflare Api Token - comment
- databricks
Gcp MetastoreService Account Data Access Databricks Gcp Service Account - force
Destroy - force
Update - gcp
Service Account Key Data Access Gcp Service Account Key - is
Default - whether to set this credential as the default for the metastore. In practice, this should always be true.
- isolation
Mode string - metastore
Id string - name
- owner string
- read
Only - skip
Validation
- aws_
iam_ role Data Access Aws Iam Role Args - azure_
managed_ identity Data Access Azure Managed Identity Args - azure_
service_ principal Data Access Azure Service Principal Args - cloudflare_
api_ token Data Access Cloudflare Api Token Args - comment
- databricks_
gcp_ Metastoreservice_ account Data Access Databricks Gcp Service Account Args - force_
destroy - force_
update - gcp_
service_ account_ key Data Access Gcp Service Account Key Args - is_
default - whether to set this credential as the default for the metastore. In practice, this should always be true.
- isolation_
mode str - metastore_
id str - name
- owner str
- read_
only - skip_
validation
- aws
Iam Role - azure
Managed Identity - azure
Service Principal - cloudflare
Api Token - comment
- databricks
Gcp Property MapService Account - force
Destroy - force
Update - gcp
Service Account Key - is
Default - whether to set this credential as the default for the metastore. In practice, this should always be true.
- isolation
Mode String - metastore
Id String - name
- owner String
- read
Only - skip
Validation
Supporting Types
MetastoreDataAccessAwsIamRole, MetastoreDataAccessAwsIamRoleArgs
, MetastoreDataAccessAwsIamRoleArgs
- Role
Arn stringThis property is required. Changes to this property will trigger replacement. - External
Id string - Unity
Catalog stringIam Arn
- Role
Arn stringThis property is required. Changes to this property will trigger replacement. - External
Id string - Unity
Catalog stringIam Arn
- role
Arn StringThis property is required. Changes to this property will trigger replacement. - external
Id String - unity
Catalog StringIam Arn
- role
Arn stringThis property is required. Changes to this property will trigger replacement. - external
Id string - unity
Catalog stringIam Arn
- role_
arn strThis property is required. Changes to this property will trigger replacement. - external_
id str - unity_
catalog_ striam_ arn
- role
Arn StringThis property is required. Changes to this property will trigger replacement. - external
Id String - unity
Catalog StringIam Arn
MetastoreDataAccessAzureManagedIdentity, MetastoreDataAccessAzureManagedIdentityArgs
, MetastoreDataAccessAzureManagedIdentityArgs
- Access
Connector Id stringThis property is required. Changes to this property will trigger replacement. - Credential
Id string - Managed
Identity Id
- Access
Connector Id stringThis property is required. Changes to this property will trigger replacement. - Credential
Id string - Managed
Identity Id
- access
Connector Id StringThis property is required. Changes to this property will trigger replacement. - credential
Id String - managed
Identity Id
- access
Connector Id stringThis property is required. Changes to this property will trigger replacement. - credential
Id string - managed
Identity Id
- access_
connector_ id strThis property is required. Changes to this property will trigger replacement. - credential_
id str - managed_
identity_ id
- access
Connector Id StringThis property is required. Changes to this property will trigger replacement. - credential
Id String - managed
Identity Id
MetastoreDataAccessAzureServicePrincipal, MetastoreDataAccessAzureServicePrincipalArgs
, MetastoreDataAccessAzureServicePrincipalArgs
- Application
Id stringThis property is required. Changes to this property will trigger replacement. - Client
Secret stringThis property is required. Changes to this property will trigger replacement. - Directory
Id stringThis property is required. Changes to this property will trigger replacement.
- Application
Id stringThis property is required. Changes to this property will trigger replacement. - Client
Secret stringThis property is required. Changes to this property will trigger replacement. - Directory
Id stringThis property is required. Changes to this property will trigger replacement.
- application
Id StringThis property is required. Changes to this property will trigger replacement. - client
Secret StringThis property is required. Changes to this property will trigger replacement. - directory
Id StringThis property is required. Changes to this property will trigger replacement.
- application
Id stringThis property is required. Changes to this property will trigger replacement. - client
Secret stringThis property is required. Changes to this property will trigger replacement. - directory
Id stringThis property is required. Changes to this property will trigger replacement.
- application_
id strThis property is required. Changes to this property will trigger replacement. - client_
secret strThis property is required. Changes to this property will trigger replacement. - directory_
id strThis property is required. Changes to this property will trigger replacement.
- application
Id StringThis property is required. Changes to this property will trigger replacement. - client
Secret StringThis property is required. Changes to this property will trigger replacement. - directory
Id StringThis property is required. Changes to this property will trigger replacement.
MetastoreDataAccessCloudflareApiToken, MetastoreDataAccessCloudflareApiTokenArgs
, MetastoreDataAccessCloudflareApiTokenArgs
- Access
Key Id stringThis property is required. Changes to this property will trigger replacement. - Account
Id stringThis property is required. Changes to this property will trigger replacement. - Secret
Access Key stringThis property is required. Changes to this property will trigger replacement.
- Access
Key Id stringThis property is required. Changes to this property will trigger replacement. - Account
Id stringThis property is required. Changes to this property will trigger replacement. - Secret
Access Key stringThis property is required. Changes to this property will trigger replacement.
- access
Key Id StringThis property is required. Changes to this property will trigger replacement. - account
Id StringThis property is required. Changes to this property will trigger replacement. - secret
Access Key StringThis property is required. Changes to this property will trigger replacement.
- access
Key Id stringThis property is required. Changes to this property will trigger replacement. - account
Id stringThis property is required. Changes to this property will trigger replacement. - secret
Access Key stringThis property is required. Changes to this property will trigger replacement.
- access_
key_ id strThis property is required. Changes to this property will trigger replacement. - account_
id strThis property is required. Changes to this property will trigger replacement. - secret_
access_ key strThis property is required. Changes to this property will trigger replacement.
- access
Key Id StringThis property is required. Changes to this property will trigger replacement. - account
Id StringThis property is required. Changes to this property will trigger replacement. - secret
Access Key StringThis property is required. Changes to this property will trigger replacement.
MetastoreDataAccessDatabricksGcpServiceAccount, MetastoreDataAccessDatabricksGcpServiceAccountArgs
, MetastoreDataAccessDatabricksGcpServiceAccountArgs
- Credential
Id string - Email string
- Credential
Id string - Email string
- credential
Id String - email String
- credential
Id string - email string
- credential_
id str - email str
- credential
Id String - email String
MetastoreDataAccessGcpServiceAccountKey, MetastoreDataAccessGcpServiceAccountKeyArgs
, MetastoreDataAccessGcpServiceAccountKeyArgs
- Email
string
This property is required. Changes to this property will trigger replacement. - Private
Key stringThis property is required. Changes to this property will trigger replacement. - Private
Key Id stringThis property is required. Changes to this property will trigger replacement.
- Email
string
This property is required. Changes to this property will trigger replacement. - Private
Key stringThis property is required. Changes to this property will trigger replacement. - Private
Key Id stringThis property is required. Changes to this property will trigger replacement.
- email
String
This property is required. Changes to this property will trigger replacement. - private
Key StringThis property is required. Changes to this property will trigger replacement. - private
Key Id StringThis property is required. Changes to this property will trigger replacement.
- email
string
This property is required. Changes to this property will trigger replacement. - private
Key stringThis property is required. Changes to this property will trigger replacement. - private
Key Id stringThis property is required. Changes to this property will trigger replacement.
- email
str
This property is required. Changes to this property will trigger replacement. - private_
key strThis property is required. Changes to this property will trigger replacement. - private_
key_ id strThis property is required. Changes to this property will trigger replacement.
- email
String
This property is required. Changes to this property will trigger replacement. - private
Key StringThis property is required. Changes to this property will trigger replacement. - private
Key Id StringThis property is required. Changes to this property will trigger replacement.
Import
This resource can be imported by combination of metastore id and the data access name.
bash
$ pulumi import databricks:index/metastoreDataAccess:MetastoreDataAccess this '<metastore_id>|<name>'
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- databricks pulumi/pulumi-databricks
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
databricksTerraform Provider.