MDAA TS Docs
    Preparing search index...

    Interface DataZoneL3ConstructProps

    interface DataZoneL3ConstructProps {
        createOutputs?: boolean;
        createParams?: boolean;
        crossAccountStacks?: { [account: string]: { [region: string]: Stack } };
        dataZoneDomains?: NamedDataZoneDomainProps;
        glueCatalogKmsKeyArn?: string;
        lakeformationManageAccessRole?: MdaaRoleRef;
        naming: IMdaaResourceNaming;
        roleHelper: MdaaRoleHelper;
        sagemakerDomainExecutionRole?: MdaaRoleRef;
        sageMakerDomains?: NamedSageMakerDomainProps;
        tags?: { [key: string]: string };
    }

    Hierarchy (View Summary)

    Index

    Properties

    createOutputs? createParams? crossAccountStacks? dataZoneDomains? glueCatalogKmsKeyArn? lakeformationManageAccessRole? naming roleHelper sagemakerDomainExecutionRole? sageMakerDomains? tags?

    Properties

    createOutputs?: boolean

    Flag controlling CloudFormation output and stack export creation for construct resources

    createParams?: boolean

    Flag controlling SSM parameter creation for construct resource references enabling

    crossAccountStacks?: { [account: string]: { [region: string]: Stack } }
    dataZoneDomains?: NamedDataZoneDomainProps

    Map of domain names to DataZone (V1) domain configurations. Each domain deploys a DataZone domain with KMS encryption, execution role, domain bucket, user/group profiles, and optional associated accounts.

    Use cases: DataZone domain deployment; Data catalog governance; Multi-domain management

    AWS: DataZone domains, KMS keys, IAM roles, S3 buckets

    Validation: Optional; valid NamedDataZoneDomainProps

    glueCatalogKmsKeyArn?: string

    KMS key ARN for Glue catalog encryption. If omitted, looked up from the standard LF Settings SSM parameter for the DataZone admin role.

    Use cases: Customer-managed catalog encryption; Compliance-driven key management

    AWS: KMS key for Glue Data Catalog encryption

    Validation: Optional; valid KMS key ARN

    lakeformationManageAccessRole?: MdaaRoleRef

    IAM role for Lake Formation permission management across all domains. Should be an LF Admin role, typically created by the LF Settings module. If omitted, looked up from the standard LF Settings SSM parameter.

    Use cases: Automated LF permission grants; DataZone-LakeFormation integration

    AWS: IAM role for Lake Formation access management

    Validation: Optional; valid MdaaRoleRef

    naming: IMdaaResourceNaming

    MDAA naming implementation for consistent resource naming across all MDAA constructs

    roleHelper: MdaaRoleHelper
    sagemakerDomainExecutionRole?: MdaaRoleRef

    Custom execution role for SageMaker domains. When provided, uses this role instead of creating a default execution role with AWS managed policies.

    Use cases: Least-privilege execution roles; Custom permission boundaries; Role reuse

    AWS: IAM role for SageMaker domain execution

    Validation: Optional; valid MdaaRoleRef

    sageMakerDomains?: NamedSageMakerDomainProps

    Map of domain names to SageMaker Unified Studio (DataZone V2) domain configurations. Each domain deploys a SageMaker domain with KMS encryption, service role, domain bucket, tooling blueprint, user/group profiles, and optional cross-account associations.

    Use cases: SageMaker Unified Studio domain deployment; ML governance; Blueprint management

    AWS: SageMaker (DataZone V2) domains, KMS keys, IAM roles, S3 buckets

    Validation: Optional; valid NamedSageMakerDomainProps

    tags?: { [key: string]: string }

    Settings

    Member Visibility

    On This Page

    Properties