Resource: aws_datazone_domain

Terraform resource for managing an AWS DataZone Domain.

Example Usage

Basic Usage

resource "aws_iam_role" "domain_execution_role" {
  name = "my_domain_execution_role"
  assume_role_policy = jsonencode({
    Version = "2012-10-17"
    Statement = [
      {
        Action = ["sts:AssumeRole", "sts:TagSession"]
        Effect = "Allow"
        Principal = {
          Service = "datazone.amazonaws.com"
        }
      },
      {
        Action = ["sts:AssumeRole", "sts:TagSession"]
        Effect = "Allow"
        Principal = {
          Service = "cloudformation.amazonaws.com"
        }
      },
    ]
  })

  inline_policy {
    name = "domain_execution_policy"
    policy = jsonencode({
      Version = "2012-10-17"
      Statement = [
        {
          # Consider scoping down
          Action = [
            "datazone:*",
            "ram:*",
            "sso:*",
            "kms:*",
          ]
          Effect   = "Allow"
          Resource = "*"
        },
      ]
    })
  }
}

resource "aws_datazone_domain" "example" {
  name                  = "example"
  domain_execution_role = aws_iam_role.domain_execution_role.arn
}

Argument Reference

The following arguments are required:

The following arguments are optional:

Attribute Reference

This resource exports the following attributes in addition to the arguments above:

Timeouts

Configuration options:

Import

In Terraform v1.5.0 and later, use an import block to import DataZone Domain using the domain_id. For example:

import {
  to = aws_datazone_domain.example
  id = "domain-id-12345678"
}

Using terraform import, import DataZone Domain using the domain_id. For example:

% terraform import aws_datazone_domain.example domain-id-12345678