Databricks v1.78.0 published on Friday, Nov 7, 2025 by Pulumi
databricks.getAccountFederationPolicies
Start a Neo task
Explain and create a databricks.getAccountFederationPolicies resource
This data source can be used to fetch the list of account federation policies.
Note This data source can only be used with an account-level provider!
Example Usage
Getting a list of all account federation policies:
import * as pulumi from "@pulumi/pulumi";
import * as databricks from "@pulumi/databricks";
const all = databricks.getAccountFederationPolicies({});
import pulumi
import pulumi_databricks as databricks
all = databricks.get_account_federation_policies()
package main
import (
"github.com/pulumi/pulumi-databricks/sdk/go/databricks"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := databricks.GetAccountFederationPolicies(ctx, &databricks.GetAccountFederationPoliciesArgs{}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Databricks = Pulumi.Databricks;
return await Deployment.RunAsync(() =>
{
var all = Databricks.GetAccountFederationPolicies.Invoke();
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.databricks.DatabricksFunctions;
import com.pulumi.databricks.inputs.GetAccountFederationPoliciesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var all = DatabricksFunctions.getAccountFederationPolicies(GetAccountFederationPoliciesArgs.builder()
.build());
}
}
variables:
all:
fn::invoke:
function: databricks:getAccountFederationPolicies
arguments: {}
Using getAccountFederationPolicies
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getAccountFederationPolicies(args: GetAccountFederationPoliciesArgs, opts?: InvokeOptions): Promise<GetAccountFederationPoliciesResult>
function getAccountFederationPoliciesOutput(args: GetAccountFederationPoliciesOutputArgs, opts?: InvokeOptions): Output<GetAccountFederationPoliciesResult>def get_account_federation_policies(page_size: Optional[int] = None,
opts: Optional[InvokeOptions] = None) -> GetAccountFederationPoliciesResult
def get_account_federation_policies_output(page_size: Optional[pulumi.Input[int]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetAccountFederationPoliciesResult]func GetAccountFederationPolicies(ctx *Context, args *GetAccountFederationPoliciesArgs, opts ...InvokeOption) (*GetAccountFederationPoliciesResult, error)
func GetAccountFederationPoliciesOutput(ctx *Context, args *GetAccountFederationPoliciesOutputArgs, opts ...InvokeOption) GetAccountFederationPoliciesResultOutput> Note: This function is named GetAccountFederationPolicies in the Go SDK.
public static class GetAccountFederationPolicies
{
public static Task<GetAccountFederationPoliciesResult> InvokeAsync(GetAccountFederationPoliciesArgs args, InvokeOptions? opts = null)
public static Output<GetAccountFederationPoliciesResult> Invoke(GetAccountFederationPoliciesInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetAccountFederationPoliciesResult> getAccountFederationPolicies(GetAccountFederationPoliciesArgs args, InvokeOptions options)
public static Output<GetAccountFederationPoliciesResult> getAccountFederationPolicies(GetAccountFederationPoliciesArgs args, InvokeOptions options)
fn::invoke:
function: databricks:index/getAccountFederationPolicies:getAccountFederationPolicies
arguments:
# arguments dictionaryThe following arguments are supported:
- Page
Size int
- Page
Size int
- page
Size Integer
- page
Size number
- page_
size int
- page
Size Number
getAccountFederationPolicies Result
The following output properties are available:
- Id string
- The provider-assigned unique ID for this managed resource.
- Policies
List<Get
Account Federation Policies Policy> - Page
Size int
- Id string
- The provider-assigned unique ID for this managed resource.
- Policies
[]Get
Account Federation Policies Policy - Page
Size int
- id String
- The provider-assigned unique ID for this managed resource.
- policies
List<Get
Account Federation Policies Policy> - page
Size Integer
- id string
- The provider-assigned unique ID for this managed resource.
- policies
Get
Account Federation Policies Policy[] - page
Size number
- id str
- The provider-assigned unique ID for this managed resource.
- policies
Sequence[Get
Account Federation Policies Policy] - page_
size int
- id String
- The provider-assigned unique ID for this managed resource.
- policies List<Property Map>
- page
Size Number
Supporting Types
GetAccountFederationPoliciesPolicy
- Create
Time string - (string) - Creation time of the federation policy
- Description string
- (string) - Description of the federation policy
- Name string
- (string) - Resource name for the federation policy. Example values include
accounts/<account-id>/federationPolicies/my-federation-policyfor Account Federation Policies, andaccounts/<account-id>/servicePrincipals/<service-principal-id>/federationPolicies/my-federation-policyfor Service Principal Federation Policies. Typically an output parameter, which does not need to be specified in create or update requests. If specified in a request, must match the value in the request URL - Oidc
Policy GetAccount Federation Policies Policy Oidc Policy - (OidcFederationPolicy)
- Policy
Id string - (string) - The ID of the federation policy. Output only
- Service
Principal intId - (integer) - The service principal ID that this federation policy applies to. Output only. Only set for service principal federation policies
- Uid string
- (string) - Unique, immutable id of the federation policy
- Update
Time string - (string) - Last update time of the federation policy
- Create
Time string - (string) - Creation time of the federation policy
- Description string
- (string) - Description of the federation policy
- Name string
- (string) - Resource name for the federation policy. Example values include
accounts/<account-id>/federationPolicies/my-federation-policyfor Account Federation Policies, andaccounts/<account-id>/servicePrincipals/<service-principal-id>/federationPolicies/my-federation-policyfor Service Principal Federation Policies. Typically an output parameter, which does not need to be specified in create or update requests. If specified in a request, must match the value in the request URL - Oidc
Policy GetAccount Federation Policies Policy Oidc Policy - (OidcFederationPolicy)
- Policy
Id string - (string) - The ID of the federation policy. Output only
- Service
Principal intId - (integer) - The service principal ID that this federation policy applies to. Output only. Only set for service principal federation policies
- Uid string
- (string) - Unique, immutable id of the federation policy
- Update
Time string - (string) - Last update time of the federation policy
- create
Time String - (string) - Creation time of the federation policy
- description String
- (string) - Description of the federation policy
- name String
- (string) - Resource name for the federation policy. Example values include
accounts/<account-id>/federationPolicies/my-federation-policyfor Account Federation Policies, andaccounts/<account-id>/servicePrincipals/<service-principal-id>/federationPolicies/my-federation-policyfor Service Principal Federation Policies. Typically an output parameter, which does not need to be specified in create or update requests. If specified in a request, must match the value in the request URL - oidc
Policy GetAccount Federation Policies Policy Oidc Policy - (OidcFederationPolicy)
- policy
Id String - (string) - The ID of the federation policy. Output only
- service
Principal IntegerId - (integer) - The service principal ID that this federation policy applies to. Output only. Only set for service principal federation policies
- uid String
- (string) - Unique, immutable id of the federation policy
- update
Time String - (string) - Last update time of the federation policy
- create
Time string - (string) - Creation time of the federation policy
- description string
- (string) - Description of the federation policy
- name string
- (string) - Resource name for the federation policy. Example values include
accounts/<account-id>/federationPolicies/my-federation-policyfor Account Federation Policies, andaccounts/<account-id>/servicePrincipals/<service-principal-id>/federationPolicies/my-federation-policyfor Service Principal Federation Policies. Typically an output parameter, which does not need to be specified in create or update requests. If specified in a request, must match the value in the request URL - oidc
Policy GetAccount Federation Policies Policy Oidc Policy - (OidcFederationPolicy)
- policy
Id string - (string) - The ID of the federation policy. Output only
- service
Principal numberId - (integer) - The service principal ID that this federation policy applies to. Output only. Only set for service principal federation policies
- uid string
- (string) - Unique, immutable id of the federation policy
- update
Time string - (string) - Last update time of the federation policy
- create_
time str - (string) - Creation time of the federation policy
- description str
- (string) - Description of the federation policy
- name str
- (string) - Resource name for the federation policy. Example values include
accounts/<account-id>/federationPolicies/my-federation-policyfor Account Federation Policies, andaccounts/<account-id>/servicePrincipals/<service-principal-id>/federationPolicies/my-federation-policyfor Service Principal Federation Policies. Typically an output parameter, which does not need to be specified in create or update requests. If specified in a request, must match the value in the request URL - oidc_
policy GetAccount Federation Policies Policy Oidc Policy - (OidcFederationPolicy)
- policy_
id str - (string) - The ID of the federation policy. Output only
- service_
principal_ intid - (integer) - The service principal ID that this federation policy applies to. Output only. Only set for service principal federation policies
- uid str
- (string) - Unique, immutable id of the federation policy
- update_
time str - (string) - Last update time of the federation policy
- create
Time String - (string) - Creation time of the federation policy
- description String
- (string) - Description of the federation policy
- name String
- (string) - Resource name for the federation policy. Example values include
accounts/<account-id>/federationPolicies/my-federation-policyfor Account Federation Policies, andaccounts/<account-id>/servicePrincipals/<service-principal-id>/federationPolicies/my-federation-policyfor Service Principal Federation Policies. Typically an output parameter, which does not need to be specified in create or update requests. If specified in a request, must match the value in the request URL - oidc
Policy Property Map - (OidcFederationPolicy)
- policy
Id String - (string) - The ID of the federation policy. Output only
- service
Principal NumberId - (integer) - The service principal ID that this federation policy applies to. Output only. Only set for service principal federation policies
- uid String
- (string) - Unique, immutable id of the federation policy
- update
Time String - (string) - Last update time of the federation policy
GetAccountFederationPoliciesPolicyOidcPolicy
- Audiences List<string>
- (list of string) - The allowed token audiences, as specified in the 'aud' claim of federated tokens. The audience identifier is intended to represent the recipient of the token. Can be any non-empty string value. As long as the audience in the token matches at least one audience in the policy, the token is considered a match. If audiences is unspecified, defaults to your Databricks account id
- Issuer string
- (string) - The required token issuer, as specified in the 'iss' claim of federated tokens
- Jwks
Json string - (string) - The public keys used to validate the signature of federated tokens, in JWKS format. Most use cases should not need to specify this field. If jwks_uri and jwks_json are both unspecified (recommended), Databricks automatically fetches the public keys from your issuer’s well known endpoint. Databricks strongly recommends relying on your issuer’s well known endpoint for discovering public keys
- Jwks
Uri string - (string) - URL of the public keys used to validate the signature of federated tokens, in JWKS format. Most use cases should not need to specify this field. If jwks_uri and jwks_json are both unspecified (recommended), Databricks automatically fetches the public keys from your issuer’s well known endpoint. Databricks strongly recommends relying on your issuer’s well known endpoint for discovering public keys
- Subject string
- (string) - The required token subject, as specified in the subject claim of federated tokens. Must be specified for service principal federation policies. Must not be specified for account federation policies
- Subject
Claim string - (string) - The claim that contains the subject of the token. If unspecified, the default value is 'sub'
- Audiences []string
- (list of string) - The allowed token audiences, as specified in the 'aud' claim of federated tokens. The audience identifier is intended to represent the recipient of the token. Can be any non-empty string value. As long as the audience in the token matches at least one audience in the policy, the token is considered a match. If audiences is unspecified, defaults to your Databricks account id
- Issuer string
- (string) - The required token issuer, as specified in the 'iss' claim of federated tokens
- Jwks
Json string - (string) - The public keys used to validate the signature of federated tokens, in JWKS format. Most use cases should not need to specify this field. If jwks_uri and jwks_json are both unspecified (recommended), Databricks automatically fetches the public keys from your issuer’s well known endpoint. Databricks strongly recommends relying on your issuer’s well known endpoint for discovering public keys
- Jwks
Uri string - (string) - URL of the public keys used to validate the signature of federated tokens, in JWKS format. Most use cases should not need to specify this field. If jwks_uri and jwks_json are both unspecified (recommended), Databricks automatically fetches the public keys from your issuer’s well known endpoint. Databricks strongly recommends relying on your issuer’s well known endpoint for discovering public keys
- Subject string
- (string) - The required token subject, as specified in the subject claim of federated tokens. Must be specified for service principal federation policies. Must not be specified for account federation policies
- Subject
Claim string - (string) - The claim that contains the subject of the token. If unspecified, the default value is 'sub'
- audiences List<String>
- (list of string) - The allowed token audiences, as specified in the 'aud' claim of federated tokens. The audience identifier is intended to represent the recipient of the token. Can be any non-empty string value. As long as the audience in the token matches at least one audience in the policy, the token is considered a match. If audiences is unspecified, defaults to your Databricks account id
- issuer String
- (string) - The required token issuer, as specified in the 'iss' claim of federated tokens
- jwks
Json String - (string) - The public keys used to validate the signature of federated tokens, in JWKS format. Most use cases should not need to specify this field. If jwks_uri and jwks_json are both unspecified (recommended), Databricks automatically fetches the public keys from your issuer’s well known endpoint. Databricks strongly recommends relying on your issuer’s well known endpoint for discovering public keys
- jwks
Uri String - (string) - URL of the public keys used to validate the signature of federated tokens, in JWKS format. Most use cases should not need to specify this field. If jwks_uri and jwks_json are both unspecified (recommended), Databricks automatically fetches the public keys from your issuer’s well known endpoint. Databricks strongly recommends relying on your issuer’s well known endpoint for discovering public keys
- subject String
- (string) - The required token subject, as specified in the subject claim of federated tokens. Must be specified for service principal federation policies. Must not be specified for account federation policies
- subject
Claim String - (string) - The claim that contains the subject of the token. If unspecified, the default value is 'sub'
- audiences string[]
- (list of string) - The allowed token audiences, as specified in the 'aud' claim of federated tokens. The audience identifier is intended to represent the recipient of the token. Can be any non-empty string value. As long as the audience in the token matches at least one audience in the policy, the token is considered a match. If audiences is unspecified, defaults to your Databricks account id
- issuer string
- (string) - The required token issuer, as specified in the 'iss' claim of federated tokens
- jwks
Json string - (string) - The public keys used to validate the signature of federated tokens, in JWKS format. Most use cases should not need to specify this field. If jwks_uri and jwks_json are both unspecified (recommended), Databricks automatically fetches the public keys from your issuer’s well known endpoint. Databricks strongly recommends relying on your issuer’s well known endpoint for discovering public keys
- jwks
Uri string - (string) - URL of the public keys used to validate the signature of federated tokens, in JWKS format. Most use cases should not need to specify this field. If jwks_uri and jwks_json are both unspecified (recommended), Databricks automatically fetches the public keys from your issuer’s well known endpoint. Databricks strongly recommends relying on your issuer’s well known endpoint for discovering public keys
- subject string
- (string) - The required token subject, as specified in the subject claim of federated tokens. Must be specified for service principal federation policies. Must not be specified for account federation policies
- subject
Claim string - (string) - The claim that contains the subject of the token. If unspecified, the default value is 'sub'
- audiences Sequence[str]
- (list of string) - The allowed token audiences, as specified in the 'aud' claim of federated tokens. The audience identifier is intended to represent the recipient of the token. Can be any non-empty string value. As long as the audience in the token matches at least one audience in the policy, the token is considered a match. If audiences is unspecified, defaults to your Databricks account id
- issuer str
- (string) - The required token issuer, as specified in the 'iss' claim of federated tokens
- jwks_
json str - (string) - The public keys used to validate the signature of federated tokens, in JWKS format. Most use cases should not need to specify this field. If jwks_uri and jwks_json are both unspecified (recommended), Databricks automatically fetches the public keys from your issuer’s well known endpoint. Databricks strongly recommends relying on your issuer’s well known endpoint for discovering public keys
- jwks_
uri str - (string) - URL of the public keys used to validate the signature of federated tokens, in JWKS format. Most use cases should not need to specify this field. If jwks_uri and jwks_json are both unspecified (recommended), Databricks automatically fetches the public keys from your issuer’s well known endpoint. Databricks strongly recommends relying on your issuer’s well known endpoint for discovering public keys
- subject str
- (string) - The required token subject, as specified in the subject claim of federated tokens. Must be specified for service principal federation policies. Must not be specified for account federation policies
- subject_
claim str - (string) - The claim that contains the subject of the token. If unspecified, the default value is 'sub'
- audiences List<String>
- (list of string) - The allowed token audiences, as specified in the 'aud' claim of federated tokens. The audience identifier is intended to represent the recipient of the token. Can be any non-empty string value. As long as the audience in the token matches at least one audience in the policy, the token is considered a match. If audiences is unspecified, defaults to your Databricks account id
- issuer String
- (string) - The required token issuer, as specified in the 'iss' claim of federated tokens
- jwks
Json String - (string) - The public keys used to validate the signature of federated tokens, in JWKS format. Most use cases should not need to specify this field. If jwks_uri and jwks_json are both unspecified (recommended), Databricks automatically fetches the public keys from your issuer’s well known endpoint. Databricks strongly recommends relying on your issuer’s well known endpoint for discovering public keys
- jwks
Uri String - (string) - URL of the public keys used to validate the signature of federated tokens, in JWKS format. Most use cases should not need to specify this field. If jwks_uri and jwks_json are both unspecified (recommended), Databricks automatically fetches the public keys from your issuer’s well known endpoint. Databricks strongly recommends relying on your issuer’s well known endpoint for discovering public keys
- subject String
- (string) - The required token subject, as specified in the subject claim of federated tokens. Must be specified for service principal federation policies. Must not be specified for account federation policies
- subject
Claim String - (string) - The claim that contains the subject of the token. If unspecified, the default value is 'sub'
Package Details
- Repository
- databricks pulumi/pulumi-databricks
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
databricksTerraform Provider.
