account_assignable_roles
Creates, updates, deletes, gets or lists an account_assignable_roles resource.
Overview
| Name | account_assignable_roles |
| Type | Resource |
| Id | databricks_account.iam.account_assignable_roles |
Fields
The following fields are returned by SELECT queries:
- get_assignable_roles_for_resource
| Name | Datatype | Description |
|---|---|---|
roles | array |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get_assignable_roles_for_resource | select | account_id, resource | Gets all the roles that can be granted on an account level resource. A role is grantable if the rule |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
account_id | string | |
resource | string | The resource name for which assignable roles will be listed. Examples | Summary :--- | :--- resource=accounts/<ACCOUNT_ID> | A resource name for the account. resource=accounts/<ACCOUNT_ID>/groups/<GROUP_ID> | A resource name for the group. resource=accounts/<ACCOUNT_ID>/servicePrincipals/<SP_ID> | A resource name for the service principal. resource=accounts/<ACCOUNT_ID>/tagPolicies/<TAG_POLICY_ID> | A resource name for the tag policy. |
SELECT examples
- get_assignable_roles_for_resource
Gets all the roles that can be granted on an account level resource. A role is grantable if the rule
SELECT
roles
FROM databricks_account.iam.account_assignable_roles
WHERE account_id = '{{ account_id }}' -- required
AND resource = '{{ resource }}' -- required
;