MDAA TS Docs
    Preparing search index...

    Interface DomainUnit

    interface DomainUnit {
        allowAllUsers?: boolean;
        allowedGroups?: string[];
        allowedUsers?: string[];
        authorizationPolicies?: NamedAuthorizationPolicies;
        description?: string;
        domainUnits?: NamedDomainUnits;
        ownerAccounts?: string[];
        ownerGroups?: string[];
        ownerUsers?: string[];
    }
    Index

    Properties

    allowAllUsers? allowedGroups? allowedUsers? authorizationPolicies? description? domainUnits? ownerAccounts? ownerGroups? ownerUsers?

    Properties

    allowAllUsers?: boolean

    When true, all domain users are allowed access to this domain unit.

    Use cases: Open-access domain units; Unrestricted project creation

    AWS: DataZone domain unit access control

    Validation: Optional; boolean

    allowedGroups?: string[]

    Specific group names allowed access to this domain unit. Names must match entries in the domain's groups config.

    Use cases: Group-scoped domain unit access; Team-restricted project creation

    AWS: DataZone domain unit group access list

    Validation: Optional; string array; names must match domain groups keys

    allowedUsers?: string[]

    Specific user names allowed access to this domain unit. Names must match entries in the domain's users config.

    Use cases: User-scoped domain unit access; Restricted project creation

    AWS: DataZone domain unit user access list

    Validation: Optional; string array; names must match domain users keys

    authorizationPolicies?: NamedAuthorizationPolicies

    Fine-grained authorization policies for this domain unit. Supports policy types like CREATE_DOMAIN_UNIT, CREATE_GLOSSARY, and CREATE_PROJECT with user/group principals.

    Use cases: Permission scoping per domain unit; Policy-driven project creation control

    AWS: DataZone authorization policies (CREATE_DOMAIN_UNIT, CREATE_PROJECT, etc.)

    Validation: Optional; Record of AuthorizationPolicy objects

    description?: string

    Human-readable description of this domain unit's purpose and scope.

    Use cases: Organizational documentation; Domain unit identification

    AWS: DataZone domain unit description

    Validation: Optional; string

    domainUnits?: NamedDomainUnits

    Child domain units nested under this unit, enabling recursive hierarchical organization. Each child inherits the parent's domain context.

    Use cases: Multi-level organizational hierarchy; Nested governance scopes

    AWS: DataZone nested domain units

    Validation: Optional; valid NamedDomainUnits; supports arbitrary nesting depth

    ownerAccounts?: string[]

    Associated account names that receive ownership of this domain unit, allowing project creation within it. Names must match entries in the domain's associatedAccounts config.

    Use cases: Cross-account project creation; Delegated domain unit ownership

    AWS: DataZone domain unit owner (account-based)

    Validation: Optional; string array; names must match associatedAccounts keys

    ownerGroups?: string[]

    Group names that receive ownership of this domain unit. Names must match entries in the domain's groups config.

    Use cases: Team-based domain unit administration; Group ownership delegation

    AWS: DataZone domain unit owner (group-based)

    Validation: Optional; string array; names must match domain groups keys

    ownerUsers?: string[]

    User names that receive ownership of this domain unit. Names must match entries in the domain's users config.

    Use cases: User-based domain unit administration; Individual ownership delegation

    AWS: DataZone domain unit owner (user-based)

    Validation: Optional; string array; names must match domain users keys

    Settings

    Member Visibility

    On This Page

    Properties