1. Packages
  2. Databricks Provider
  3. API Docs
  4. getStorageCredential
Databricks v1.65.0 published on Wednesday, Apr 9, 2025 by Pulumi

databricks.getStorageCredential

Explore with Pulumi AI

Note This data source can only be used with a workspace-level provider!

Retrieves details about a databricks.StorageCredential that were created by Pulumi or manually.

Example Usage

Getting details of an existing storage credential in the metastore

import * as pulumi from "@pulumi/pulumi";
import * as databricks from "@pulumi/databricks";

const _this = databricks.getStorageCredential({
    name: "this",
});
export const createdBy = _this.then(_this => _this.storageCredentialInfo?.createdBy);
Copy
import pulumi
import pulumi_databricks as databricks

this = databricks.get_storage_credential(name="this")
pulumi.export("createdBy", this.storage_credential_info.created_by)
Copy
package main

import (
	"github.com/pulumi/pulumi-databricks/sdk/go/databricks"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		this, err := databricks.LookupStorageCredential(ctx, &databricks.LookupStorageCredentialArgs{
			Name: "this",
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("createdBy", this.StorageCredentialInfo.CreatedBy)
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Databricks = Pulumi.Databricks;

return await Deployment.RunAsync(() => 
{
    var @this = Databricks.GetStorageCredential.Invoke(new()
    {
        Name = "this",
    });

    return new Dictionary<string, object?>
    {
        ["createdBy"] = @this.Apply(@this => @this.Apply(getStorageCredentialResult => getStorageCredentialResult.StorageCredentialInfo?.CreatedBy)),
    };
});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.databricks.DatabricksFunctions;
import com.pulumi.databricks.inputs.GetStorageCredentialArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var this = DatabricksFunctions.getStorageCredential(GetStorageCredentialArgs.builder()
            .name("this")
            .build());

        ctx.export("createdBy", this_.storageCredentialInfo().createdBy());
    }
}
Copy
variables:
  this:
    fn::invoke:
      function: databricks:getStorageCredential
      arguments:
        name: this
outputs:
  createdBy: ${this.storageCredentialInfo.createdBy}
Copy

The following resources are used in the same context:

  • databricks.getStorageCredentials to get names of all credentials
  • databricks.StorageCredential to manage Storage Credentials within Unity Catalog.

Using getStorageCredential

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getStorageCredential(args: GetStorageCredentialArgs, opts?: InvokeOptions): Promise<GetStorageCredentialResult>
function getStorageCredentialOutput(args: GetStorageCredentialOutputArgs, opts?: InvokeOptions): Output<GetStorageCredentialResult>
Copy
def get_storage_credential(id: Optional[str] = None,
                           name: Optional[str] = None,
                           storage_credential_info: Optional[GetStorageCredentialStorageCredentialInfo] = None,
                           opts: Optional[InvokeOptions] = None) -> GetStorageCredentialResult
def get_storage_credential_output(id: Optional[pulumi.Input[str]] = None,
                           name: Optional[pulumi.Input[str]] = None,
                           storage_credential_info: Optional[pulumi.Input[GetStorageCredentialStorageCredentialInfoArgs]] = None,
                           opts: Optional[InvokeOptions] = None) -> Output[GetStorageCredentialResult]
Copy
func LookupStorageCredential(ctx *Context, args *LookupStorageCredentialArgs, opts ...InvokeOption) (*LookupStorageCredentialResult, error)
func LookupStorageCredentialOutput(ctx *Context, args *LookupStorageCredentialOutputArgs, opts ...InvokeOption) LookupStorageCredentialResultOutput
Copy

> Note: This function is named LookupStorageCredential in the Go SDK.

public static class GetStorageCredential 
{
    public static Task<GetStorageCredentialResult> InvokeAsync(GetStorageCredentialArgs args, InvokeOptions? opts = null)
    public static Output<GetStorageCredentialResult> Invoke(GetStorageCredentialInvokeArgs args, InvokeOptions? opts = null)
}
Copy
public static CompletableFuture<GetStorageCredentialResult> getStorageCredential(GetStorageCredentialArgs args, InvokeOptions options)
public static Output<GetStorageCredentialResult> getStorageCredential(GetStorageCredentialArgs args, InvokeOptions options)
Copy
fn::invoke:
  function: databricks:index/getStorageCredential:getStorageCredential
  arguments:
    # arguments dictionary
Copy

The following arguments are supported:

Name
This property is required.
Changes to this property will trigger replacement.
string
The name of the storage credential
Id string
Unique ID of storage credential.
StorageCredentialInfo GetStorageCredentialStorageCredentialInfo
array of objects with information about storage credential.
Name
This property is required.
Changes to this property will trigger replacement.
string
The name of the storage credential
Id string
Unique ID of storage credential.
StorageCredentialInfo GetStorageCredentialStorageCredentialInfo
array of objects with information about storage credential.
name
This property is required.
Changes to this property will trigger replacement.
String
The name of the storage credential
id String
Unique ID of storage credential.
storageCredentialInfo GetStorageCredentialStorageCredentialInfo
array of objects with information about storage credential.
name
This property is required.
Changes to this property will trigger replacement.
string
The name of the storage credential
id string
Unique ID of storage credential.
storageCredentialInfo GetStorageCredentialStorageCredentialInfo
array of objects with information about storage credential.
name
This property is required.
Changes to this property will trigger replacement.
str
The name of the storage credential
id str
Unique ID of storage credential.
storage_credential_info GetStorageCredentialStorageCredentialInfo
array of objects with information about storage credential.
name
This property is required.
Changes to this property will trigger replacement.
String
The name of the storage credential
id String
Unique ID of storage credential.
storageCredentialInfo Property Map
array of objects with information about storage credential.

getStorageCredential Result

The following output properties are available:

Id string
Unique ID of storage credential.
Name string
StorageCredentialInfo GetStorageCredentialStorageCredentialInfo
array of objects with information about storage credential.
Id string
Unique ID of storage credential.
Name string
StorageCredentialInfo GetStorageCredentialStorageCredentialInfo
array of objects with information about storage credential.
id String
Unique ID of storage credential.
name String
storageCredentialInfo GetStorageCredentialStorageCredentialInfo
array of objects with information about storage credential.
id string
Unique ID of storage credential.
name string
storageCredentialInfo GetStorageCredentialStorageCredentialInfo
array of objects with information about storage credential.
id str
Unique ID of storage credential.
name str
storage_credential_info GetStorageCredentialStorageCredentialInfo
array of objects with information about storage credential.
id String
Unique ID of storage credential.
name String
storageCredentialInfo Property Map
array of objects with information about storage credential.

Supporting Types

GetStorageCredentialStorageCredentialInfo

AwsIamRole GetStorageCredentialStorageCredentialInfoAwsIamRole
credential details for AWS:
AzureManagedIdentity GetStorageCredentialStorageCredentialInfoAzureManagedIdentity
managed identity credential details for Azure
AzureServicePrincipal GetStorageCredentialStorageCredentialInfoAzureServicePrincipal
service principal credential details for Azure:
CloudflareApiToken GetStorageCredentialStorageCredentialInfoCloudflareApiToken
Comment string
CreatedAt int
Time at which this catalog was created, in epoch milliseconds.
CreatedBy string
Username of catalog creator.
DatabricksGcpServiceAccount GetStorageCredentialStorageCredentialInfoDatabricksGcpServiceAccount
credential details for GCP:
FullName string
Id string
Unique ID of storage credential.
IsolationMode string
MetastoreId string
Unique identifier of the parent Metastore.
Name string
The name of the storage credential
Owner string
Username/groupname/sp application_id of the storage credential owner.
ReadOnly bool
Indicates whether the storage credential is only usable for read operations.
UpdatedAt int
Time at which this catalog was last modified, in epoch milliseconds.
UpdatedBy string
Username of user who last modified catalog.
UsedForManagedStorage bool
AwsIamRole GetStorageCredentialStorageCredentialInfoAwsIamRole
credential details for AWS:
AzureManagedIdentity GetStorageCredentialStorageCredentialInfoAzureManagedIdentity
managed identity credential details for Azure
AzureServicePrincipal GetStorageCredentialStorageCredentialInfoAzureServicePrincipal
service principal credential details for Azure:
CloudflareApiToken GetStorageCredentialStorageCredentialInfoCloudflareApiToken
Comment string
CreatedAt int
Time at which this catalog was created, in epoch milliseconds.
CreatedBy string
Username of catalog creator.
DatabricksGcpServiceAccount GetStorageCredentialStorageCredentialInfoDatabricksGcpServiceAccount
credential details for GCP:
FullName string
Id string
Unique ID of storage credential.
IsolationMode string
MetastoreId string
Unique identifier of the parent Metastore.
Name string
The name of the storage credential
Owner string
Username/groupname/sp application_id of the storage credential owner.
ReadOnly bool
Indicates whether the storage credential is only usable for read operations.
UpdatedAt int
Time at which this catalog was last modified, in epoch milliseconds.
UpdatedBy string
Username of user who last modified catalog.
UsedForManagedStorage bool
awsIamRole GetStorageCredentialStorageCredentialInfoAwsIamRole
credential details for AWS:
azureManagedIdentity GetStorageCredentialStorageCredentialInfoAzureManagedIdentity
managed identity credential details for Azure
azureServicePrincipal GetStorageCredentialStorageCredentialInfoAzureServicePrincipal
service principal credential details for Azure:
cloudflareApiToken GetStorageCredentialStorageCredentialInfoCloudflareApiToken
comment String
createdAt Integer
Time at which this catalog was created, in epoch milliseconds.
createdBy String
Username of catalog creator.
databricksGcpServiceAccount GetStorageCredentialStorageCredentialInfoDatabricksGcpServiceAccount
credential details for GCP:
fullName String
id String
Unique ID of storage credential.
isolationMode String
metastoreId String
Unique identifier of the parent Metastore.
name String
The name of the storage credential
owner String
Username/groupname/sp application_id of the storage credential owner.
readOnly Boolean
Indicates whether the storage credential is only usable for read operations.
updatedAt Integer
Time at which this catalog was last modified, in epoch milliseconds.
updatedBy String
Username of user who last modified catalog.
usedForManagedStorage Boolean
awsIamRole GetStorageCredentialStorageCredentialInfoAwsIamRole
credential details for AWS:
azureManagedIdentity GetStorageCredentialStorageCredentialInfoAzureManagedIdentity
managed identity credential details for Azure
azureServicePrincipal GetStorageCredentialStorageCredentialInfoAzureServicePrincipal
service principal credential details for Azure:
cloudflareApiToken GetStorageCredentialStorageCredentialInfoCloudflareApiToken
comment string
createdAt number
Time at which this catalog was created, in epoch milliseconds.
createdBy string
Username of catalog creator.
databricksGcpServiceAccount GetStorageCredentialStorageCredentialInfoDatabricksGcpServiceAccount
credential details for GCP:
fullName string
id string
Unique ID of storage credential.
isolationMode string
metastoreId string
Unique identifier of the parent Metastore.
name string
The name of the storage credential
owner string
Username/groupname/sp application_id of the storage credential owner.
readOnly boolean
Indicates whether the storage credential is only usable for read operations.
updatedAt number
Time at which this catalog was last modified, in epoch milliseconds.
updatedBy string
Username of user who last modified catalog.
usedForManagedStorage boolean
aws_iam_role GetStorageCredentialStorageCredentialInfoAwsIamRole
credential details for AWS:
azure_managed_identity GetStorageCredentialStorageCredentialInfoAzureManagedIdentity
managed identity credential details for Azure
azure_service_principal GetStorageCredentialStorageCredentialInfoAzureServicePrincipal
service principal credential details for Azure:
cloudflare_api_token GetStorageCredentialStorageCredentialInfoCloudflareApiToken
comment str
created_at int
Time at which this catalog was created, in epoch milliseconds.
created_by str
Username of catalog creator.
databricks_gcp_service_account GetStorageCredentialStorageCredentialInfoDatabricksGcpServiceAccount
credential details for GCP:
full_name str
id str
Unique ID of storage credential.
isolation_mode str
metastore_id str
Unique identifier of the parent Metastore.
name str
The name of the storage credential
owner str
Username/groupname/sp application_id of the storage credential owner.
read_only bool
Indicates whether the storage credential is only usable for read operations.
updated_at int
Time at which this catalog was last modified, in epoch milliseconds.
updated_by str
Username of user who last modified catalog.
used_for_managed_storage bool
awsIamRole Property Map
credential details for AWS:
azureManagedIdentity Property Map
managed identity credential details for Azure
azureServicePrincipal Property Map
service principal credential details for Azure:
cloudflareApiToken Property Map
comment String
createdAt Number
Time at which this catalog was created, in epoch milliseconds.
createdBy String
Username of catalog creator.
databricksGcpServiceAccount Property Map
credential details for GCP:
fullName String
id String
Unique ID of storage credential.
isolationMode String
metastoreId String
Unique identifier of the parent Metastore.
name String
The name of the storage credential
owner String
Username/groupname/sp application_id of the storage credential owner.
readOnly Boolean
Indicates whether the storage credential is only usable for read operations.
updatedAt Number
Time at which this catalog was last modified, in epoch milliseconds.
updatedBy String
Username of user who last modified catalog.
usedForManagedStorage Boolean

GetStorageCredentialStorageCredentialInfoAwsIamRole

RoleArn This property is required. string
The Amazon Resource Name (ARN) of the AWS IAM role for S3 data access, of the form arn:aws:iam::1234567890:role/MyRole-AJJHDSKSDF
ExternalId string
(output only) - The external ID used in role assumption to prevent confused deputy problem.
UnityCatalogIamArn string
(output only) - The Amazon Resource Name (ARN) of the AWS IAM user managed by Databricks. This is the identity that is going to assume the AWS IAM role.
RoleArn This property is required. string
The Amazon Resource Name (ARN) of the AWS IAM role for S3 data access, of the form arn:aws:iam::1234567890:role/MyRole-AJJHDSKSDF
ExternalId string
(output only) - The external ID used in role assumption to prevent confused deputy problem.
UnityCatalogIamArn string
(output only) - The Amazon Resource Name (ARN) of the AWS IAM user managed by Databricks. This is the identity that is going to assume the AWS IAM role.
roleArn This property is required. String
The Amazon Resource Name (ARN) of the AWS IAM role for S3 data access, of the form arn:aws:iam::1234567890:role/MyRole-AJJHDSKSDF
externalId String
(output only) - The external ID used in role assumption to prevent confused deputy problem.
unityCatalogIamArn String
(output only) - The Amazon Resource Name (ARN) of the AWS IAM user managed by Databricks. This is the identity that is going to assume the AWS IAM role.
roleArn This property is required. string
The Amazon Resource Name (ARN) of the AWS IAM role for S3 data access, of the form arn:aws:iam::1234567890:role/MyRole-AJJHDSKSDF
externalId string
(output only) - The external ID used in role assumption to prevent confused deputy problem.
unityCatalogIamArn string
(output only) - The Amazon Resource Name (ARN) of the AWS IAM user managed by Databricks. This is the identity that is going to assume the AWS IAM role.
role_arn This property is required. str
The Amazon Resource Name (ARN) of the AWS IAM role for S3 data access, of the form arn:aws:iam::1234567890:role/MyRole-AJJHDSKSDF
external_id str
(output only) - The external ID used in role assumption to prevent confused deputy problem.
unity_catalog_iam_arn str
(output only) - The Amazon Resource Name (ARN) of the AWS IAM user managed by Databricks. This is the identity that is going to assume the AWS IAM role.
roleArn This property is required. String
The Amazon Resource Name (ARN) of the AWS IAM role for S3 data access, of the form arn:aws:iam::1234567890:role/MyRole-AJJHDSKSDF
externalId String
(output only) - The external ID used in role assumption to prevent confused deputy problem.
unityCatalogIamArn String
(output only) - The Amazon Resource Name (ARN) of the AWS IAM user managed by Databricks. This is the identity that is going to assume the AWS IAM role.

GetStorageCredentialStorageCredentialInfoAzureManagedIdentity

AccessConnectorId This property is required. string
The Resource ID of the Azure Databricks Access Connector resource, of the form /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-name/providers/Microsoft.Databricks/accessConnectors/connector-name.
CredentialId string
ManagedIdentityId string
The Resource ID of the Azure User Assigned Managed Identity associated with Azure Databricks Access Connector, of the form /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-name/providers/Microsoft.ManagedIdentity/userAssignedIdentities/user-managed-identity-name.
AccessConnectorId This property is required. string
The Resource ID of the Azure Databricks Access Connector resource, of the form /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-name/providers/Microsoft.Databricks/accessConnectors/connector-name.
CredentialId string
ManagedIdentityId string
The Resource ID of the Azure User Assigned Managed Identity associated with Azure Databricks Access Connector, of the form /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-name/providers/Microsoft.ManagedIdentity/userAssignedIdentities/user-managed-identity-name.
accessConnectorId This property is required. String
The Resource ID of the Azure Databricks Access Connector resource, of the form /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-name/providers/Microsoft.Databricks/accessConnectors/connector-name.
credentialId String
managedIdentityId String
The Resource ID of the Azure User Assigned Managed Identity associated with Azure Databricks Access Connector, of the form /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-name/providers/Microsoft.ManagedIdentity/userAssignedIdentities/user-managed-identity-name.
accessConnectorId This property is required. string
The Resource ID of the Azure Databricks Access Connector resource, of the form /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-name/providers/Microsoft.Databricks/accessConnectors/connector-name.
credentialId string
managedIdentityId string
The Resource ID of the Azure User Assigned Managed Identity associated with Azure Databricks Access Connector, of the form /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-name/providers/Microsoft.ManagedIdentity/userAssignedIdentities/user-managed-identity-name.
access_connector_id This property is required. str
The Resource ID of the Azure Databricks Access Connector resource, of the form /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-name/providers/Microsoft.Databricks/accessConnectors/connector-name.
credential_id str
managed_identity_id str
The Resource ID of the Azure User Assigned Managed Identity associated with Azure Databricks Access Connector, of the form /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-name/providers/Microsoft.ManagedIdentity/userAssignedIdentities/user-managed-identity-name.
accessConnectorId This property is required. String
The Resource ID of the Azure Databricks Access Connector resource, of the form /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-name/providers/Microsoft.Databricks/accessConnectors/connector-name.
credentialId String
managedIdentityId String
The Resource ID of the Azure User Assigned Managed Identity associated with Azure Databricks Access Connector, of the form /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-name/providers/Microsoft.ManagedIdentity/userAssignedIdentities/user-managed-identity-name.

GetStorageCredentialStorageCredentialInfoAzureServicePrincipal

ApplicationId This property is required. string
The application ID of the application registration within the referenced AAD tenant
ClientSecret This property is required. string
DirectoryId This property is required. string
The directory ID corresponding to the Azure Active Directory (AAD) tenant of the application
ApplicationId This property is required. string
The application ID of the application registration within the referenced AAD tenant
ClientSecret This property is required. string
DirectoryId This property is required. string
The directory ID corresponding to the Azure Active Directory (AAD) tenant of the application
applicationId This property is required. String
The application ID of the application registration within the referenced AAD tenant
clientSecret This property is required. String
directoryId This property is required. String
The directory ID corresponding to the Azure Active Directory (AAD) tenant of the application
applicationId This property is required. string
The application ID of the application registration within the referenced AAD tenant
clientSecret This property is required. string
directoryId This property is required. string
The directory ID corresponding to the Azure Active Directory (AAD) tenant of the application
application_id This property is required. str
The application ID of the application registration within the referenced AAD tenant
client_secret This property is required. str
directory_id This property is required. str
The directory ID corresponding to the Azure Active Directory (AAD) tenant of the application
applicationId This property is required. String
The application ID of the application registration within the referenced AAD tenant
clientSecret This property is required. String
directoryId This property is required. String
The directory ID corresponding to the Azure Active Directory (AAD) tenant of the application

GetStorageCredentialStorageCredentialInfoCloudflareApiToken

AccessKeyId This property is required. string
AccountId This property is required. string
SecretAccessKey This property is required. string
AccessKeyId This property is required. string
AccountId This property is required. string
SecretAccessKey This property is required. string
accessKeyId This property is required. String
accountId This property is required. String
secretAccessKey This property is required. String
accessKeyId This property is required. string
accountId This property is required. string
secretAccessKey This property is required. string
access_key_id This property is required. str
account_id This property is required. str
secret_access_key This property is required. str
accessKeyId This property is required. String
accountId This property is required. String
secretAccessKey This property is required. String

GetStorageCredentialStorageCredentialInfoDatabricksGcpServiceAccount

CredentialId string
Email string
The email of the GCP service account created, to be granted access to relevant buckets.
CredentialId string
Email string
The email of the GCP service account created, to be granted access to relevant buckets.
credentialId String
email String
The email of the GCP service account created, to be granted access to relevant buckets.
credentialId string
email string
The email of the GCP service account created, to be granted access to relevant buckets.
credential_id str
email str
The email of the GCP service account created, to be granted access to relevant buckets.
credentialId String
email String
The email of the GCP service account created, to be granted access to relevant buckets.

Package Details

Repository
databricks pulumi/pulumi-databricks
License
Apache-2.0
Notes
This Pulumi package is based on the databricks Terraform Provider.