| subcategory |
|---|
Security |
This resource allows you to attach a role or databricks_instance_profile (AWS) to a databricks_service_principal.
Granting a service principal access to an instance profile
resource "databricks_instance_profile" "instance_profile" {
instance_profile_arn = "my_instance_profile_arn"
}
resource "databricks_service_principal" "this" {
display_name = "My Service Principal"
}
resource "databricks_service_principal_role" "my_service_principal_instance_profile" {
service_principal_id = databricks_service_principal.this.id
role = databricks_instance_profile.instance_profile.id
}The following arguments are supported:
service_principal_id- (Required) This is the id of the service principal resource.role- (Required) This is the id of the role or instance profile resource.
In addition to all arguments above, the following attributes are exported:
id- The id in the format<service_principal_id>|<role>.
-> Note Importing this resource is not currently supported.
The following resources are often used in the same context:
- End to end workspace management guide.
- databricks_user_role to attach role or databricks_instance_profile (AWS) to databricks_user.
- databricks_group_instance_profile to attach databricks_instance_profile (AWS) to databricks_group.
- databricks_group_member to attach users and groups as group members.
- databricks_instance_profile to manage AWS EC2 instance profiles that users can launch databricks_cluster and access data, like databricks_mount.