iam

package
v0.42.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 3, 2024 License: Apache-2.0 Imports: 7 Imported by: 29

Documentation

Overview

These APIs allow you to manage Account Access Control, Account Access Control Proxy, Account Groups, Account Service Principals, Account Users, Current User, Groups, Permission Migration, Permissions, Service Principals, Users, Workspace Assignment, etc.

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessControlRequest 

type AccessControlRequest struct {
	// name of the group
	GroupName string `json:"group_name,omitempty"`
	// Permission level
	PermissionLevel PermissionLevel `json:"permission_level,omitempty"`
	// application ID of a service principal
	ServicePrincipalName string `json:"service_principal_name,omitempty"`
	// name of the user
	UserName string `json:"user_name,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (AccessControlRequest) MarshalJSON added in v0.23.0 

func (s AccessControlRequest) MarshalJSON() ([]byte, error)

func (*AccessControlRequest) UnmarshalJSON added in v0.23.0 

func (s *AccessControlRequest) UnmarshalJSON(b []byte) error

type AccessControlResponse 

type AccessControlResponse struct {
	// All permissions.
	AllPermissions []Permission `json:"all_permissions,omitempty"`
	// Display name of the user or service principal.
	DisplayName string `json:"display_name,omitempty"`
	// name of the group
	GroupName string `json:"group_name,omitempty"`
	// Name of the service principal.
	ServicePrincipalName string `json:"service_principal_name,omitempty"`
	// name of the user
	UserName string `json:"user_name,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (AccessControlResponse) MarshalJSON added in v0.23.0 

func (s AccessControlResponse) MarshalJSON() ([]byte, error)

func (*AccessControlResponse) UnmarshalJSON added in v0.23.0 

func (s *AccessControlResponse) UnmarshalJSON(b []byte) error

type AccountAccessControlAPI added in v0.10.0 

type AccountAccessControlAPI struct {
	// contains filtered or unexported fields
}

These APIs manage access rules on resources in an account. Currently, only grant rules are supported. A grant rule specifies a role assigned to a set of principals. A list of rules attached to a resource is called a rule set.

func NewAccountAccessControl added in v0.10.0 

func NewAccountAccessControl(client *client.DatabricksClient) *AccountAccessControlAPI

func (*AccountAccessControlAPI) GetAssignableRolesForResource added in v0.10.0 

func (a *AccountAccessControlAPI) GetAssignableRolesForResource(ctx context.Context, request GetAssignableRolesForResourceRequest) (*GetAssignableRolesForResourceResponse, error)

Get assignable roles for a resource.

Gets all the roles that can be granted on an account level resource. A role is grantable if the rule set on the resource can contain an access rule of the role.

func (*AccountAccessControlAPI) GetRuleSet added in v0.10.0 

func (a *AccountAccessControlAPI) GetRuleSet(ctx context.Context, request GetRuleSetRequest) (*RuleSetResponse, error)

Get a rule set.

Get a rule set by its name. A rule set is always attached to a resource and contains a list of access rules on the said resource. Currently only a default rule set for each resource is supported.

func (*AccountAccessControlAPI) Impl added in v0.10.0 

func (a *AccountAccessControlAPI) Impl() AccountAccessControlService

Impl returns low-level AccountAccessControl API implementation Deprecated: use MockAccountAccessControlInterface instead.

func (*AccountAccessControlAPI) UpdateRuleSet added in v0.10.0 

func (a *AccountAccessControlAPI) UpdateRuleSet(ctx context.Context, request UpdateRuleSetRequest) (*RuleSetResponse, error)

Update a rule set.

Replace the rules of a rule set. First, use get to read the current version of the rule set before modifying it. This pattern helps prevent conflicts between concurrent updates.

func (*AccountAccessControlAPI) WithImpl added in v0.10.0 

func (a *AccountAccessControlAPI) WithImpl(impl AccountAccessControlService) AccountAccessControlInterface

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks. Deprecated: use MockAccountAccessControlInterface instead.

type AccountAccessControlInterface added in v0.29.0 

type AccountAccessControlInterface interface {
	// WithImpl could be used to override low-level API implementations for unit
	// testing purposes with [github.com/golang/mock] or other mocking frameworks.
	// Deprecated: use MockAccountAccessControlInterface instead.
	WithImpl(impl AccountAccessControlService) AccountAccessControlInterface

	// Impl returns low-level AccountAccessControl API implementation
	// Deprecated: use MockAccountAccessControlInterface instead.
	Impl() AccountAccessControlService

	// Get assignable roles for a resource.
	//
	// Gets all the roles that can be granted on an account level resource. A role
	// is grantable if the rule set on the resource can contain an access rule of
	// the role.
	GetAssignableRolesForResource(ctx context.Context, request GetAssignableRolesForResourceRequest) (*GetAssignableRolesForResourceResponse, error)

	// Get a rule set.
	//
	// Get a rule set by its name. A rule set is always attached to a resource and
	// contains a list of access rules on the said resource. Currently only a
	// default rule set for each resource is supported.
	GetRuleSet(ctx context.Context, request GetRuleSetRequest) (*RuleSetResponse, error)

	// Update a rule set.
	//
	// Replace the rules of a rule set. First, use get to read the current version
	// of the rule set before modifying it. This pattern helps prevent conflicts
	// between concurrent updates.
	UpdateRuleSet(ctx context.Context, request UpdateRuleSetRequest) (*RuleSetResponse, error)
}

type AccountAccessControlProxyAPI added in v0.10.0 

type AccountAccessControlProxyAPI struct {
	// contains filtered or unexported fields
}

These APIs manage access rules on resources in an account. Currently, only grant rules are supported. A grant rule specifies a role assigned to a set of principals. A list of rules attached to a resource is called a rule set. A workspace must belong to an account for these APIs to work.

func NewAccountAccessControlProxy added in v0.10.0 

func NewAccountAccessControlProxy(client *client.DatabricksClient) *AccountAccessControlProxyAPI

func (*AccountAccessControlProxyAPI) GetAssignableRolesForResource added in v0.10.0 

func (a *AccountAccessControlProxyAPI) GetAssignableRolesForResource(ctx context.Context, request GetAssignableRolesForResourceRequest) (*GetAssignableRolesForResourceResponse, error)

Get assignable roles for a resource.

Gets all the roles that can be granted on an account-level resource. A role is grantable if the rule set on the resource can contain an access rule of the role.

func (*AccountAccessControlProxyAPI) GetRuleSet added in v0.10.0 

func (a *AccountAccessControlProxyAPI) GetRuleSet(ctx context.Context, request GetRuleSetRequest) (*RuleSetResponse, error)

Get a rule set.

Get a rule set by its name. A rule set is always attached to a resource and contains a list of access rules on the said resource. Currently only a default rule set for each resource is supported.

func (*AccountAccessControlProxyAPI) Impl added in v0.10.0 

func (a *AccountAccessControlProxyAPI) Impl() AccountAccessControlProxyService

Impl returns low-level AccountAccessControlProxy API implementation Deprecated: use MockAccountAccessControlProxyInterface instead.

func (*AccountAccessControlProxyAPI) UpdateRuleSet added in v0.10.0 

func (a *AccountAccessControlProxyAPI) UpdateRuleSet(ctx context.Context, request UpdateRuleSetRequest) (*RuleSetResponse, error)

Update a rule set.

Replace the rules of a rule set. First, use a GET rule set request to read the current version of the rule set before modifying it. This pattern helps prevent conflicts between concurrent updates.

func (*AccountAccessControlProxyAPI) WithImpl added in v0.10.0 

func (a *AccountAccessControlProxyAPI) WithImpl(impl AccountAccessControlProxyService) AccountAccessControlProxyInterface

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks. Deprecated: use MockAccountAccessControlProxyInterface instead.

type AccountAccessControlProxyInterface added in v0.29.0 

type AccountAccessControlProxyInterface interface {
	// WithImpl could be used to override low-level API implementations for unit
	// testing purposes with [github.com/golang/mock] or other mocking frameworks.
	// Deprecated: use MockAccountAccessControlProxyInterface instead.
	WithImpl(impl AccountAccessControlProxyService) AccountAccessControlProxyInterface

	// Impl returns low-level AccountAccessControlProxy API implementation
	// Deprecated: use MockAccountAccessControlProxyInterface instead.
	Impl() AccountAccessControlProxyService

	// Get assignable roles for a resource.
	//
	// Gets all the roles that can be granted on an account-level resource. A role
	// is grantable if the rule set on the resource can contain an access rule of
	// the role.
	GetAssignableRolesForResource(ctx context.Context, request GetAssignableRolesForResourceRequest) (*GetAssignableRolesForResourceResponse, error)

	// Get a rule set.
	//
	// Get a rule set by its name. A rule set is always attached to a resource and
	// contains a list of access rules on the said resource. Currently only a
	// default rule set for each resource is supported.
	GetRuleSet(ctx context.Context, request GetRuleSetRequest) (*RuleSetResponse, error)

	// Update a rule set.
	//
	// Replace the rules of a rule set. First, use a GET rule set request to read
	// the current version of the rule set before modifying it. This pattern helps
	// prevent conflicts between concurrent updates.
	UpdateRuleSet(ctx context.Context, request UpdateRuleSetRequest) (*RuleSetResponse, error)
}

type AccountAccessControlProxyService added in v0.10.0 

type AccountAccessControlProxyService interface {

	// Get assignable roles for a resource.
	//
	// Gets all the roles that can be granted on an account-level resource. A
	// role is grantable if the rule set on the resource can contain an access
	// rule of the role.
	GetAssignableRolesForResource(ctx context.Context, request GetAssignableRolesForResourceRequest) (*GetAssignableRolesForResourceResponse, error)

	// Get a rule set.
	//
	// Get a rule set by its name. A rule set is always attached to a resource
	// and contains a list of access rules on the said resource. Currently only
	// a default rule set for each resource is supported.
	GetRuleSet(ctx context.Context, request GetRuleSetRequest) (*RuleSetResponse, error)

	// Update a rule set.
	//
	// Replace the rules of a rule set. First, use a GET rule set request to
	// read the current version of the rule set before modifying it. This
	// pattern helps prevent conflicts between concurrent updates.
	UpdateRuleSet(ctx context.Context, request UpdateRuleSetRequest) (*RuleSetResponse, error)
}

These APIs manage access rules on resources in an account. Currently, only grant rules are supported. A grant rule specifies a role assigned to a set of principals. A list of rules attached to a resource is called a rule set. A workspace must belong to an account for these APIs to work.

type AccountAccessControlService added in v0.10.0 

type AccountAccessControlService interface {

	// Get assignable roles for a resource.
	//
	// Gets all the roles that can be granted on an account level resource. A
	// role is grantable if the rule set on the resource can contain an access
	// rule of the role.
	GetAssignableRolesForResource(ctx context.Context, request GetAssignableRolesForResourceRequest) (*GetAssignableRolesForResourceResponse, error)

	// Get a rule set.
	//
	// Get a rule set by its name. A rule set is always attached to a resource
	// and contains a list of access rules on the said resource. Currently only
	// a default rule set for each resource is supported.
	GetRuleSet(ctx context.Context, request GetRuleSetRequest) (*RuleSetResponse, error)

	// Update a rule set.
	//
	// Replace the rules of a rule set. First, use get to read the current
	// version of the rule set before modifying it. This pattern helps prevent
	// conflicts between concurrent updates.
	UpdateRuleSet(ctx context.Context, request UpdateRuleSetRequest) (*RuleSetResponse, error)
}

These APIs manage access rules on resources in an account. Currently, only grant rules are supported. A grant rule specifies a role assigned to a set of principals. A list of rules attached to a resource is called a rule set.

type AccountGroupsAPI 

type AccountGroupsAPI struct {
	// contains filtered or unexported fields
}

Groups simplify identity management, making it easier to assign access to Databricks account, data, and other securable objects.

It is best practice to assign access to workspaces and access-control policies in Unity Catalog to groups, instead of to users individually. All Databricks account identities can be assigned as members of groups, and members inherit permissions that are assigned to their group.

func NewAccountGroups 

func NewAccountGroups(client *client.DatabricksClient) *AccountGroupsAPI

func (*AccountGroupsAPI) Create 

func (a *AccountGroupsAPI) Create(ctx context.Context, request Group) (*Group, error)

Create a new group.

Creates a group in the Databricks account with a unique name, using the supplied group details.

func (*AccountGroupsAPI) Delete 

func (a *AccountGroupsAPI) Delete(ctx context.Context, request DeleteAccountGroupRequest) error

Delete a group.

Deletes a group from the Databricks account.

func (*AccountGroupsAPI) DeleteById 

func (a *AccountGroupsAPI) DeleteById(ctx context.Context, id string) error

Delete a group.

Deletes a group from the Databricks account.

func (*AccountGroupsAPI) Get 

func (a *AccountGroupsAPI) Get(ctx context.Context, request GetAccountGroupRequest) (*Group, error)

Get group details.

Gets the information for a specific group in the Databricks account.

func (*AccountGroupsAPI) GetByDisplayName 

func (a *AccountGroupsAPI) GetByDisplayName(ctx context.Context, name string) (*Group, error)

GetByDisplayName calls AccountGroupsAPI.GroupDisplayNameToIdMap and returns a single Group.

Returns an error if there's more than one Group with the same .DisplayName.

Note: All Group instances are loaded into memory before returning matching by name.

This method is generated by Databricks SDK Code Generator.

func (*AccountGroupsAPI) GetById 

func (a *AccountGroupsAPI) GetById(ctx context.Context, id string) (*Group, error)

Get group details.

Gets the information for a specific group in the Databricks account.

func (*AccountGroupsAPI) GroupDisplayNameToIdMap 

func (a *AccountGroupsAPI) GroupDisplayNameToIdMap(ctx context.Context, request ListAccountGroupsRequest) (map[string]string, error)

GroupDisplayNameToIdMap calls AccountGroupsAPI.ListAll and creates a map of results with Group.DisplayName as key and Group.Id as value.

Returns an error if there's more than one Group with the same .DisplayName.

Note: All Group instances are loaded into memory before creating a map.

This method is generated by Databricks SDK Code Generator.

func (*AccountGroupsAPI) Impl 

func (a *AccountGroupsAPI) Impl() AccountGroupsService

Impl returns low-level AccountGroups API implementation Deprecated: use MockAccountGroupsInterface instead.

func (*AccountGroupsAPI) List added in v0.24.0 

func (a *AccountGroupsAPI) List(ctx context.Context, request ListAccountGroupsRequest) listing.Iterator[Group]

List group details.

Gets all details of the groups associated with the Databricks account.

This method is generated by Databricks SDK Code Generator.

func (*AccountGroupsAPI) ListAll 

func (a *AccountGroupsAPI) ListAll(ctx context.Context, request ListAccountGroupsRequest) ([]Group, error)

List group details.

Gets all details of the groups associated with the Databricks account.

This method is generated by Databricks SDK Code Generator.

func (*AccountGroupsAPI) Patch 

func (a *AccountGroupsAPI) Patch(ctx context.Context, request PartialUpdate) error

Update group details.

Partially updates the details of a group.

func (*AccountGroupsAPI) Update 

func (a *AccountGroupsAPI) Update(ctx context.Context, request Group) error

Replace a group.

Updates the details of a group by replacing the entire group entity.

func (*AccountGroupsAPI) WithImpl 

func (a *AccountGroupsAPI) WithImpl(impl AccountGroupsService) AccountGroupsInterface

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks. Deprecated: use MockAccountGroupsInterface instead.

type AccountGroupsInterface added in v0.29.0 

type AccountGroupsInterface interface {
	// WithImpl could be used to override low-level API implementations for unit
	// testing purposes with [github.com/golang/mock] or other mocking frameworks.
	// Deprecated: use MockAccountGroupsInterface instead.
	WithImpl(impl AccountGroupsService) AccountGroupsInterface

	// Impl returns low-level AccountGroups API implementation
	// Deprecated: use MockAccountGroupsInterface instead.
	Impl() AccountGroupsService

	// Create a new group.
	//
	// Creates a group in the Databricks account with a unique name, using the
	// supplied group details.
	Create(ctx context.Context, request Group) (*Group, error)

	// Delete a group.
	//
	// Deletes a group from the Databricks account.
	Delete(ctx context.Context, request DeleteAccountGroupRequest) error

	// Delete a group.
	//
	// Deletes a group from the Databricks account.
	DeleteById(ctx context.Context, id string) error

	// Get group details.
	//
	// Gets the information for a specific group in the Databricks account.
	Get(ctx context.Context, request GetAccountGroupRequest) (*Group, error)

	// Get group details.
	//
	// Gets the information for a specific group in the Databricks account.
	GetById(ctx context.Context, id string) (*Group, error)

	// List group details.
	//
	// Gets all details of the groups associated with the Databricks account.
	//
	// This method is generated by Databricks SDK Code Generator.
	List(ctx context.Context, request ListAccountGroupsRequest) listing.Iterator[Group]

	// List group details.
	//
	// Gets all details of the groups associated with the Databricks account.
	//
	// This method is generated by Databricks SDK Code Generator.
	ListAll(ctx context.Context, request ListAccountGroupsRequest) ([]Group, error)

	// GroupDisplayNameToIdMap calls [AccountGroupsAPI.ListAll] and creates a map of results with [Group].DisplayName as key and [Group].Id as value.
	//
	// Returns an error if there's more than one [Group] with the same .DisplayName.
	//
	// Note: All [Group] instances are loaded into memory before creating a map.
	//
	// This method is generated by Databricks SDK Code Generator.
	GroupDisplayNameToIdMap(ctx context.Context, request ListAccountGroupsRequest) (map[string]string, error)

	// GetByDisplayName calls [AccountGroupsAPI.GroupDisplayNameToIdMap] and returns a single [Group].
	//
	// Returns an error if there's more than one [Group] with the same .DisplayName.
	//
	// Note: All [Group] instances are loaded into memory before returning matching by name.
	//
	// This method is generated by Databricks SDK Code Generator.
	GetByDisplayName(ctx context.Context, name string) (*Group, error)

	// Update group details.
	//
	// Partially updates the details of a group.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace a group.
	//
	// Updates the details of a group by replacing the entire group entity.
	Update(ctx context.Context, request Group) error
}

type AccountGroupsService 

type AccountGroupsService interface {

	// Create a new group.
	//
	// Creates a group in the Databricks account with a unique name, using the
	// supplied group details.
	Create(ctx context.Context, request Group) (*Group, error)

	// Delete a group.
	//
	// Deletes a group from the Databricks account.
	Delete(ctx context.Context, request DeleteAccountGroupRequest) error

	// Get group details.
	//
	// Gets the information for a specific group in the Databricks account.
	Get(ctx context.Context, request GetAccountGroupRequest) (*Group, error)

	// List group details.
	//
	// Gets all details of the groups associated with the Databricks account.
	//
	// Use ListAll() to get all Group instances, which will iterate over every result page.
	List(ctx context.Context, request ListAccountGroupsRequest) (*ListGroupsResponse, error)

	// Update group details.
	//
	// Partially updates the details of a group.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace a group.
	//
	// Updates the details of a group by replacing the entire group entity.
	Update(ctx context.Context, request Group) error
}

Groups simplify identity management, making it easier to assign access to Databricks account, data, and other securable objects.

It is best practice to assign access to workspaces and access-control policies in Unity Catalog to groups, instead of to users individually. All Databricks account identities can be assigned as members of groups, and members inherit permissions that are assigned to their group.

type AccountServicePrincipalsAPI 

type AccountServicePrincipalsAPI struct {
	// contains filtered or unexported fields
}

Identities for use with jobs, automated tools, and systems such as scripts, apps, and CI/CD platforms. Databricks recommends creating service principals to run production jobs or modify production data. If all processes that act on production data run with service principals, interactive users do not need any write, delete, or modify privileges in production. This eliminates the risk of a user overwriting production data by accident.

func NewAccountServicePrincipals 

func NewAccountServicePrincipals(client *client.DatabricksClient) *AccountServicePrincipalsAPI

func (*AccountServicePrincipalsAPI) Create 

func (a *AccountServicePrincipalsAPI) Create(ctx context.Context, request ServicePrincipal) (*ServicePrincipal, error)

Create a service principal.

Creates a new service principal in the Databricks account.

func (*AccountServicePrincipalsAPI) Delete 

func (a *AccountServicePrincipalsAPI) Delete(ctx context.Context, request DeleteAccountServicePrincipalRequest) error

Delete a service principal.

Delete a single service principal in the Databricks account.

func (*AccountServicePrincipalsAPI) DeleteById 

func (a *AccountServicePrincipalsAPI) DeleteById(ctx context.Context, id string) error

Delete a service principal.

Delete a single service principal in the Databricks account.

func (*AccountServicePrincipalsAPI) Get 

func (a *AccountServicePrincipalsAPI) Get(ctx context.Context, request GetAccountServicePrincipalRequest) (*ServicePrincipal, error)

Get service principal details.

Gets the details for a single service principal define in the Databricks account.

func (*AccountServicePrincipalsAPI) GetByDisplayName 

func (a *AccountServicePrincipalsAPI) GetByDisplayName(ctx context.Context, name string) (*ServicePrincipal, error)

GetByDisplayName calls AccountServicePrincipalsAPI.ServicePrincipalDisplayNameToIdMap and returns a single ServicePrincipal.

Returns an error if there's more than one ServicePrincipal with the same .DisplayName.

Note: All ServicePrincipal instances are loaded into memory before returning matching by name.

This method is generated by Databricks SDK Code Generator.

func (*AccountServicePrincipalsAPI) GetById 

func (a *AccountServicePrincipalsAPI) GetById(ctx context.Context, id string) (*ServicePrincipal, error)

Get service principal details.

Gets the details for a single service principal define in the Databricks account.

func (*AccountServicePrincipalsAPI) Impl 

func (a *AccountServicePrincipalsAPI) Impl() AccountServicePrincipalsService

Impl returns low-level AccountServicePrincipals API implementation Deprecated: use MockAccountServicePrincipalsInterface instead.

func (*AccountServicePrincipalsAPI) List added in v0.24.0 

func (a *AccountServicePrincipalsAPI) List(ctx context.Context, request ListAccountServicePrincipalsRequest) listing.Iterator[ServicePrincipal]

List service principals.

Gets the set of service principals associated with a Databricks account.

This method is generated by Databricks SDK Code Generator.

func (*AccountServicePrincipalsAPI) ListAll 

func (a *AccountServicePrincipalsAPI) ListAll(ctx context.Context, request ListAccountServicePrincipalsRequest) ([]ServicePrincipal, error)

List service principals.

Gets the set of service principals associated with a Databricks account.

This method is generated by Databricks SDK Code Generator.

func (*AccountServicePrincipalsAPI) Patch 

func (a *AccountServicePrincipalsAPI) Patch(ctx context.Context, request PartialUpdate) error

Update service principal details.

Partially updates the details of a single service principal in the Databricks account.

func (*AccountServicePrincipalsAPI) ServicePrincipalDisplayNameToIdMap 

func (a *AccountServicePrincipalsAPI) ServicePrincipalDisplayNameToIdMap(ctx context.Context, request ListAccountServicePrincipalsRequest) (map[string]string, error)

ServicePrincipalDisplayNameToIdMap calls AccountServicePrincipalsAPI.ListAll and creates a map of results with ServicePrincipal.DisplayName as key and ServicePrincipal.Id as value.

Returns an error if there's more than one ServicePrincipal with the same .DisplayName.

Note: All ServicePrincipal instances are loaded into memory before creating a map.

This method is generated by Databricks SDK Code Generator.

func (*AccountServicePrincipalsAPI) Update 

func (a *AccountServicePrincipalsAPI) Update(ctx context.Context, request ServicePrincipal) error

Replace service principal.

Updates the details of a single service principal.

This action replaces the existing service principal with the same name.

func (*AccountServicePrincipalsAPI) WithImpl 

func (a *AccountServicePrincipalsAPI) WithImpl(impl AccountServicePrincipalsService) AccountServicePrincipalsInterface

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks. Deprecated: use MockAccountServicePrincipalsInterface instead.

type AccountServicePrincipalsInterface added in v0.29.0 

type AccountServicePrincipalsInterface interface {
	// WithImpl could be used to override low-level API implementations for unit
	// testing purposes with [github.com/golang/mock] or other mocking frameworks.
	// Deprecated: use MockAccountServicePrincipalsInterface instead.
	WithImpl(impl AccountServicePrincipalsService) AccountServicePrincipalsInterface

	// Impl returns low-level AccountServicePrincipals API implementation
	// Deprecated: use MockAccountServicePrincipalsInterface instead.
	Impl() AccountServicePrincipalsService

	// Create a service principal.
	//
	// Creates a new service principal in the Databricks account.
	Create(ctx context.Context, request ServicePrincipal) (*ServicePrincipal, error)

	// Delete a service principal.
	//
	// Delete a single service principal in the Databricks account.
	Delete(ctx context.Context, request DeleteAccountServicePrincipalRequest) error

	// Delete a service principal.
	//
	// Delete a single service principal in the Databricks account.
	DeleteById(ctx context.Context, id string) error

	// Get service principal details.
	//
	// Gets the details for a single service principal define in the Databricks
	// account.
	Get(ctx context.Context, request GetAccountServicePrincipalRequest) (*ServicePrincipal, error)

	// Get service principal details.
	//
	// Gets the details for a single service principal define in the Databricks
	// account.
	GetById(ctx context.Context, id string) (*ServicePrincipal, error)

	// List service principals.
	//
	// Gets the set of service principals associated with a Databricks account.
	//
	// This method is generated by Databricks SDK Code Generator.
	List(ctx context.Context, request ListAccountServicePrincipalsRequest) listing.Iterator[ServicePrincipal]

	// List service principals.
	//
	// Gets the set of service principals associated with a Databricks account.
	//
	// This method is generated by Databricks SDK Code Generator.
	ListAll(ctx context.Context, request ListAccountServicePrincipalsRequest) ([]ServicePrincipal, error)

	// ServicePrincipalDisplayNameToIdMap calls [AccountServicePrincipalsAPI.ListAll] and creates a map of results with [ServicePrincipal].DisplayName as key and [ServicePrincipal].Id as value.
	//
	// Returns an error if there's more than one [ServicePrincipal] with the same .DisplayName.
	//
	// Note: All [ServicePrincipal] instances are loaded into memory before creating a map.
	//
	// This method is generated by Databricks SDK Code Generator.
	ServicePrincipalDisplayNameToIdMap(ctx context.Context, request ListAccountServicePrincipalsRequest) (map[string]string, error)

	// GetByDisplayName calls [AccountServicePrincipalsAPI.ServicePrincipalDisplayNameToIdMap] and returns a single [ServicePrincipal].
	//
	// Returns an error if there's more than one [ServicePrincipal] with the same .DisplayName.
	//
	// Note: All [ServicePrincipal] instances are loaded into memory before returning matching by name.
	//
	// This method is generated by Databricks SDK Code Generator.
	GetByDisplayName(ctx context.Context, name string) (*ServicePrincipal, error)

	// Update service principal details.
	//
	// Partially updates the details of a single service principal in the Databricks
	// account.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace service principal.
	//
	// Updates the details of a single service principal.
	//
	// This action replaces the existing service principal with the same name.
	Update(ctx context.Context, request ServicePrincipal) error
}

type AccountServicePrincipalsService 

type AccountServicePrincipalsService interface {

	// Create a service principal.
	//
	// Creates a new service principal in the Databricks account.
	Create(ctx context.Context, request ServicePrincipal) (*ServicePrincipal, error)

	// Delete a service principal.
	//
	// Delete a single service principal in the Databricks account.
	Delete(ctx context.Context, request DeleteAccountServicePrincipalRequest) error

	// Get service principal details.
	//
	// Gets the details for a single service principal define in the Databricks
	// account.
	Get(ctx context.Context, request GetAccountServicePrincipalRequest) (*ServicePrincipal, error)

	// List service principals.
	//
	// Gets the set of service principals associated with a Databricks account.
	//
	// Use ListAll() to get all ServicePrincipal instances, which will iterate over every result page.
	List(ctx context.Context, request ListAccountServicePrincipalsRequest) (*ListServicePrincipalResponse, error)

	// Update service principal details.
	//
	// Partially updates the details of a single service principal in the
	// Databricks account.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace service principal.
	//
	// Updates the details of a single service principal.
	//
	// This action replaces the existing service principal with the same name.
	Update(ctx context.Context, request ServicePrincipal) error
}

Identities for use with jobs, automated tools, and systems such as scripts, apps, and CI/CD platforms. Databricks recommends creating service principals to run production jobs or modify production data. If all processes that act on production data run with service principals, interactive users do not need any write, delete, or modify privileges in production. This eliminates the risk of a user overwriting production data by accident.

type AccountUsersAPI 

type AccountUsersAPI struct {
	// contains filtered or unexported fields
}

User identities recognized by Databricks and represented by email addresses.

Databricks recommends using SCIM provisioning to sync users and groups automatically from your identity provider to your Databricks account. SCIM streamlines onboarding a new employee or team by using your identity provider to create users and groups in Databricks account and give them the proper level of access. When a user leaves your organization or no longer needs access to Databricks account, admins can terminate the user in your identity provider and that user’s account will also be removed from Databricks account. This ensures a consistent offboarding process and prevents unauthorized users from accessing sensitive data.

func NewAccountUsers 

func NewAccountUsers(client *client.DatabricksClient) *AccountUsersAPI

func (*AccountUsersAPI) Create 

func (a *AccountUsersAPI) Create(ctx context.Context, request User) (*User, error)

Create a new user.

Creates a new user in the Databricks account. This new user will also be added to the Databricks account.

func (*AccountUsersAPI) Delete 

func (a *AccountUsersAPI) Delete(ctx context.Context, request DeleteAccountUserRequest) error

Delete a user.

Deletes a user. Deleting a user from a Databricks account also removes objects associated with the user.

func (*AccountUsersAPI) DeleteById 

func (a *AccountUsersAPI) DeleteById(ctx context.Context, id string) error

Delete a user.

Deletes a user. Deleting a user from a Databricks account also removes objects associated with the user.

func (*AccountUsersAPI) Get 

func (a *AccountUsersAPI) Get(ctx context.Context, request GetAccountUserRequest) (*User, error)

Get user details.

Gets information for a specific user in Databricks account.

func (*AccountUsersAPI) GetById 

func (a *AccountUsersAPI) GetById(ctx context.Context, id string) (*User, error)

Get user details.

Gets information for a specific user in Databricks account.

func (*AccountUsersAPI) GetByUserName 

func (a *AccountUsersAPI) GetByUserName(ctx context.Context, name string) (*User, error)

GetByUserName calls AccountUsersAPI.UserUserNameToIdMap and returns a single User.

Returns an error if there's more than one User with the same .UserName.

Note: All User instances are loaded into memory before returning matching by name.

This method is generated by Databricks SDK Code Generator.

func (*AccountUsersAPI) Impl 

func (a *AccountUsersAPI) Impl() AccountUsersService

Impl returns low-level AccountUsers API implementation Deprecated: use MockAccountUsersInterface instead.

func (*AccountUsersAPI) List added in v0.24.0 

func (a *AccountUsersAPI) List(ctx context.Context, request ListAccountUsersRequest) listing.Iterator[User]

List users.

Gets details for all the users associated with a Databricks account.

This method is generated by Databricks SDK Code Generator.

func (*AccountUsersAPI) ListAll 

func (a *AccountUsersAPI) ListAll(ctx context.Context, request ListAccountUsersRequest) ([]User, error)

List users.

Gets details for all the users associated with a Databricks account.

This method is generated by Databricks SDK Code Generator.

func (*AccountUsersAPI) Patch 

func (a *AccountUsersAPI) Patch(ctx context.Context, request PartialUpdate) error

Update user details.

Partially updates a user resource by applying the supplied operations on specific user attributes.

func (*AccountUsersAPI) Update 

func (a *AccountUsersAPI) Update(ctx context.Context, request User) error

Replace a user.

Replaces a user's information with the data supplied in request.

func (*AccountUsersAPI) UserUserNameToIdMap 

func (a *AccountUsersAPI) UserUserNameToIdMap(ctx context.Context, request ListAccountUsersRequest) (map[string]string, error)

UserUserNameToIdMap calls AccountUsersAPI.ListAll and creates a map of results with User.UserName as key and User.Id as value.

Returns an error if there's more than one User with the same .UserName.

Note: All User instances are loaded into memory before creating a map.

This method is generated by Databricks SDK Code Generator.

func (*AccountUsersAPI) WithImpl 

func (a *AccountUsersAPI) WithImpl(impl AccountUsersService) AccountUsersInterface

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks. Deprecated: use MockAccountUsersInterface instead.

type AccountUsersInterface added in v0.29.0 

type AccountUsersInterface interface {
	// WithImpl could be used to override low-level API implementations for unit
	// testing purposes with [github.com/golang/mock] or other mocking frameworks.
	// Deprecated: use MockAccountUsersInterface instead.
	WithImpl(impl AccountUsersService) AccountUsersInterface

	// Impl returns low-level AccountUsers API implementation
	// Deprecated: use MockAccountUsersInterface instead.
	Impl() AccountUsersService

	// Create a new user.
	//
	// Creates a new user in the Databricks account. This new user will also be
	// added to the Databricks account.
	Create(ctx context.Context, request User) (*User, error)

	// Delete a user.
	//
	// Deletes a user. Deleting a user from a Databricks account also removes
	// objects associated with the user.
	Delete(ctx context.Context, request DeleteAccountUserRequest) error

	// Delete a user.
	//
	// Deletes a user. Deleting a user from a Databricks account also removes
	// objects associated with the user.
	DeleteById(ctx context.Context, id string) error

	// Get user details.
	//
	// Gets information for a specific user in Databricks account.
	Get(ctx context.Context, request GetAccountUserRequest) (*User, error)

	// Get user details.
	//
	// Gets information for a specific user in Databricks account.
	GetById(ctx context.Context, id string) (*User, error)

	// List users.
	//
	// Gets details for all the users associated with a Databricks account.
	//
	// This method is generated by Databricks SDK Code Generator.
	List(ctx context.Context, request ListAccountUsersRequest) listing.Iterator[User]

	// List users.
	//
	// Gets details for all the users associated with a Databricks account.
	//
	// This method is generated by Databricks SDK Code Generator.
	ListAll(ctx context.Context, request ListAccountUsersRequest) ([]User, error)

	// UserUserNameToIdMap calls [AccountUsersAPI.ListAll] and creates a map of results with [User].UserName as key and [User].Id as value.
	//
	// Returns an error if there's more than one [User] with the same .UserName.
	//
	// Note: All [User] instances are loaded into memory before creating a map.
	//
	// This method is generated by Databricks SDK Code Generator.
	UserUserNameToIdMap(ctx context.Context, request ListAccountUsersRequest) (map[string]string, error)

	// GetByUserName calls [AccountUsersAPI.UserUserNameToIdMap] and returns a single [User].
	//
	// Returns an error if there's more than one [User] with the same .UserName.
	//
	// Note: All [User] instances are loaded into memory before returning matching by name.
	//
	// This method is generated by Databricks SDK Code Generator.
	GetByUserName(ctx context.Context, name string) (*User, error)

	// Update user details.
	//
	// Partially updates a user resource by applying the supplied operations on
	// specific user attributes.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace a user.
	//
	// Replaces a user's information with the data supplied in request.
	Update(ctx context.Context, request User) error
}

type AccountUsersService 

type AccountUsersService interface {

	// Create a new user.
	//
	// Creates a new user in the Databricks account. This new user will also be
	// added to the Databricks account.
	Create(ctx context.Context, request User) (*User, error)

	// Delete a user.
	//
	// Deletes a user. Deleting a user from a Databricks account also removes
	// objects associated with the user.
	Delete(ctx context.Context, request DeleteAccountUserRequest) error

	// Get user details.
	//
	// Gets information for a specific user in Databricks account.
	Get(ctx context.Context, request GetAccountUserRequest) (*User, error)

	// List users.
	//
	// Gets details for all the users associated with a Databricks account.
	//
	// Use ListAll() to get all User instances, which will iterate over every result page.
	List(ctx context.Context, request ListAccountUsersRequest) (*ListUsersResponse, error)

	// Update user details.
	//
	// Partially updates a user resource by applying the supplied operations on
	// specific user attributes.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace a user.
	//
	// Replaces a user's information with the data supplied in request.
	Update(ctx context.Context, request User) error
}

User identities recognized by Databricks and represented by email addresses.

Databricks recommends using SCIM provisioning to sync users and groups automatically from your identity provider to your Databricks account. SCIM streamlines onboarding a new employee or team by using your identity provider to create users and groups in Databricks account and give them the proper level of access. When a user leaves your organization or no longer needs access to Databricks account, admins can terminate the user in your identity provider and that user’s account will also be removed from Databricks account. This ensures a consistent offboarding process and prevents unauthorized users from accessing sensitive data.

type ComplexValue 

type ComplexValue struct {
	Display string `json:"display,omitempty"`

	Primary bool `json:"primary,omitempty"`

	Ref string `json:"$ref,omitempty"`

	Type string `json:"type,omitempty"`

	Value string `json:"value,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (ComplexValue) MarshalJSON added in v0.23.0 

func (s ComplexValue) MarshalJSON() ([]byte, error)

func (*ComplexValue) UnmarshalJSON added in v0.23.0 

func (s *ComplexValue) UnmarshalJSON(b []byte) error

type CurrentUserAPI 

type CurrentUserAPI struct {
	// contains filtered or unexported fields
}

This API allows retrieving information about currently authenticated user or service principal.

func NewCurrentUser 

func NewCurrentUser(client *client.DatabricksClient) *CurrentUserAPI

func (*CurrentUserAPI) Impl 

func (a *CurrentUserAPI) Impl() CurrentUserService

Impl returns low-level CurrentUser API implementation Deprecated: use MockCurrentUserInterface instead.

func (*CurrentUserAPI) Me 

func (a *CurrentUserAPI) Me(ctx context.Context) (*User, error)

Get current user info.

Get details about the current method caller's identity.

Example (CurrentUser) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

me, err := w.CurrentUser.Me(ctx)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", me)

Output:
Example (Tokens) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

me2, err := w.CurrentUser.Me(ctx)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", me2)

Output:

func (*CurrentUserAPI) WithImpl 

func (a *CurrentUserAPI) WithImpl(impl CurrentUserService) CurrentUserInterface

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks. Deprecated: use MockCurrentUserInterface instead.

type CurrentUserInterface added in v0.29.0 

type CurrentUserInterface interface {
	// WithImpl could be used to override low-level API implementations for unit
	// testing purposes with [github.com/golang/mock] or other mocking frameworks.
	// Deprecated: use MockCurrentUserInterface instead.
	WithImpl(impl CurrentUserService) CurrentUserInterface

	// Impl returns low-level CurrentUser API implementation
	// Deprecated: use MockCurrentUserInterface instead.
	Impl() CurrentUserService

	// Get current user info.
	//
	// Get details about the current method caller's identity.
	Me(ctx context.Context) (*User, error)
}

type CurrentUserService 

type CurrentUserService interface {

	// Get current user info.
	//
	// Get details about the current method caller's identity.
	Me(ctx context.Context) (*User, error)
}

This API allows retrieving information about currently authenticated user or service principal.

type DeleteAccountGroupRequest 

type DeleteAccountGroupRequest struct {
	// Unique ID for a group in the Databricks account.
	Id string `json:"-" url:"-"`
}

Delete a group

type DeleteAccountServicePrincipalRequest 

type DeleteAccountServicePrincipalRequest struct {
	// Unique ID for a service principal in the Databricks account.
	Id string `json:"-" url:"-"`
}

Delete a service principal

type DeleteAccountUserRequest 

type DeleteAccountUserRequest struct {
	// Unique ID for a user in the Databricks account.
	Id string `json:"-" url:"-"`
}

Delete a user

type DeleteGroupRequest 

type DeleteGroupRequest struct {
	// Unique ID for a group in the Databricks workspace.
	Id string `json:"-" url:"-"`
}

Delete a group

type DeleteResponse added in v0.34.0 

type DeleteResponse struct {
}

type DeleteServicePrincipalRequest 

type DeleteServicePrincipalRequest struct {
	// Unique ID for a service principal in the Databricks workspace.
	Id string `json:"-" url:"-"`
}

Delete a service principal

type DeleteUserRequest 

type DeleteUserRequest struct {
	// Unique ID for a user in the Databricks workspace.
	Id string `json:"-" url:"-"`
}

Delete a user

type DeleteWorkspaceAssignmentRequest 

type DeleteWorkspaceAssignmentRequest struct {
	// The ID of the user, service principal, or group.
	PrincipalId int64 `json:"-" url:"-"`
	// The workspace ID.
	WorkspaceId int64 `json:"-" url:"-"`
}

Delete permissions assignment

type DeleteWorkspaceAssignments added in v0.34.0 

type DeleteWorkspaceAssignments struct {
}

type GetAccountGroupRequest 

type GetAccountGroupRequest struct {
	// Unique ID for a group in the Databricks account.
	Id string `json:"-" url:"-"`
}

Get group details

type GetAccountServicePrincipalRequest 

type GetAccountServicePrincipalRequest struct {
	// Unique ID for a service principal in the Databricks account.
	Id string `json:"-" url:"-"`
}

Get service principal details

type GetAccountUserRequest 

type GetAccountUserRequest struct {
	// Comma-separated list of attributes to return in response.
	Attributes string `json:"-" url:"attributes,omitempty"`
	// Desired number of results per page. Default is 10000.
	Count int `json:"-" url:"count,omitempty"`
	// Comma-separated list of attributes to exclude in response.
	ExcludedAttributes string `json:"-" url:"excludedAttributes,omitempty"`
	// Query by which the results have to be filtered. Supported operators are
	// equals(`eq`), contains(`co`), starts with(`sw`) and not equals(`ne`).
	// Additionally, simple expressions can be formed using logical operators -
	// `and` and `or`. The [SCIM RFC] has more details but we currently only
	// support simple expressions.
	//
	// [SCIM RFC]: https://tools.ietf.org/html/rfc7644#section-3.4.2.2
	Filter string `json:"-" url:"filter,omitempty"`
	// Unique ID for a user in the Databricks account.
	Id string `json:"-" url:"-"`
	// Attribute to sort the results. Multi-part paths are supported. For
	// example, `userName`, `name.givenName`, and `emails`.
	SortBy string `json:"-" url:"sortBy,omitempty"`
	// The order to sort the results.
	SortOrder GetSortOrder `json:"-" url:"sortOrder,omitempty"`
	// Specifies the index of the first result. First item is number 1.
	StartIndex int `json:"-" url:"startIndex,omitempty"`

	ForceSendFields []string `json:"-"`
}

Get user details

func (GetAccountUserRequest) MarshalJSON added in v0.24.0 

func (s GetAccountUserRequest) MarshalJSON() ([]byte, error)

func (*GetAccountUserRequest) UnmarshalJSON added in v0.24.0 

func (s *GetAccountUserRequest) UnmarshalJSON(b []byte) error

type GetAssignableRolesForResourceRequest added in v0.10.0 

type GetAssignableRolesForResourceRequest struct {
	// The resource name for which assignable roles will be listed.
	Resource string `json:"-" url:"resource"`
}

Get assignable roles for a resource

type GetAssignableRolesForResourceResponse added in v0.10.0 

type GetAssignableRolesForResourceResponse struct {
	Roles []Role `json:"roles,omitempty"`
}

type GetGroupRequest 

type GetGroupRequest struct {
	// Unique ID for a group in the Databricks workspace.
	Id string `json:"-" url:"-"`
}

Get group details

type GetPasswordPermissionLevelsResponse added in v0.15.0 

type GetPasswordPermissionLevelsResponse struct {
	// Specific permission levels
	PermissionLevels []PasswordPermissionsDescription `json:"permission_levels,omitempty"`
}

type GetPermissionLevelsRequest 

type GetPermissionLevelsRequest struct {
	// <needs content>
	RequestObjectId string `json:"-" url:"-"`
	// <needs content>
	RequestObjectType string `json:"-" url:"-"`
}

Get object permission levels

type GetPermissionLevelsResponse 

type GetPermissionLevelsResponse struct {
	// Specific permission levels
	PermissionLevels []PermissionsDescription `json:"permission_levels,omitempty"`
}

type GetPermissionRequest 

type GetPermissionRequest struct {
	// The id of the request object.
	RequestObjectId string `json:"-" url:"-"`
	// The type of the request object. Can be one of the following:
	// authorization, clusters, cluster-policies, directories, experiments,
	// files, instance-pools, jobs, notebooks, pipelines, registered-models,
	// repos, serving-endpoints, or warehouses.
	RequestObjectType string `json:"-" url:"-"`
}

Get object permissions

type GetRuleSetRequest added in v0.10.0 

type GetRuleSetRequest struct {
	// Etag used for versioning. The response is at least as fresh as the eTag
	// provided. Etag is used for optimistic concurrency control as a way to
	// help prevent simultaneous updates of a rule set from overwriting each
	// other. It is strongly suggested that systems make use of the etag in the
	// read -> modify -> write pattern to perform rule set updates in order to
	// avoid race conditions that is get an etag from a GET rule set request,
	// and pass it with the PUT update request to identify the rule set version
	// you are updating.
	Etag string `json:"-" url:"etag"`
	// The ruleset name associated with the request.
	Name string `json:"-" url:"name"`
}

Get a rule set

type GetServicePrincipalRequest 

type GetServicePrincipalRequest struct {
	// Unique ID for a service principal in the Databricks workspace.
	Id string `json:"-" url:"-"`
}

Get service principal details

type GetSortOrder added in v0.24.0 

type GetSortOrder string
const GetSortOrderAscending GetSortOrder = `ascending`
const GetSortOrderDescending GetSortOrder = `descending`

func (*GetSortOrder) Set added in v0.24.0 

func (f *GetSortOrder) Set(v string) error

Set raw string value and validate it against allowed values

func (*GetSortOrder) String added in v0.24.0 

func (f *GetSortOrder) String() string

String representation for fmt.Print

func (*GetSortOrder) Type added in v0.24.0 

func (f *GetSortOrder) Type() string

Type always returns GetSortOrder to satisfy [pflag.Value] interface

type GetUserRequest 

type GetUserRequest struct {
	// Comma-separated list of attributes to return in response.
	Attributes string `json:"-" url:"attributes,omitempty"`
	// Desired number of results per page.
	Count int `json:"-" url:"count,omitempty"`
	// Comma-separated list of attributes to exclude in response.
	ExcludedAttributes string `json:"-" url:"excludedAttributes,omitempty"`
	// Query by which the results have to be filtered. Supported operators are
	// equals(`eq`), contains(`co`), starts with(`sw`) and not equals(`ne`).
	// Additionally, simple expressions can be formed using logical operators -
	// `and` and `or`. The [SCIM RFC] has more details but we currently only
	// support simple expressions.
	//
	// [SCIM RFC]: https://tools.ietf.org/html/rfc7644#section-3.4.2.2
	Filter string `json:"-" url:"filter,omitempty"`
	// Unique ID for a user in the Databricks workspace.
	Id string `json:"-" url:"-"`
	// Attribute to sort the results. Multi-part paths are supported. For
	// example, `userName`, `name.givenName`, and `emails`.
	SortBy string `json:"-" url:"sortBy,omitempty"`
	// The order to sort the results.
	SortOrder GetSortOrder `json:"-" url:"sortOrder,omitempty"`
	// Specifies the index of the first result. First item is number 1.
	StartIndex int `json:"-" url:"startIndex,omitempty"`

	ForceSendFields []string `json:"-"`
}

Get user details

func (GetUserRequest) MarshalJSON added in v0.24.0 

func (s GetUserRequest) MarshalJSON() ([]byte, error)

func (*GetUserRequest) UnmarshalJSON added in v0.24.0 

func (s *GetUserRequest) UnmarshalJSON(b []byte) error

type GetWorkspaceAssignmentRequest 

type GetWorkspaceAssignmentRequest struct {
	// The workspace ID.
	WorkspaceId int64 `json:"-" url:"-"`
}

List workspace permissions

type GrantRule added in v0.10.0 

type GrantRule struct {
	// Principals this grant rule applies to.
	Principals []string `json:"principals,omitempty"`
	// Role that is assigned to the list of principals.
	Role string `json:"role"`
}

type Group 

type Group struct {
	// String that represents a human-readable group name
	DisplayName string `json:"displayName,omitempty"`
	// Entitlements assigned to the group. See [assigning entitlements] for a
	// full list of supported values.
	//
	// [assigning entitlements]: https://docs.databricks.com/administration-guide/users-groups/index.html#assigning-entitlements
	Entitlements []ComplexValue `json:"entitlements,omitempty"`

	ExternalId string `json:"externalId,omitempty"`

	Groups []ComplexValue `json:"groups,omitempty"`
	// Databricks group ID
	Id string `json:"id,omitempty"`

	Members []ComplexValue `json:"members,omitempty"`
	// Container for the group identifier. Workspace local versus account.
	Meta *ResourceMeta `json:"meta,omitempty"`
	// Corresponds to AWS instance profile/arn role.
	Roles []ComplexValue `json:"roles,omitempty"`
	// The schema of the group.
	Schemas []GroupSchema `json:"schemas,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (Group) MarshalJSON added in v0.23.0 

func (s Group) MarshalJSON() ([]byte, error)

func (*Group) UnmarshalJSON added in v0.23.0 

func (s *Group) UnmarshalJSON(b []byte) error

type GroupSchema added in v0.24.0 

type GroupSchema string
const GroupSchemaUrnIetfParamsScimSchemasCore20Group GroupSchema = `urn:ietf:params:scim:schemas:core:2.0:Group`

func (*GroupSchema) Set added in v0.24.0 

func (f *GroupSchema) Set(v string) error

Set raw string value and validate it against allowed values

func (*GroupSchema) String added in v0.24.0 

func (f *GroupSchema) String() string

String representation for fmt.Print

func (*GroupSchema) Type added in v0.24.0 

func (f *GroupSchema) Type() string

Type always returns GroupSchema to satisfy [pflag.Value] interface

type GroupsAPI 

type GroupsAPI struct {
	// contains filtered or unexported fields
}

Groups simplify identity management, making it easier to assign access to Databricks workspace, data, and other securable objects.

It is best practice to assign access to workspaces and access-control policies in Unity Catalog to groups, instead of to users individually. All Databricks workspace identities can be assigned as members of groups, and members inherit permissions that are assigned to their group.

func NewGroups 

func NewGroups(client *client.DatabricksClient) *GroupsAPI

func (*GroupsAPI) Create 

func (a *GroupsAPI) Create(ctx context.Context, request Group) (*Group, error)

Create a new group.

Creates a group in the Databricks workspace with a unique name, using the supplied group details.

Example (GenericPermissions) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

// cleanup

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:
Example (Groups) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

// cleanup

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:
Example (Secrets) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

// cleanup

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:

func (*GroupsAPI) Delete 

func (a *GroupsAPI) Delete(ctx context.Context, request DeleteGroupRequest) error

Delete a group.

Deletes a group from the Databricks workspace.

Example (GenericPermissions) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:
Example (Groups) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

// cleanup

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:
Example (Secrets) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:

func (*GroupsAPI) DeleteById 

func (a *GroupsAPI) DeleteById(ctx context.Context, id string) error

Delete a group.

Deletes a group from the Databricks workspace.

func (*GroupsAPI) Get 

func (a *GroupsAPI) Get(ctx context.Context, request GetGroupRequest) (*Group, error)

Get group details.

Gets the information for a specific group in the Databricks workspace.

Example (Groups) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

fetch, err := w.Groups.GetById(ctx, group.Id)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", fetch)

// cleanup

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:

func (*GroupsAPI) GetByDisplayName 

func (a *GroupsAPI) GetByDisplayName(ctx context.Context, name string) (*Group, error)

GetByDisplayName calls GroupsAPI.GroupDisplayNameToIdMap and returns a single Group.

Returns an error if there's more than one Group with the same .DisplayName.

Note: All Group instances are loaded into memory before returning matching by name.

This method is generated by Databricks SDK Code Generator.

func (*GroupsAPI) GetById 

func (a *GroupsAPI) GetById(ctx context.Context, id string) (*Group, error)

Get group details.

Gets the information for a specific group in the Databricks workspace.

func (*GroupsAPI) GroupDisplayNameToIdMap 

func (a *GroupsAPI) GroupDisplayNameToIdMap(ctx context.Context, request ListGroupsRequest) (map[string]string, error)

GroupDisplayNameToIdMap calls GroupsAPI.ListAll and creates a map of results with Group.DisplayName as key and Group.Id as value.

Returns an error if there's more than one Group with the same .DisplayName.

Note: All Group instances are loaded into memory before creating a map.

This method is generated by Databricks SDK Code Generator.

func (*GroupsAPI) Impl 

func (a *GroupsAPI) Impl() GroupsService

Impl returns low-level Groups API implementation Deprecated: use MockGroupsInterface instead.

func (*GroupsAPI) List added in v0.24.0 

func (a *GroupsAPI) List(ctx context.Context, request ListGroupsRequest) listing.Iterator[Group]

List group details.

Gets all details of the groups associated with the Databricks workspace.

This method is generated by Databricks SDK Code Generator.

func (*GroupsAPI) ListAll 

func (a *GroupsAPI) ListAll(ctx context.Context, request ListGroupsRequest) ([]Group, error)

List group details.

Gets all details of the groups associated with the Databricks workspace.

This method is generated by Databricks SDK Code Generator.

func (*GroupsAPI) Patch 

func (a *GroupsAPI) Patch(ctx context.Context, request PartialUpdate) error

Update group details.

Partially updates the details of a group.

func (*GroupsAPI) Update 

func (a *GroupsAPI) Update(ctx context.Context, request Group) error

Replace a group.

Updates the details of a group by replacing the entire group entity.

func (*GroupsAPI) WithImpl 

func (a *GroupsAPI) WithImpl(impl GroupsService) GroupsInterface

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks. Deprecated: use MockGroupsInterface instead.

type GroupsInterface added in v0.29.0 

type GroupsInterface interface {
	// WithImpl could be used to override low-level API implementations for unit
	// testing purposes with [github.com/golang/mock] or other mocking frameworks.
	// Deprecated: use MockGroupsInterface instead.
	WithImpl(impl GroupsService) GroupsInterface

	// Impl returns low-level Groups API implementation
	// Deprecated: use MockGroupsInterface instead.
	Impl() GroupsService

	// Create a new group.
	//
	// Creates a group in the Databricks workspace with a unique name, using the
	// supplied group details.
	Create(ctx context.Context, request Group) (*Group, error)

	// Delete a group.
	//
	// Deletes a group from the Databricks workspace.
	Delete(ctx context.Context, request DeleteGroupRequest) error

	// Delete a group.
	//
	// Deletes a group from the Databricks workspace.
	DeleteById(ctx context.Context, id string) error

	// Get group details.
	//
	// Gets the information for a specific group in the Databricks workspace.
	Get(ctx context.Context, request GetGroupRequest) (*Group, error)

	// Get group details.
	//
	// Gets the information for a specific group in the Databricks workspace.
	GetById(ctx context.Context, id string) (*Group, error)

	// List group details.
	//
	// Gets all details of the groups associated with the Databricks workspace.
	//
	// This method is generated by Databricks SDK Code Generator.
	List(ctx context.Context, request ListGroupsRequest) listing.Iterator[Group]

	// List group details.
	//
	// Gets all details of the groups associated with the Databricks workspace.
	//
	// This method is generated by Databricks SDK Code Generator.
	ListAll(ctx context.Context, request ListGroupsRequest) ([]Group, error)

	// GroupDisplayNameToIdMap calls [GroupsAPI.ListAll] and creates a map of results with [Group].DisplayName as key and [Group].Id as value.
	//
	// Returns an error if there's more than one [Group] with the same .DisplayName.
	//
	// Note: All [Group] instances are loaded into memory before creating a map.
	//
	// This method is generated by Databricks SDK Code Generator.
	GroupDisplayNameToIdMap(ctx context.Context, request ListGroupsRequest) (map[string]string, error)

	// GetByDisplayName calls [GroupsAPI.GroupDisplayNameToIdMap] and returns a single [Group].
	//
	// Returns an error if there's more than one [Group] with the same .DisplayName.
	//
	// Note: All [Group] instances are loaded into memory before returning matching by name.
	//
	// This method is generated by Databricks SDK Code Generator.
	GetByDisplayName(ctx context.Context, name string) (*Group, error)

	// Update group details.
	//
	// Partially updates the details of a group.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace a group.
	//
	// Updates the details of a group by replacing the entire group entity.
	Update(ctx context.Context, request Group) error
}

type GroupsService 

type GroupsService interface {

	// Create a new group.
	//
	// Creates a group in the Databricks workspace with a unique name, using the
	// supplied group details.
	Create(ctx context.Context, request Group) (*Group, error)

	// Delete a group.
	//
	// Deletes a group from the Databricks workspace.
	Delete(ctx context.Context, request DeleteGroupRequest) error

	// Get group details.
	//
	// Gets the information for a specific group in the Databricks workspace.
	Get(ctx context.Context, request GetGroupRequest) (*Group, error)

	// List group details.
	//
	// Gets all details of the groups associated with the Databricks workspace.
	//
	// Use ListAll() to get all Group instances, which will iterate over every result page.
	List(ctx context.Context, request ListGroupsRequest) (*ListGroupsResponse, error)

	// Update group details.
	//
	// Partially updates the details of a group.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace a group.
	//
	// Updates the details of a group by replacing the entire group entity.
	Update(ctx context.Context, request Group) error
}

Groups simplify identity management, making it easier to assign access to Databricks workspace, data, and other securable objects.

It is best practice to assign access to workspaces and access-control policies in Unity Catalog to groups, instead of to users individually. All Databricks workspace identities can be assigned as members of groups, and members inherit permissions that are assigned to their group.

type ListAccountGroupsRequest 

type ListAccountGroupsRequest struct {
	// Comma-separated list of attributes to return in response.
	Attributes string `json:"-" url:"attributes,omitempty"`
	// Desired number of results per page. Default is 10000.
	Count int64 `json:"-" url:"count,omitempty"`
	// Comma-separated list of attributes to exclude in response.
	ExcludedAttributes string `json:"-" url:"excludedAttributes,omitempty"`
	// Query by which the results have to be filtered. Supported operators are
	// equals(`eq`), contains(`co`), starts with(`sw`) and not equals(`ne`).
	// Additionally, simple expressions can be formed using logical operators -
	// `and` and `or`. The [SCIM RFC] has more details but we currently only
	// support simple expressions.
	//
	// [SCIM RFC]: https://tools.ietf.org/html/rfc7644#section-3.4.2.2
	Filter string `json:"-" url:"filter,omitempty"`
	// Attribute to sort the results.
	SortBy string `json:"-" url:"sortBy,omitempty"`
	// The order to sort the results.
	SortOrder ListSortOrder `json:"-" url:"sortOrder,omitempty"`
	// Specifies the index of the first result. First item is number 1.
	StartIndex int64 `json:"-" url:"startIndex,omitempty"`

	ForceSendFields []string `json:"-"`
}

List group details

func (ListAccountGroupsRequest) MarshalJSON added in v0.23.0 

func (s ListAccountGroupsRequest) MarshalJSON() ([]byte, error)

func (*ListAccountGroupsRequest) UnmarshalJSON added in v0.23.0 

func (s *ListAccountGroupsRequest) UnmarshalJSON(b []byte) error

type ListAccountServicePrincipalsRequest 

type ListAccountServicePrincipalsRequest struct {
	// Comma-separated list of attributes to return in response.
	Attributes string `json:"-" url:"attributes,omitempty"`
	// Desired number of results per page. Default is 10000.
	Count int64 `json:"-" url:"count,omitempty"`
	// Comma-separated list of attributes to exclude in response.
	ExcludedAttributes string `json:"-" url:"excludedAttributes,omitempty"`
	// Query by which the results have to be filtered. Supported operators are
	// equals(`eq`), contains(`co`), starts with(`sw`) and not equals(`ne`).
	// Additionally, simple expressions can be formed using logical operators -
	// `and` and `or`. The [SCIM RFC] has more details but we currently only
	// support simple expressions.
	//
	// [SCIM RFC]: https://tools.ietf.org/html/rfc7644#section-3.4.2.2
	Filter string `json:"-" url:"filter,omitempty"`
	// Attribute to sort the results.
	SortBy string `json:"-" url:"sortBy,omitempty"`
	// The order to sort the results.
	SortOrder ListSortOrder `json:"-" url:"sortOrder,omitempty"`
	// Specifies the index of the first result. First item is number 1.
	StartIndex int64 `json:"-" url:"startIndex,omitempty"`

	ForceSendFields []string `json:"-"`
}

List service principals

func (ListAccountServicePrincipalsRequest) MarshalJSON added in v0.23.0 

func (s ListAccountServicePrincipalsRequest) MarshalJSON() ([]byte, error)

func (*ListAccountServicePrincipalsRequest) UnmarshalJSON added in v0.23.0 

func (s *ListAccountServicePrincipalsRequest) UnmarshalJSON(b []byte) error

type ListAccountUsersRequest 

type ListAccountUsersRequest struct {
	// Comma-separated list of attributes to return in response.
	Attributes string `json:"-" url:"attributes,omitempty"`
	// Desired number of results per page. Default is 10000.
	Count int64 `json:"-" url:"count,omitempty"`
	// Comma-separated list of attributes to exclude in response.
	ExcludedAttributes string `json:"-" url:"excludedAttributes,omitempty"`
	// Query by which the results have to be filtered. Supported operators are
	// equals(`eq`), contains(`co`), starts with(`sw`) and not equals(`ne`).
	// Additionally, simple expressions can be formed using logical operators -
	// `and` and `or`. The [SCIM RFC] has more details but we currently only
	// support simple expressions.
	//
	// [SCIM RFC]: https://tools.ietf.org/html/rfc7644#section-3.4.2.2
	Filter string `json:"-" url:"filter,omitempty"`
	// Attribute to sort the results. Multi-part paths are supported. For
	// example, `userName`, `name.givenName`, and `emails`.
	SortBy string `json:"-" url:"sortBy,omitempty"`
	// The order to sort the results.
	SortOrder ListSortOrder `json:"-" url:"sortOrder,omitempty"`
	// Specifies the index of the first result. First item is number 1.
	StartIndex int64 `json:"-" url:"startIndex,omitempty"`

	ForceSendFields []string `json:"-"`
}

List users

func (ListAccountUsersRequest) MarshalJSON added in v0.23.0 

func (s ListAccountUsersRequest) MarshalJSON() ([]byte, error)

func (*ListAccountUsersRequest) UnmarshalJSON added in v0.23.0 

func (s *ListAccountUsersRequest) UnmarshalJSON(b []byte) error

type ListGroupsRequest 

type ListGroupsRequest struct {
	// Comma-separated list of attributes to return in response.
	Attributes string `json:"-" url:"attributes,omitempty"`
	// Desired number of results per page.
	Count int64 `json:"-" url:"count,omitempty"`
	// Comma-separated list of attributes to exclude in response.
	ExcludedAttributes string `json:"-" url:"excludedAttributes,omitempty"`
	// Query by which the results have to be filtered. Supported operators are
	// equals(`eq`), contains(`co`), starts with(`sw`) and not equals(`ne`).
	// Additionally, simple expressions can be formed using logical operators -
	// `and` and `or`. The [SCIM RFC] has more details but we currently only
	// support simple expressions.
	//
	// [SCIM RFC]: https://tools.ietf.org/html/rfc7644#section-3.4.2.2
	Filter string `json:"-" url:"filter,omitempty"`
	// Attribute to sort the results.
	SortBy string `json:"-" url:"sortBy,omitempty"`
	// The order to sort the results.
	SortOrder ListSortOrder `json:"-" url:"sortOrder,omitempty"`
	// Specifies the index of the first result. First item is number 1.
	StartIndex int64 `json:"-" url:"startIndex,omitempty"`

	ForceSendFields []string `json:"-"`
}

List group details

func (ListGroupsRequest) MarshalJSON added in v0.23.0 

func (s ListGroupsRequest) MarshalJSON() ([]byte, error)

func (*ListGroupsRequest) UnmarshalJSON added in v0.23.0 

func (s *ListGroupsRequest) UnmarshalJSON(b []byte) error

type ListGroupsResponse 

type ListGroupsResponse struct {
	// Total results returned in the response.
	ItemsPerPage int64 `json:"itemsPerPage,omitempty"`
	// User objects returned in the response.
	Resources []Group `json:"Resources,omitempty"`
	// The schema of the service principal.
	Schemas []ListResponseSchema `json:"schemas,omitempty"`
	// Starting index of all the results that matched the request filters. First
	// item is number 1.
	StartIndex int64 `json:"startIndex,omitempty"`
	// Total results that match the request filters.
	TotalResults int64 `json:"totalResults,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (ListGroupsResponse) MarshalJSON added in v0.23.0 

func (s ListGroupsResponse) MarshalJSON() ([]byte, error)

func (*ListGroupsResponse) UnmarshalJSON added in v0.23.0 

func (s *ListGroupsResponse) UnmarshalJSON(b []byte) error

type ListResponseSchema added in v0.24.0 

type ListResponseSchema string
const ListResponseSchemaUrnIetfParamsScimApiMessages20ListResponse ListResponseSchema = `urn:ietf:params:scim:api:messages:2.0:ListResponse`

func (*ListResponseSchema) Set added in v0.24.0 

func (f *ListResponseSchema) Set(v string) error

Set raw string value and validate it against allowed values

func (*ListResponseSchema) String added in v0.24.0 

func (f *ListResponseSchema) String() string

String representation for fmt.Print

func (*ListResponseSchema) Type added in v0.24.0 

func (f *ListResponseSchema) Type() string

Type always returns ListResponseSchema to satisfy [pflag.Value] interface

type ListServicePrincipalResponse 

type ListServicePrincipalResponse struct {
	// Total results returned in the response.
	ItemsPerPage int64 `json:"itemsPerPage,omitempty"`
	// User objects returned in the response.
	Resources []ServicePrincipal `json:"Resources,omitempty"`
	// The schema of the List response.
	Schemas []ListResponseSchema `json:"schemas,omitempty"`
	// Starting index of all the results that matched the request filters. First
	// item is number 1.
	StartIndex int64 `json:"startIndex,omitempty"`
	// Total results that match the request filters.
	TotalResults int64 `json:"totalResults,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (ListServicePrincipalResponse) MarshalJSON added in v0.23.0 

func (s ListServicePrincipalResponse) MarshalJSON() ([]byte, error)

func (*ListServicePrincipalResponse) UnmarshalJSON added in v0.23.0 

func (s *ListServicePrincipalResponse) UnmarshalJSON(b []byte) error

type ListServicePrincipalsRequest 

type ListServicePrincipalsRequest struct {
	// Comma-separated list of attributes to return in response.
	Attributes string `json:"-" url:"attributes,omitempty"`
	// Desired number of results per page.
	Count int64 `json:"-" url:"count,omitempty"`
	// Comma-separated list of attributes to exclude in response.
	ExcludedAttributes string `json:"-" url:"excludedAttributes,omitempty"`
	// Query by which the results have to be filtered. Supported operators are
	// equals(`eq`), contains(`co`), starts with(`sw`) and not equals(`ne`).
	// Additionally, simple expressions can be formed using logical operators -
	// `and` and `or`. The [SCIM RFC] has more details but we currently only
	// support simple expressions.
	//
	// [SCIM RFC]: https://tools.ietf.org/html/rfc7644#section-3.4.2.2
	Filter string `json:"-" url:"filter,omitempty"`
	// Attribute to sort the results.
	SortBy string `json:"-" url:"sortBy,omitempty"`
	// The order to sort the results.
	SortOrder ListSortOrder `json:"-" url:"sortOrder,omitempty"`
	// Specifies the index of the first result. First item is number 1.
	StartIndex int64 `json:"-" url:"startIndex,omitempty"`

	ForceSendFields []string `json:"-"`
}

List service principals

func (ListServicePrincipalsRequest) MarshalJSON added in v0.23.0 

func (s ListServicePrincipalsRequest) MarshalJSON() ([]byte, error)

func (*ListServicePrincipalsRequest) UnmarshalJSON added in v0.23.0 

func (s *ListServicePrincipalsRequest) UnmarshalJSON(b []byte) error

type ListSortOrder 

type ListSortOrder string
const ListSortOrderAscending ListSortOrder = `ascending`
const ListSortOrderDescending ListSortOrder = `descending`

func (*ListSortOrder) Set 

func (f *ListSortOrder) Set(v string) error

Set raw string value and validate it against allowed values

func (*ListSortOrder) String 

func (f *ListSortOrder) String() string

String representation for fmt.Print

func (*ListSortOrder) Type 

func (f *ListSortOrder) Type() string

Type always returns ListSortOrder to satisfy [pflag.Value] interface

type ListUsersRequest 

type ListUsersRequest struct {
	// Comma-separated list of attributes to return in response.
	Attributes string `json:"-" url:"attributes,omitempty"`
	// Desired number of results per page.
	Count int64 `json:"-" url:"count,omitempty"`
	// Comma-separated list of attributes to exclude in response.
	ExcludedAttributes string `json:"-" url:"excludedAttributes,omitempty"`
	// Query by which the results have to be filtered. Supported operators are
	// equals(`eq`), contains(`co`), starts with(`sw`) and not equals(`ne`).
	// Additionally, simple expressions can be formed using logical operators -
	// `and` and `or`. The [SCIM RFC] has more details but we currently only
	// support simple expressions.
	//
	// [SCIM RFC]: https://tools.ietf.org/html/rfc7644#section-3.4.2.2
	Filter string `json:"-" url:"filter,omitempty"`
	// Attribute to sort the results. Multi-part paths are supported. For
	// example, `userName`, `name.givenName`, and `emails`.
	SortBy string `json:"-" url:"sortBy,omitempty"`
	// The order to sort the results.
	SortOrder ListSortOrder `json:"-" url:"sortOrder,omitempty"`
	// Specifies the index of the first result. First item is number 1.
	StartIndex int64 `json:"-" url:"startIndex,omitempty"`

	ForceSendFields []string `json:"-"`
}

List users

func (ListUsersRequest) MarshalJSON added in v0.23.0 

func (s ListUsersRequest) MarshalJSON() ([]byte, error)

func (*ListUsersRequest) UnmarshalJSON added in v0.23.0 

func (s *ListUsersRequest) UnmarshalJSON(b []byte) error

type ListUsersResponse 

type ListUsersResponse struct {
	// Total results returned in the response.
	ItemsPerPage int64 `json:"itemsPerPage,omitempty"`
	// User objects returned in the response.
	Resources []User `json:"Resources,omitempty"`
	// The schema of the List response.
	Schemas []ListResponseSchema `json:"schemas,omitempty"`
	// Starting index of all the results that matched the request filters. First
	// item is number 1.
	StartIndex int64 `json:"startIndex,omitempty"`
	// Total results that match the request filters.
	TotalResults int64 `json:"totalResults,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (ListUsersResponse) MarshalJSON added in v0.23.0 

func (s ListUsersResponse) MarshalJSON() ([]byte, error)

func (*ListUsersResponse) UnmarshalJSON added in v0.23.0 

func (s *ListUsersResponse) UnmarshalJSON(b []byte) error

type ListWorkspaceAssignmentRequest 

type ListWorkspaceAssignmentRequest struct {
	// The workspace ID for the account.
	WorkspaceId int64 `json:"-" url:"-"`
}

Get permission assignments

type Name 

type Name struct {
	// Family name of the Databricks user.
	FamilyName string `json:"familyName,omitempty"`
	// Given name of the Databricks user.
	GivenName string `json:"givenName,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (Name) MarshalJSON added in v0.23.0 

func (s Name) MarshalJSON() ([]byte, error)

func (*Name) UnmarshalJSON added in v0.23.0 

func (s *Name) UnmarshalJSON(b []byte) error

type ObjectPermissions 

type ObjectPermissions struct {
	AccessControlList []AccessControlResponse `json:"access_control_list,omitempty"`

	ObjectId string `json:"object_id,omitempty"`

	ObjectType string `json:"object_type,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (ObjectPermissions) MarshalJSON added in v0.23.0 

func (s ObjectPermissions) MarshalJSON() ([]byte, error)

func (*ObjectPermissions) UnmarshalJSON added in v0.23.0 

func (s *ObjectPermissions) UnmarshalJSON(b []byte) error

type PartialUpdate 

type PartialUpdate struct {
	// Unique ID for a user in the Databricks workspace.
	Id string `json:"-" url:"-"`

	Operations []Patch `json:"Operations,omitempty"`
	// The schema of the patch request. Must be
	// ["urn:ietf:params:scim:api:messages:2.0:PatchOp"].
	Schemas []PatchSchema `json:"schemas,omitempty"`
}

type PasswordAccessControlRequest added in v0.15.0 

type PasswordAccessControlRequest struct {
	// name of the group
	GroupName string `json:"group_name,omitempty"`
	// Permission level
	PermissionLevel PasswordPermissionLevel `json:"permission_level,omitempty"`
	// application ID of a service principal
	ServicePrincipalName string `json:"service_principal_name,omitempty"`
	// name of the user
	UserName string `json:"user_name,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (PasswordAccessControlRequest) MarshalJSON added in v0.23.0 

func (s PasswordAccessControlRequest) MarshalJSON() ([]byte, error)

func (*PasswordAccessControlRequest) UnmarshalJSON added in v0.23.0 

func (s *PasswordAccessControlRequest) UnmarshalJSON(b []byte) error

type PasswordAccessControlResponse added in v0.15.0 

type PasswordAccessControlResponse struct {
	// All permissions.
	AllPermissions []PasswordPermission `json:"all_permissions,omitempty"`
	// Display name of the user or service principal.
	DisplayName string `json:"display_name,omitempty"`
	// name of the group
	GroupName string `json:"group_name,omitempty"`
	// Name of the service principal.
	ServicePrincipalName string `json:"service_principal_name,omitempty"`
	// name of the user
	UserName string `json:"user_name,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (PasswordAccessControlResponse) MarshalJSON added in v0.23.0 

func (s PasswordAccessControlResponse) MarshalJSON() ([]byte, error)

func (*PasswordAccessControlResponse) UnmarshalJSON added in v0.23.0 

func (s *PasswordAccessControlResponse) UnmarshalJSON(b []byte) error

type PasswordPermission added in v0.15.0 

type PasswordPermission struct {
	Inherited bool `json:"inherited,omitempty"`

	InheritedFromObject []string `json:"inherited_from_object,omitempty"`
	// Permission level
	PermissionLevel PasswordPermissionLevel `json:"permission_level,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (PasswordPermission) MarshalJSON added in v0.23.0 

func (s PasswordPermission) MarshalJSON() ([]byte, error)

func (*PasswordPermission) UnmarshalJSON added in v0.23.0 

func (s *PasswordPermission) UnmarshalJSON(b []byte) error

type PasswordPermissionLevel added in v0.15.0 

type PasswordPermissionLevel string

Permission level 

const PasswordPermissionLevelCanUse PasswordPermissionLevel = `CAN_USE`

func (*PasswordPermissionLevel) Set added in v0.15.0 

func (f *PasswordPermissionLevel) Set(v string) error

Set raw string value and validate it against allowed values

func (*PasswordPermissionLevel) String added in v0.15.0 

func (f *PasswordPermissionLevel) String() string

String representation for fmt.Print

func (*PasswordPermissionLevel) Type added in v0.15.0 

func (f *PasswordPermissionLevel) Type() string

Type always returns PasswordPermissionLevel to satisfy [pflag.Value] interface

type PasswordPermissions added in v0.15.0 

type PasswordPermissions struct {
	AccessControlList []PasswordAccessControlResponse `json:"access_control_list,omitempty"`

	ObjectId string `json:"object_id,omitempty"`

	ObjectType string `json:"object_type,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (PasswordPermissions) MarshalJSON added in v0.23.0 

func (s PasswordPermissions) MarshalJSON() ([]byte, error)

func (*PasswordPermissions) UnmarshalJSON added in v0.23.0 

func (s *PasswordPermissions) UnmarshalJSON(b []byte) error

type PasswordPermissionsDescription added in v0.15.0 

type PasswordPermissionsDescription struct {
	Description string `json:"description,omitempty"`
	// Permission level
	PermissionLevel PasswordPermissionLevel `json:"permission_level,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (PasswordPermissionsDescription) MarshalJSON added in v0.23.0 

func (s PasswordPermissionsDescription) MarshalJSON() ([]byte, error)

func (*PasswordPermissionsDescription) UnmarshalJSON added in v0.23.0 

func (s *PasswordPermissionsDescription) UnmarshalJSON(b []byte) error

type PasswordPermissionsRequest added in v0.15.0 

type PasswordPermissionsRequest struct {
	AccessControlList []PasswordAccessControlRequest `json:"access_control_list,omitempty"`
}

type Patch 

type Patch struct {
	// Type of patch operation.
	Op PatchOp `json:"op,omitempty"`
	// Selection of patch operation
	Path string `json:"path,omitempty"`
	// Value to modify
	Value any `json:"value,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (Patch) MarshalJSON added in v0.23.0 

func (s Patch) MarshalJSON() ([]byte, error)

func (*Patch) UnmarshalJSON added in v0.23.0 

func (s *Patch) UnmarshalJSON(b []byte) error

type PatchOp 

type PatchOp string

Type of patch operation. 

const PatchOpAdd PatchOp = `add`
const PatchOpRemove PatchOp = `remove`
const PatchOpReplace PatchOp = `replace`

func (*PatchOp) Set 

func (f *PatchOp) Set(v string) error

Set raw string value and validate it against allowed values

func (*PatchOp) String 

func (f *PatchOp) String() string

String representation for fmt.Print

func (*PatchOp) Type 

func (f *PatchOp) Type() string

Type always returns PatchOp to satisfy [pflag.Value] interface

type PatchResponse added in v0.34.0 

type PatchResponse struct {
}

type PatchSchema added in v0.13.0 

type PatchSchema string
const PatchSchemaUrnIetfParamsScimApiMessages20PatchOp PatchSchema = `urn:ietf:params:scim:api:messages:2.0:PatchOp`

func (*PatchSchema) Set added in v0.13.0 

func (f *PatchSchema) Set(v string) error

Set raw string value and validate it against allowed values

func (*PatchSchema) String added in v0.13.0 

func (f *PatchSchema) String() string

String representation for fmt.Print

func (*PatchSchema) Type added in v0.13.0 

func (f *PatchSchema) Type() string

Type always returns PatchSchema to satisfy [pflag.Value] interface

type Permission 

type Permission struct {
	Inherited bool `json:"inherited,omitempty"`

	InheritedFromObject []string `json:"inherited_from_object,omitempty"`
	// Permission level
	PermissionLevel PermissionLevel `json:"permission_level,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (Permission) MarshalJSON added in v0.23.0 

func (s Permission) MarshalJSON() ([]byte, error)

func (*Permission) UnmarshalJSON added in v0.23.0 

func (s *Permission) UnmarshalJSON(b []byte) error

type PermissionAssignment 

type PermissionAssignment struct {
	// Error response associated with a workspace permission assignment, if any.
	Error string `json:"error,omitempty"`
	// The permissions level of the principal.
	Permissions []WorkspacePermission `json:"permissions,omitempty"`
	// Information about the principal assigned to the workspace.
	Principal *PrincipalOutput `json:"principal,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (PermissionAssignment) MarshalJSON added in v0.23.0 

func (s PermissionAssignment) MarshalJSON() ([]byte, error)

func (*PermissionAssignment) UnmarshalJSON added in v0.23.0 

func (s *PermissionAssignment) UnmarshalJSON(b []byte) error

type PermissionAssignments 

type PermissionAssignments struct {
	// Array of permissions assignments defined for a workspace.
	PermissionAssignments []PermissionAssignment `json:"permission_assignments,omitempty"`
}

type PermissionLevel 

type PermissionLevel string

Permission level 

const PermissionLevelCanAttachTo PermissionLevel = `CAN_ATTACH_TO`
const PermissionLevelCanBind PermissionLevel = `CAN_BIND`
const PermissionLevelCanEdit PermissionLevel = `CAN_EDIT`
const PermissionLevelCanEditMetadata PermissionLevel = `CAN_EDIT_METADATA`
const PermissionLevelCanManage PermissionLevel = `CAN_MANAGE`
const PermissionLevelCanManageProductionVersions PermissionLevel = `CAN_MANAGE_PRODUCTION_VERSIONS`
const PermissionLevelCanManageRun PermissionLevel = `CAN_MANAGE_RUN`
const PermissionLevelCanManageStagingVersions PermissionLevel = `CAN_MANAGE_STAGING_VERSIONS`
const PermissionLevelCanQuery PermissionLevel = `CAN_QUERY`
const PermissionLevelCanRead PermissionLevel = `CAN_READ`
const PermissionLevelCanRestart PermissionLevel = `CAN_RESTART`
const PermissionLevelCanRun PermissionLevel = `CAN_RUN`
const PermissionLevelCanUse PermissionLevel = `CAN_USE`
const PermissionLevelCanView PermissionLevel = `CAN_VIEW`
const PermissionLevelCanViewMetadata PermissionLevel = `CAN_VIEW_METADATA`
const PermissionLevelIsOwner PermissionLevel = `IS_OWNER`

func (*PermissionLevel) Set 

func (f *PermissionLevel) Set(v string) error

Set raw string value and validate it against allowed values

func (*PermissionLevel) String 

func (f *PermissionLevel) String() string

String representation for fmt.Print

func (*PermissionLevel) Type 

func (f *PermissionLevel) Type() string

Type always returns PermissionLevel to satisfy [pflag.Value] interface

type PermissionMigrationAPI added in v0.34.0 

type PermissionMigrationAPI struct {
	// contains filtered or unexported fields
}

This spec contains undocumented permission migration APIs used in https://github.com/databrickslabs/ucx.

func NewPermissionMigration added in v0.34.0 

func NewPermissionMigration(client *client.DatabricksClient) *PermissionMigrationAPI

func (*PermissionMigrationAPI) Impl added in v0.34.0 

func (a *PermissionMigrationAPI) Impl() PermissionMigrationService

Impl returns low-level PermissionMigration API implementation Deprecated: use MockPermissionMigrationInterface instead.

func (*PermissionMigrationAPI) MigratePermissions added in v0.34.0 

func (a *PermissionMigrationAPI) MigratePermissions(ctx context.Context, request PermissionMigrationRequest) (*PermissionMigrationResponse, error)

Migrate Permissions.

Migrate a batch of permissions from a workspace local group to an account group.

func (*PermissionMigrationAPI) WithImpl added in v0.34.0 

func (a *PermissionMigrationAPI) WithImpl(impl PermissionMigrationService) PermissionMigrationInterface

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks. Deprecated: use MockPermissionMigrationInterface instead.

type PermissionMigrationInterface added in v0.34.0 

type PermissionMigrationInterface interface {
	// WithImpl could be used to override low-level API implementations for unit
	// testing purposes with [github.com/golang/mock] or other mocking frameworks.
	// Deprecated: use MockPermissionMigrationInterface instead.
	WithImpl(impl PermissionMigrationService) PermissionMigrationInterface

	// Impl returns low-level PermissionMigration API implementation
	// Deprecated: use MockPermissionMigrationInterface instead.
	Impl() PermissionMigrationService

	// Migrate Permissions.
	//
	// Migrate a batch of permissions from a workspace local group to an account
	// group.
	MigratePermissions(ctx context.Context, request PermissionMigrationRequest) (*PermissionMigrationResponse, error)
}

type PermissionMigrationRequest added in v0.34.0 

type PermissionMigrationRequest struct {
	// The name of the workspace group that permissions will be migrated from.
	FromWorkspaceGroupName string `json:"from_workspace_group_name"`
	// The maximum number of permissions that will be migrated.
	Size int `json:"size,omitempty"`
	// The name of the account group that permissions will be migrated to.
	ToAccountGroupName string `json:"to_account_group_name"`
	// WorkspaceId of the associated workspace where the permission migration
	// will occur. Both workspace group and account group must be in this
	// workspace.
	WorkspaceId int64 `json:"workspace_id"`

	ForceSendFields []string `json:"-"`
}

func (PermissionMigrationRequest) MarshalJSON added in v0.34.0 

func (s PermissionMigrationRequest) MarshalJSON() ([]byte, error)

func (*PermissionMigrationRequest) UnmarshalJSON added in v0.34.0 

func (s *PermissionMigrationRequest) UnmarshalJSON(b []byte) error

type PermissionMigrationResponse added in v0.34.0 

type PermissionMigrationResponse struct {
	// Number of permissions migrated.
	PermissionsMigrated int `json:"permissions_migrated,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (PermissionMigrationResponse) MarshalJSON added in v0.34.0 

func (s PermissionMigrationResponse) MarshalJSON() ([]byte, error)

func (*PermissionMigrationResponse) UnmarshalJSON added in v0.34.0 

func (s *PermissionMigrationResponse) UnmarshalJSON(b []byte) error

type PermissionMigrationService added in v0.34.0 

type PermissionMigrationService interface {

	// Migrate Permissions.
	//
	// Migrate a batch of permissions from a workspace local group to an account
	// group.
	MigratePermissions(ctx context.Context, request PermissionMigrationRequest) (*PermissionMigrationResponse, error)
}

This spec contains undocumented permission migration APIs used in https://github.com/databrickslabs/ucx.

type PermissionOutput 

type PermissionOutput struct {
	// The results of a permissions query.
	Description string `json:"description,omitempty"`

	PermissionLevel WorkspacePermission `json:"permission_level,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (PermissionOutput) MarshalJSON added in v0.23.0 

func (s PermissionOutput) MarshalJSON() ([]byte, error)

func (*PermissionOutput) UnmarshalJSON added in v0.23.0 

func (s *PermissionOutput) UnmarshalJSON(b []byte) error

type PermissionsAPI 

type PermissionsAPI struct {
	// contains filtered or unexported fields
}

Permissions API are used to create read, write, edit, update and manage access for various users on different objects and endpoints.

* **[Cluster permissions](:service:clusters)** — Manage which users can manage, restart, or attach to clusters.

* **[Cluster policy permissions](:service:clusterpolicies)** — Manage which users can use cluster policies.

* **[Delta Live Tables pipeline permissions](:service:pipelines)** — Manage which users can view, manage, run, cancel, or own a Delta Live Tables pipeline.

* **[Job permissions](:service:jobs)** — Manage which users can view, manage, trigger, cancel, or own a job.

* **[MLflow experiment permissions](:service:experiments)** — Manage which users can read, edit, or manage MLflow experiments.

* **[MLflow registered model permissions](:service:modelregistry)** — Manage which users can read, edit, or manage MLflow registered models.

* **[Password permissions](:service:users)** — Manage which users can use password login when SSO is enabled.

* **[Instance Pool permissions](:service:instancepools)** — Manage which users can manage or attach to pools.

* **[Repo permissions](repos)** — Manage which users can read, run, edit, or manage a repo.

* **[Serving endpoint permissions](:service:servingendpoints)** — Manage which users can view, query, or manage a serving endpoint.

* **[SQL warehouse permissions](:service:warehouses)** — Manage which users can use or manage SQL warehouses.

* **[Token permissions](:service:tokenmanagement)** — Manage which users can create or use tokens.

* **[Workspace object permissions](:service:workspace)** — Manage which users can read, run, edit, or manage directories, files, and notebooks.

For the mapping of the required permissions for specific actions or abilities and other important information, see Access Control.

Note that to manage access control on service principals, use **[Account Access Control Proxy](:service:accountaccesscontrolproxy)**.

func NewPermissions 

func NewPermissions(client *client.DatabricksClient) *PermissionsAPI

func (*PermissionsAPI) Get 

func (a *PermissionsAPI) Get(ctx context.Context, request GetPermissionRequest) (*ObjectPermissions, error)

Get object permissions.

Gets the permissions of an object. Objects can inherit permissions from their parent objects or root object.

Example (GenericPermissions) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

notebookPath := func() string {
	me, err := w.CurrentUser.Me(ctx)
	if err != nil {
		panic(err)
	}
	return filepath.Join("/Users", me.UserName, fmt.Sprintf("sdk-%x", time.Now().UnixNano()))
}()

obj, err := w.Workspace.GetStatusByPath(ctx, notebookPath)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", obj)

_, err = w.Permissions.Get(ctx, iam.GetPermissionRequest{
	RequestObjectType: "notebooks",
	RequestObjectId:   fmt.Sprintf("%d", obj.ObjectId),
})
if err != nil {
	panic(err)
}

Output:

func (*PermissionsAPI) GetByRequestObjectTypeAndRequestObjectId 

func (a *PermissionsAPI) GetByRequestObjectTypeAndRequestObjectId(ctx context.Context, requestObjectType string, requestObjectId string) (*ObjectPermissions, error)

Get object permissions.

Gets the permissions of an object. Objects can inherit permissions from their parent objects or root object.

func (*PermissionsAPI) GetPermissionLevels 

func (a *PermissionsAPI) GetPermissionLevels(ctx context.Context, request GetPermissionLevelsRequest) (*GetPermissionLevelsResponse, error)

Get object permission levels.

Gets the permission levels that a user can have on an object.

Example (GenericPermissions) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

notebookPath := func() string {
	me, err := w.CurrentUser.Me(ctx)
	if err != nil {
		panic(err)
	}
	return filepath.Join("/Users", me.UserName, fmt.Sprintf("sdk-%x", time.Now().UnixNano()))
}()

obj, err := w.Workspace.GetStatusByPath(ctx, notebookPath)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", obj)

levels, err := w.Permissions.GetPermissionLevels(ctx, iam.GetPermissionLevelsRequest{
	RequestObjectType: "notebooks",
	RequestObjectId:   fmt.Sprintf("%d", obj.ObjectId),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", levels)

Output:

func (*PermissionsAPI) GetPermissionLevelsByRequestObjectTypeAndRequestObjectId 

func (a *PermissionsAPI) GetPermissionLevelsByRequestObjectTypeAndRequestObjectId(ctx context.Context, requestObjectType string, requestObjectId string) (*GetPermissionLevelsResponse, error)

Get object permission levels.

Gets the permission levels that a user can have on an object.

func (*PermissionsAPI) Impl 

func (a *PermissionsAPI) Impl() PermissionsService

Impl returns low-level Permissions API implementation Deprecated: use MockPermissionsInterface instead.

func (*PermissionsAPI) Set 

func (a *PermissionsAPI) Set(ctx context.Context, request PermissionsRequest) (*ObjectPermissions, error)

Set object permissions.

Sets permissions on an object. Objects can inherit permissions from their parent objects or root object.

Example (GenericPermissions) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

notebookPath := func() string {
	me, err := w.CurrentUser.Me(ctx)
	if err != nil {
		panic(err)
	}
	return filepath.Join("/Users", me.UserName, fmt.Sprintf("sdk-%x", time.Now().UnixNano()))
}()

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

obj, err := w.Workspace.GetStatusByPath(ctx, notebookPath)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", obj)

_, err = w.Permissions.Set(ctx, iam.PermissionsRequest{
	RequestObjectType: "notebooks",
	RequestObjectId:   fmt.Sprintf("%d", obj.ObjectId),
	AccessControlList: []iam.AccessControlRequest{iam.AccessControlRequest{
		GroupName:       group.DisplayName,
		PermissionLevel: iam.PermissionLevelCanRun,
	}},
})
if err != nil {
	panic(err)
}

// cleanup

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:

func (*PermissionsAPI) Update 

func (a *PermissionsAPI) Update(ctx context.Context, request PermissionsRequest) (*ObjectPermissions, error)

Update object permissions.

Updates the permissions on an object. Objects can inherit permissions from their parent objects or root object.

func (*PermissionsAPI) WithImpl 

func (a *PermissionsAPI) WithImpl(impl PermissionsService) PermissionsInterface

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks. Deprecated: use MockPermissionsInterface instead.

type PermissionsDescription 

type PermissionsDescription struct {
	Description string `json:"description,omitempty"`
	// Permission level
	PermissionLevel PermissionLevel `json:"permission_level,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (PermissionsDescription) MarshalJSON added in v0.23.0 

func (s PermissionsDescription) MarshalJSON() ([]byte, error)

func (*PermissionsDescription) UnmarshalJSON added in v0.23.0 

func (s *PermissionsDescription) UnmarshalJSON(b []byte) error

type PermissionsInterface added in v0.29.0 

type PermissionsInterface interface {
	// WithImpl could be used to override low-level API implementations for unit
	// testing purposes with [github.com/golang/mock] or other mocking frameworks.
	// Deprecated: use MockPermissionsInterface instead.
	WithImpl(impl PermissionsService) PermissionsInterface

	// Impl returns low-level Permissions API implementation
	// Deprecated: use MockPermissionsInterface instead.
	Impl() PermissionsService

	// Get object permissions.
	//
	// Gets the permissions of an object. Objects can inherit permissions from their
	// parent objects or root object.
	Get(ctx context.Context, request GetPermissionRequest) (*ObjectPermissions, error)

	// Get object permissions.
	//
	// Gets the permissions of an object. Objects can inherit permissions from their
	// parent objects or root object.
	GetByRequestObjectTypeAndRequestObjectId(ctx context.Context, requestObjectType string, requestObjectId string) (*ObjectPermissions, error)

	// Get object permission levels.
	//
	// Gets the permission levels that a user can have on an object.
	GetPermissionLevels(ctx context.Context, request GetPermissionLevelsRequest) (*GetPermissionLevelsResponse, error)

	// Get object permission levels.
	//
	// Gets the permission levels that a user can have on an object.
	GetPermissionLevelsByRequestObjectTypeAndRequestObjectId(ctx context.Context, requestObjectType string, requestObjectId string) (*GetPermissionLevelsResponse, error)

	// Set object permissions.
	//
	// Sets permissions on an object. Objects can inherit permissions from their
	// parent objects or root object.
	Set(ctx context.Context, request PermissionsRequest) (*ObjectPermissions, error)

	// Update object permissions.
	//
	// Updates the permissions on an object. Objects can inherit permissions from
	// their parent objects or root object.
	Update(ctx context.Context, request PermissionsRequest) (*ObjectPermissions, error)
}

type PermissionsRequest 

type PermissionsRequest struct {
	AccessControlList []AccessControlRequest `json:"access_control_list,omitempty"`
	// The id of the request object.
	RequestObjectId string `json:"-" url:"-"`
	// The type of the request object. Can be one of the following:
	// authorization, clusters, cluster-policies, directories, experiments,
	// files, instance-pools, jobs, notebooks, pipelines, registered-models,
	// repos, serving-endpoints, or warehouses.
	RequestObjectType string `json:"-" url:"-"`
}

type PermissionsService 

type PermissionsService interface {

	// Get object permissions.
	//
	// Gets the permissions of an object. Objects can inherit permissions from
	// their parent objects or root object.
	Get(ctx context.Context, request GetPermissionRequest) (*ObjectPermissions, error)

	// Get object permission levels.
	//
	// Gets the permission levels that a user can have on an object.
	GetPermissionLevels(ctx context.Context, request GetPermissionLevelsRequest) (*GetPermissionLevelsResponse, error)

	// Set object permissions.
	//
	// Sets permissions on an object. Objects can inherit permissions from their
	// parent objects or root object.
	Set(ctx context.Context, request PermissionsRequest) (*ObjectPermissions, error)

	// Update object permissions.
	//
	// Updates the permissions on an object. Objects can inherit permissions
	// from their parent objects or root object.
	Update(ctx context.Context, request PermissionsRequest) (*ObjectPermissions, error)
}

Permissions API are used to create read, write, edit, update and manage access for various users on different objects and endpoints.

* **[Cluster permissions](:service:clusters)** — Manage which users can manage, restart, or attach to clusters.

* **[Cluster policy permissions](:service:clusterpolicies)** — Manage which users can use cluster policies.

* **[Delta Live Tables pipeline permissions](:service:pipelines)** — Manage which users can view, manage, run, cancel, or own a Delta Live Tables pipeline.

* **[Job permissions](:service:jobs)** — Manage which users can view, manage, trigger, cancel, or own a job.

* **[MLflow experiment permissions](:service:experiments)** — Manage which users can read, edit, or manage MLflow experiments.

* **[MLflow registered model permissions](:service:modelregistry)** — Manage which users can read, edit, or manage MLflow registered models.

* **[Password permissions](:service:users)** — Manage which users can use password login when SSO is enabled.

* **[Instance Pool permissions](:service:instancepools)** — Manage which users can manage or attach to pools.

* **[Repo permissions](repos)** — Manage which users can read, run, edit, or manage a repo.

* **[Serving endpoint permissions](:service:servingendpoints)** — Manage which users can view, query, or manage a serving endpoint.

* **[SQL warehouse permissions](:service:warehouses)** — Manage which users can use or manage SQL warehouses.

* **[Token permissions](:service:tokenmanagement)** — Manage which users can create or use tokens.

* **[Workspace object permissions](:service:workspace)** — Manage which users can read, run, edit, or manage directories, files, and notebooks.

For the mapping of the required permissions for specific actions or abilities and other important information, see Access Control.

Note that to manage access control on service principals, use **[Account Access Control Proxy](:service:accountaccesscontrolproxy)**.

type PrincipalOutput 

type PrincipalOutput struct {
	// The display name of the principal.
	DisplayName string `json:"display_name,omitempty"`
	// The group name of the group. Present only if the principal is a group.
	GroupName string `json:"group_name,omitempty"`
	// The unique, opaque id of the principal.
	PrincipalId int64 `json:"principal_id,omitempty"`
	// The name of the service principal. Present only if the principal is a
	// service principal.
	ServicePrincipalName string `json:"service_principal_name,omitempty"`
	// The username of the user. Present only if the principal is a user.
	UserName string `json:"user_name,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (PrincipalOutput) MarshalJSON added in v0.23.0 

func (s PrincipalOutput) MarshalJSON() ([]byte, error)

func (*PrincipalOutput) UnmarshalJSON added in v0.23.0 

func (s *PrincipalOutput) UnmarshalJSON(b []byte) error

type ResourceMeta added in v0.12.0 

type ResourceMeta struct {
	// Identifier for group type. Can be local workspace group
	// (`WorkspaceGroup`) or account group (`Group`).
	ResourceType string `json:"resourceType,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (ResourceMeta) MarshalJSON added in v0.23.0 

func (s ResourceMeta) MarshalJSON() ([]byte, error)

func (*ResourceMeta) UnmarshalJSON added in v0.23.0 

func (s *ResourceMeta) UnmarshalJSON(b []byte) error

type Role added in v0.15.0 

type Role struct {
	// Role to assign to a principal or a list of principals on a resource.
	Name string `json:"name"`
}

type RuleSetResponse added in v0.10.0 

type RuleSetResponse struct {
	// Identifies the version of the rule set returned.
	Etag string `json:"etag,omitempty"`

	GrantRules []GrantRule `json:"grant_rules,omitempty"`
	// Name of the rule set.
	Name string `json:"name,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (RuleSetResponse) MarshalJSON added in v0.23.0 

func (s RuleSetResponse) MarshalJSON() ([]byte, error)

func (*RuleSetResponse) UnmarshalJSON added in v0.23.0 

func (s *RuleSetResponse) UnmarshalJSON(b []byte) error

type RuleSetUpdateRequest added in v0.10.0 

type RuleSetUpdateRequest struct {
	// The expected etag of the rule set to update. The update will fail if the
	// value does not match the value that is stored in account access control
	// service.
	Etag string `json:"etag"`

	GrantRules []GrantRule `json:"grant_rules,omitempty"`
	// Name of the rule set.
	Name string `json:"name"`
}

type ServicePrincipal 

type ServicePrincipal struct {
	// If this user is active
	Active bool `json:"active,omitempty"`
	// UUID relating to the service principal
	ApplicationId string `json:"applicationId,omitempty"`
	// String that represents a concatenation of given and family names.
	DisplayName string `json:"displayName,omitempty"`
	// Entitlements assigned to the service principal. See [assigning
	// entitlements] for a full list of supported values.
	//
	// [assigning entitlements]: https://docs.databricks.com/administration-guide/users-groups/index.html#assigning-entitlements
	Entitlements []ComplexValue `json:"entitlements,omitempty"`

	ExternalId string `json:"externalId,omitempty"`

	Groups []ComplexValue `json:"groups,omitempty"`
	// Databricks service principal ID.
	Id string `json:"id,omitempty"`
	// Corresponds to AWS instance profile/arn role.
	Roles []ComplexValue `json:"roles,omitempty"`
	// The schema of the List response.
	Schemas []ServicePrincipalSchema `json:"schemas,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (ServicePrincipal) MarshalJSON added in v0.23.0 

func (s ServicePrincipal) MarshalJSON() ([]byte, error)

func (*ServicePrincipal) UnmarshalJSON added in v0.23.0 

func (s *ServicePrincipal) UnmarshalJSON(b []byte) error

type ServicePrincipalSchema added in v0.24.0 

type ServicePrincipalSchema string
const ServicePrincipalSchemaUrnIetfParamsScimSchemasCore20ServicePrincipal ServicePrincipalSchema = `urn:ietf:params:scim:schemas:core:2.0:ServicePrincipal`

func (*ServicePrincipalSchema) Set added in v0.24.0 

func (f *ServicePrincipalSchema) Set(v string) error

Set raw string value and validate it against allowed values

func (*ServicePrincipalSchema) String added in v0.24.0 

func (f *ServicePrincipalSchema) String() string

String representation for fmt.Print

func (*ServicePrincipalSchema) Type added in v0.24.0 

func (f *ServicePrincipalSchema) Type() string

Type always returns ServicePrincipalSchema to satisfy [pflag.Value] interface

type ServicePrincipalsAPI 

type ServicePrincipalsAPI struct {
	// contains filtered or unexported fields
}

Identities for use with jobs, automated tools, and systems such as scripts, apps, and CI/CD platforms. Databricks recommends creating service principals to run production jobs or modify production data. If all processes that act on production data run with service principals, interactive users do not need any write, delete, or modify privileges in production. This eliminates the risk of a user overwriting production data by accident.

func NewServicePrincipals 

func NewServicePrincipals(client *client.DatabricksClient) *ServicePrincipalsAPI

func (*ServicePrincipalsAPI) Create 

func (a *ServicePrincipalsAPI) Create(ctx context.Context, request ServicePrincipal) (*ServicePrincipal, error)

Create a service principal.

Creates a new service principal in the Databricks workspace.

Example (AccountServicePrincipal) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

spCreate, err := a.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	Active:      true,
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", spCreate)

// cleanup

err = a.ServicePrincipals.Delete(ctx, iam.DeleteAccountServicePrincipalRequest{
	Id: spCreate.Id,
})
if err != nil {
	panic(err)
}

Output:
Example (CreateOboTokenOnAws) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

groups, err := w.Groups.GroupDisplayNameToIdMap(ctx, iam.ListGroupsRequest{})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", groups)

spn, err := w.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	Groups: []iam.ComplexValue{iam.ComplexValue{
		Value: groups["admins"],
	}},
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", spn)

// cleanup

err = w.ServicePrincipals.DeleteById(ctx, spn.Id)
if err != nil {
	panic(err)
}

Output:
Example (ServicePrincipalsOnAws) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

created, err := w.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", created)

// cleanup

err = w.ServicePrincipals.DeleteById(ctx, created.Id)
if err != nil {
	panic(err)
}

Output:
Example (WorkspaceAssignmentOnAws) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

spn, err := a.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", spn)

Output:

func (*ServicePrincipalsAPI) Delete 

func (a *ServicePrincipalsAPI) Delete(ctx context.Context, request DeleteServicePrincipalRequest) error

Delete a service principal.

Delete a single service principal in the Databricks workspace.

func (*ServicePrincipalsAPI) DeleteById 

func (a *ServicePrincipalsAPI) DeleteById(ctx context.Context, id string) error

Delete a service principal.

Delete a single service principal in the Databricks workspace.

func (*ServicePrincipalsAPI) Get 

func (a *ServicePrincipalsAPI) Get(ctx context.Context, request GetServicePrincipalRequest) (*ServicePrincipal, error)

Get service principal details.

Gets the details for a single service principal define in the Databricks workspace.

Example (AccountServicePrincipal) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

spCreate, err := a.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	Active:      true,
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", spCreate)

sp, err := a.ServicePrincipals.GetById(ctx, spCreate.Id)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", sp)

// cleanup

err = a.ServicePrincipals.Delete(ctx, iam.DeleteAccountServicePrincipalRequest{
	Id: spCreate.Id,
})
if err != nil {
	panic(err)
}

Output:
Example (ServicePrincipalsOnAws) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

created, err := w.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", created)

byId, err := w.ServicePrincipals.GetById(ctx, created.Id)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", byId)

// cleanup

err = w.ServicePrincipals.DeleteById(ctx, created.Id)
if err != nil {
	panic(err)
}

Output:

func (*ServicePrincipalsAPI) GetByDisplayName 

func (a *ServicePrincipalsAPI) GetByDisplayName(ctx context.Context, name string) (*ServicePrincipal, error)

GetByDisplayName calls ServicePrincipalsAPI.ServicePrincipalDisplayNameToIdMap and returns a single ServicePrincipal.

Returns an error if there's more than one ServicePrincipal with the same .DisplayName.

Note: All ServicePrincipal instances are loaded into memory before returning matching by name.

This method is generated by Databricks SDK Code Generator.

func (*ServicePrincipalsAPI) GetById 

func (a *ServicePrincipalsAPI) GetById(ctx context.Context, id string) (*ServicePrincipal, error)

Get service principal details.

Gets the details for a single service principal define in the Databricks workspace.

func (*ServicePrincipalsAPI) Impl 

func (a *ServicePrincipalsAPI) Impl() ServicePrincipalsService

Impl returns low-level ServicePrincipals API implementation Deprecated: use MockServicePrincipalsInterface instead.

func (*ServicePrincipalsAPI) List added in v0.24.0 

func (a *ServicePrincipalsAPI) List(ctx context.Context, request ListServicePrincipalsRequest) listing.Iterator[ServicePrincipal]

List service principals.

Gets the set of service principals associated with a Databricks workspace.

This method is generated by Databricks SDK Code Generator.

func (*ServicePrincipalsAPI) ListAll 

func (a *ServicePrincipalsAPI) ListAll(ctx context.Context, request ListServicePrincipalsRequest) ([]ServicePrincipal, error)

List service principals.

Gets the set of service principals associated with a Databricks workspace.

This method is generated by Databricks SDK Code Generator.

Example (AccountServicePrincipal) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

spCreate, err := a.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	Active:      true,
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", spCreate)

sp, err := a.ServicePrincipals.GetById(ctx, spCreate.Id)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", sp)

spList, err := a.ServicePrincipals.ListAll(ctx, iam.ListAccountServicePrincipalsRequest{
	Filter: fmt.Sprintf("displayName eq %v", sp.DisplayName),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", spList)

// cleanup

err = a.ServicePrincipals.Delete(ctx, iam.DeleteAccountServicePrincipalRequest{
	Id: spCreate.Id,
})
if err != nil {
	panic(err)
}

Output:
Example (ServicePrincipalsOnAws) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

all, err := w.ServicePrincipals.ListAll(ctx, iam.ListServicePrincipalsRequest{})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", all)

Output:

func (*ServicePrincipalsAPI) Patch 

func (a *ServicePrincipalsAPI) Patch(ctx context.Context, request PartialUpdate) error

Update service principal details.

Partially updates the details of a single service principal in the Databricks workspace.

Example (AccountServicePrincipal) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

spCreate, err := a.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	Active:      true,
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", spCreate)

sp, err := a.ServicePrincipals.GetById(ctx, spCreate.Id)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", sp)

err = a.ServicePrincipals.Patch(ctx, iam.PartialUpdate{
	Id: sp.Id,
	Operations: []iam.Patch{iam.Patch{
		Op:    iam.PatchOpReplace,
		Path:  "active",
		Value: "false",
	}},
	Schemas: []iam.PatchSchema{iam.PatchSchemaUrnIetfParamsScimApiMessages20PatchOp},
})
if err != nil {
	panic(err)
}

// cleanup

err = a.ServicePrincipals.Delete(ctx, iam.DeleteAccountServicePrincipalRequest{
	Id: spCreate.Id,
})
if err != nil {
	panic(err)
}

Output:
Example (ServicePrincipalsOnAws) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

created, err := w.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", created)

byId, err := w.ServicePrincipals.GetById(ctx, created.Id)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", byId)

err = w.ServicePrincipals.Patch(ctx, iam.PartialUpdate{
	Id: byId.Id,
	Operations: []iam.Patch{iam.Patch{
		Op:    iam.PatchOpReplace,
		Path:  "active",
		Value: "false",
	}},
	Schemas: []iam.PatchSchema{iam.PatchSchemaUrnIetfParamsScimApiMessages20PatchOp},
})
if err != nil {
	panic(err)
}

// cleanup

err = w.ServicePrincipals.DeleteById(ctx, created.Id)
if err != nil {
	panic(err)
}

Output:

func (*ServicePrincipalsAPI) ServicePrincipalDisplayNameToIdMap 

func (a *ServicePrincipalsAPI) ServicePrincipalDisplayNameToIdMap(ctx context.Context, request ListServicePrincipalsRequest) (map[string]string, error)

ServicePrincipalDisplayNameToIdMap calls ServicePrincipalsAPI.ListAll and creates a map of results with ServicePrincipal.DisplayName as key and ServicePrincipal.Id as value.

Returns an error if there's more than one ServicePrincipal with the same .DisplayName.

Note: All ServicePrincipal instances are loaded into memory before creating a map.

This method is generated by Databricks SDK Code Generator.

func (*ServicePrincipalsAPI) Update 

func (a *ServicePrincipalsAPI) Update(ctx context.Context, request ServicePrincipal) error

Replace service principal.

Updates the details of a single service principal.

This action replaces the existing service principal with the same name.

Example (AccountServicePrincipal) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

spCreate, err := a.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	Active:      true,
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", spCreate)

sp, err := a.ServicePrincipals.GetById(ctx, spCreate.Id)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", sp)

err = a.ServicePrincipals.Update(ctx, iam.ServicePrincipal{
	Active:      true,
	DisplayName: sp.DisplayName,
	Id:          sp.Id,
})
if err != nil {
	panic(err)
}

// cleanup

err = a.ServicePrincipals.Delete(ctx, iam.DeleteAccountServicePrincipalRequest{
	Id: spCreate.Id,
})
if err != nil {
	panic(err)
}

Output:
Example (ServicePrincipalsOnAws) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

created, err := w.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", created)

err = w.ServicePrincipals.Update(ctx, iam.ServicePrincipal{
	Id:          created.Id,
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	Roles: []iam.ComplexValue{iam.ComplexValue{
		Value: "xyz",
	}},
})
if err != nil {
	panic(err)
}

// cleanup

err = w.ServicePrincipals.DeleteById(ctx, created.Id)
if err != nil {
	panic(err)
}

Output:

func (*ServicePrincipalsAPI) WithImpl 

func (a *ServicePrincipalsAPI) WithImpl(impl ServicePrincipalsService) ServicePrincipalsInterface

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks. Deprecated: use MockServicePrincipalsInterface instead.

type ServicePrincipalsInterface added in v0.29.0 

type ServicePrincipalsInterface interface {
	// WithImpl could be used to override low-level API implementations for unit
	// testing purposes with [github.com/golang/mock] or other mocking frameworks.
	// Deprecated: use MockServicePrincipalsInterface instead.
	WithImpl(impl ServicePrincipalsService) ServicePrincipalsInterface

	// Impl returns low-level ServicePrincipals API implementation
	// Deprecated: use MockServicePrincipalsInterface instead.
	Impl() ServicePrincipalsService

	// Create a service principal.
	//
	// Creates a new service principal in the Databricks workspace.
	Create(ctx context.Context, request ServicePrincipal) (*ServicePrincipal, error)

	// Delete a service principal.
	//
	// Delete a single service principal in the Databricks workspace.
	Delete(ctx context.Context, request DeleteServicePrincipalRequest) error

	// Delete a service principal.
	//
	// Delete a single service principal in the Databricks workspace.
	DeleteById(ctx context.Context, id string) error

	// Get service principal details.
	//
	// Gets the details for a single service principal define in the Databricks
	// workspace.
	Get(ctx context.Context, request GetServicePrincipalRequest) (*ServicePrincipal, error)

	// Get service principal details.
	//
	// Gets the details for a single service principal define in the Databricks
	// workspace.
	GetById(ctx context.Context, id string) (*ServicePrincipal, error)

	// List service principals.
	//
	// Gets the set of service principals associated with a Databricks workspace.
	//
	// This method is generated by Databricks SDK Code Generator.
	List(ctx context.Context, request ListServicePrincipalsRequest) listing.Iterator[ServicePrincipal]

	// List service principals.
	//
	// Gets the set of service principals associated with a Databricks workspace.
	//
	// This method is generated by Databricks SDK Code Generator.
	ListAll(ctx context.Context, request ListServicePrincipalsRequest) ([]ServicePrincipal, error)

	// ServicePrincipalDisplayNameToIdMap calls [ServicePrincipalsAPI.ListAll] and creates a map of results with [ServicePrincipal].DisplayName as key and [ServicePrincipal].Id as value.
	//
	// Returns an error if there's more than one [ServicePrincipal] with the same .DisplayName.
	//
	// Note: All [ServicePrincipal] instances are loaded into memory before creating a map.
	//
	// This method is generated by Databricks SDK Code Generator.
	ServicePrincipalDisplayNameToIdMap(ctx context.Context, request ListServicePrincipalsRequest) (map[string]string, error)

	// GetByDisplayName calls [ServicePrincipalsAPI.ServicePrincipalDisplayNameToIdMap] and returns a single [ServicePrincipal].
	//
	// Returns an error if there's more than one [ServicePrincipal] with the same .DisplayName.
	//
	// Note: All [ServicePrincipal] instances are loaded into memory before returning matching by name.
	//
	// This method is generated by Databricks SDK Code Generator.
	GetByDisplayName(ctx context.Context, name string) (*ServicePrincipal, error)

	// Update service principal details.
	//
	// Partially updates the details of a single service principal in the Databricks
	// workspace.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace service principal.
	//
	// Updates the details of a single service principal.
	//
	// This action replaces the existing service principal with the same name.
	Update(ctx context.Context, request ServicePrincipal) error
}

type ServicePrincipalsService 

type ServicePrincipalsService interface {

	// Create a service principal.
	//
	// Creates a new service principal in the Databricks workspace.
	Create(ctx context.Context, request ServicePrincipal) (*ServicePrincipal, error)

	// Delete a service principal.
	//
	// Delete a single service principal in the Databricks workspace.
	Delete(ctx context.Context, request DeleteServicePrincipalRequest) error

	// Get service principal details.
	//
	// Gets the details for a single service principal define in the Databricks
	// workspace.
	Get(ctx context.Context, request GetServicePrincipalRequest) (*ServicePrincipal, error)

	// List service principals.
	//
	// Gets the set of service principals associated with a Databricks
	// workspace.
	//
	// Use ListAll() to get all ServicePrincipal instances, which will iterate over every result page.
	List(ctx context.Context, request ListServicePrincipalsRequest) (*ListServicePrincipalResponse, error)

	// Update service principal details.
	//
	// Partially updates the details of a single service principal in the
	// Databricks workspace.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace service principal.
	//
	// Updates the details of a single service principal.
	//
	// This action replaces the existing service principal with the same name.
	Update(ctx context.Context, request ServicePrincipal) error
}

Identities for use with jobs, automated tools, and systems such as scripts, apps, and CI/CD platforms. Databricks recommends creating service principals to run production jobs or modify production data. If all processes that act on production data run with service principals, interactive users do not need any write, delete, or modify privileges in production. This eliminates the risk of a user overwriting production data by accident.

type UpdateResponse added in v0.34.0 

type UpdateResponse struct {
}

type UpdateRuleSetRequest added in v0.10.0 

type UpdateRuleSetRequest struct {
	// Name of the rule set.
	Name string `json:"name"`

	RuleSet RuleSetUpdateRequest `json:"rule_set"`
}

type UpdateWorkspaceAssignments 

type UpdateWorkspaceAssignments struct {
	// Array of permissions assignments to update on the workspace. Note that
	// excluding this field will have the same effect as providing an empty list
	// which will result in the deletion of all permissions for the principal.
	Permissions []WorkspacePermission `json:"permissions"`
	// The ID of the user, service principal, or group.
	PrincipalId int64 `json:"-" url:"-"`
	// The workspace ID.
	WorkspaceId int64 `json:"-" url:"-"`
}

type User 

type User struct {
	// If this user is active
	Active bool `json:"active,omitempty"`
	// String that represents a concatenation of given and family names. For
	// example `John Smith`. This field cannot be updated through the Workspace
	// SCIM APIs when [identity federation is enabled]. Use Account SCIM APIs to
	// update `displayName`.
	//
	// [identity federation is enabled]: https://docs.databricks.com/administration-guide/users-groups/best-practices.html#enable-identity-federation
	DisplayName string `json:"displayName,omitempty"`
	// All the emails associated with the Databricks user.
	Emails []ComplexValue `json:"emails,omitempty"`
	// Entitlements assigned to the user. See [assigning entitlements] for a
	// full list of supported values.
	//
	// [assigning entitlements]: https://docs.databricks.com/administration-guide/users-groups/index.html#assigning-entitlements
	Entitlements []ComplexValue `json:"entitlements,omitempty"`
	// External ID is not currently supported. It is reserved for future use.
	ExternalId string `json:"externalId,omitempty"`

	Groups []ComplexValue `json:"groups,omitempty"`
	// Databricks user ID. This is automatically set by Databricks. Any value
	// provided by the client will be ignored.
	Id string `json:"id,omitempty" url:"-"`

	Name *Name `json:"name,omitempty"`
	// Corresponds to AWS instance profile/arn role.
	Roles []ComplexValue `json:"roles,omitempty"`
	// The schema of the user.
	Schemas []UserSchema `json:"schemas,omitempty"`
	// Email address of the Databricks user.
	UserName string `json:"userName,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (User) MarshalJSON added in v0.23.0 

func (s User) MarshalJSON() ([]byte, error)

func (*User) UnmarshalJSON added in v0.23.0 

func (s *User) UnmarshalJSON(b []byte) error

type UserSchema added in v0.24.0 

type UserSchema string
const UserSchemaUrnIetfParamsScimSchemasCore20User UserSchema = `urn:ietf:params:scim:schemas:core:2.0:User`
const UserSchemaUrnIetfParamsScimSchemasExtensionWorkspace20User UserSchema = `urn:ietf:params:scim:schemas:extension:workspace:2.0:User`

func (*UserSchema) Set added in v0.24.0 

func (f *UserSchema) Set(v string) error

Set raw string value and validate it against allowed values

func (*UserSchema) String added in v0.24.0 

func (f *UserSchema) String() string

String representation for fmt.Print

func (*UserSchema) Type added in v0.24.0 

func (f *UserSchema) Type() string

Type always returns UserSchema to satisfy [pflag.Value] interface

type UsersAPI 

type UsersAPI struct {
	// contains filtered or unexported fields
}

User identities recognized by Databricks and represented by email addresses.

Databricks recommends using SCIM provisioning to sync users and groups automatically from your identity provider to your Databricks workspace. SCIM streamlines onboarding a new employee or team by using your identity provider to create users and groups in Databricks workspace and give them the proper level of access. When a user leaves your organization or no longer needs access to Databricks workspace, admins can terminate the user in your identity provider and that user’s account will also be removed from Databricks workspace. This ensures a consistent offboarding process and prevents unauthorized users from accessing sensitive data.

func NewUsers 

func NewUsers(client *client.DatabricksClient) *UsersAPI

func (*UsersAPI) Create 

func (a *UsersAPI) Create(ctx context.Context, request User) (*User, error)

Create a new user.

Creates a new user in the Databricks workspace. This new user will also be added to the Databricks account.

Example (AccountUsers) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

user, err := a.Users.Create(ctx, iam.User{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	UserName:    fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", user)

// cleanup

err = a.Users.DeleteById(ctx, user.Id)
if err != nil {
	panic(err)
}

Output:
Example (ClustersApiIntegration) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

otherOwner, err := w.Users.Create(ctx, iam.User{
	UserName: fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", otherOwner)

// cleanup

err = w.Users.DeleteById(ctx, otherOwner.Id)
if err != nil {
	panic(err)
}

Output:
Example (WorkspaceUsers) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

user, err := w.Users.Create(ctx, iam.User{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	UserName:    fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", user)

Output:

func (*UsersAPI) Delete 

func (a *UsersAPI) Delete(ctx context.Context, request DeleteUserRequest) error

Delete a user.

Deletes a user. Deleting a user from a Databricks workspace also removes objects associated with the user.

Example (AccountUsers) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

user, err := a.Users.Create(ctx, iam.User{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	UserName:    fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", user)

err = a.Users.DeleteById(ctx, user.Id)
if err != nil {
	panic(err)
}

Output:
Example (ClustersApiIntegration) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

otherOwner, err := w.Users.Create(ctx, iam.User{
	UserName: fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", otherOwner)

err = w.Users.DeleteById(ctx, otherOwner.Id)
if err != nil {
	panic(err)
}

Output:
Example (WorkspaceUsers) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

user, err := w.Users.Create(ctx, iam.User{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	UserName:    fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", user)

err = w.Users.DeleteById(ctx, user.Id)
if err != nil {
	panic(err)
}

Output:

func (*UsersAPI) DeleteById 

func (a *UsersAPI) DeleteById(ctx context.Context, id string) error

Delete a user.

Deletes a user. Deleting a user from a Databricks workspace also removes objects associated with the user.

func (*UsersAPI) Get 

func (a *UsersAPI) Get(ctx context.Context, request GetUserRequest) (*User, error)

Get user details.

Gets information for a specific user in Databricks workspace.

Example (AccountUsers) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

user, err := a.Users.Create(ctx, iam.User{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	UserName:    fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", user)

byId, err := a.Users.GetById(ctx, user.Id)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", byId)

// cleanup

err = a.Users.DeleteById(ctx, user.Id)
if err != nil {
	panic(err)
}

Output:
Example (WorkspaceUsers) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

user, err := w.Users.Create(ctx, iam.User{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	UserName:    fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", user)

fetch, err := w.Users.GetById(ctx, user.Id)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", fetch)

Output:

func (*UsersAPI) GetById 

func (a *UsersAPI) GetById(ctx context.Context, id string) (*User, error)

Get user details.

Gets information for a specific user in Databricks workspace.

func (*UsersAPI) GetByUserName 

func (a *UsersAPI) GetByUserName(ctx context.Context, name string) (*User, error)

GetByUserName calls UsersAPI.UserUserNameToIdMap and returns a single User.

Returns an error if there's more than one User with the same .UserName.

Note: All User instances are loaded into memory before returning matching by name.

This method is generated by Databricks SDK Code Generator.

func (*UsersAPI) GetPermissionLevels added in v0.19.0 

func (a *UsersAPI) GetPermissionLevels(ctx context.Context) (*GetPasswordPermissionLevelsResponse, error)

Get password permission levels.

Gets the permission levels that a user can have on an object.

func (*UsersAPI) GetPermissions added in v0.19.0 

func (a *UsersAPI) GetPermissions(ctx context.Context) (*PasswordPermissions, error)

Get password permissions.

Gets the permissions of all passwords. Passwords can inherit permissions from their root object.

func (*UsersAPI) Impl 

func (a *UsersAPI) Impl() UsersService

Impl returns low-level Users API implementation Deprecated: use MockUsersInterface instead.

func (*UsersAPI) List added in v0.24.0 

func (a *UsersAPI) List(ctx context.Context, request ListUsersRequest) listing.Iterator[User]

List users.

Gets details for all the users associated with a Databricks workspace.

This method is generated by Databricks SDK Code Generator.

func (*UsersAPI) ListAll 

func (a *UsersAPI) ListAll(ctx context.Context, request ListUsersRequest) ([]User, error)

List users.

Gets details for all the users associated with a Databricks workspace.

This method is generated by Databricks SDK Code Generator.

Example (WorkspaceUsers) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

allUsers, err := w.Users.ListAll(ctx, iam.ListUsersRequest{
	Attributes: "id,userName",
	SortBy:     "userName",
	SortOrder:  iam.ListSortOrderDescending,
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", allUsers)

Output:

func (*UsersAPI) Patch 

func (a *UsersAPI) Patch(ctx context.Context, request PartialUpdate) error

Update user details.

Partially updates a user resource by applying the supplied operations on specific user attributes.

Example (AccountUsers) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

user, err := a.Users.Create(ctx, iam.User{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	UserName:    fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", user)

err = a.Users.Patch(ctx, iam.PartialUpdate{
	Id:      user.Id,
	Schemas: []iam.PatchSchema{iam.PatchSchemaUrnIetfParamsScimApiMessages20PatchOp},
	Operations: []iam.Patch{iam.Patch{
		Op: iam.PatchOpAdd,
		Value: iam.User{
			Roles: []iam.ComplexValue{iam.ComplexValue{
				Value: "account_admin",
			}},
		},
	}},
})
if err != nil {
	panic(err)
}

// cleanup

err = a.Users.DeleteById(ctx, user.Id)
if err != nil {
	panic(err)
}

Output:
Example (WorkspaceUsers) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

user, err := w.Users.Create(ctx, iam.User{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	UserName:    fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", user)

err = w.Users.Patch(ctx, iam.PartialUpdate{
	Id: user.Id,
	Operations: []iam.Patch{iam.Patch{
		Op:    iam.PatchOpReplace,
		Path:  "active",
		Value: "false",
	}},
	Schemas: []iam.PatchSchema{iam.PatchSchemaUrnIetfParamsScimApiMessages20PatchOp},
})
if err != nil {
	panic(err)
}

Output:

func (*UsersAPI) SetPermissions added in v0.19.0 

func (a *UsersAPI) SetPermissions(ctx context.Context, request PasswordPermissionsRequest) (*PasswordPermissions, error)

Set password permissions.

Sets permissions on all passwords. Passwords can inherit permissions from their root object.

func (*UsersAPI) Update 

func (a *UsersAPI) Update(ctx context.Context, request User) error

Replace a user.

Replaces a user's information with the data supplied in request.

Example (WorkspaceUsers) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

user, err := w.Users.Create(ctx, iam.User{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	UserName:    fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", user)

err = w.Users.Update(ctx, iam.User{
	Id:       user.Id,
	UserName: user.UserName,
	Active:   true,
})
if err != nil {
	panic(err)
}

Output:

func (*UsersAPI) UpdatePermissions added in v0.19.0 

func (a *UsersAPI) UpdatePermissions(ctx context.Context, request PasswordPermissionsRequest) (*PasswordPermissions, error)

Update password permissions.

Updates the permissions on all passwords. Passwords can inherit permissions from their root object.

func (*UsersAPI) UserUserNameToIdMap 

func (a *UsersAPI) UserUserNameToIdMap(ctx context.Context, request ListUsersRequest) (map[string]string, error)

UserUserNameToIdMap calls UsersAPI.ListAll and creates a map of results with User.UserName as key and User.Id as value.

Returns an error if there's more than one User with the same .UserName.

Note: All User instances are loaded into memory before creating a map.

This method is generated by Databricks SDK Code Generator.

func (*UsersAPI) WithImpl 

func (a *UsersAPI) WithImpl(impl UsersService) UsersInterface

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks. Deprecated: use MockUsersInterface instead.

type UsersInterface added in v0.29.0 

type UsersInterface interface {
	// WithImpl could be used to override low-level API implementations for unit
	// testing purposes with [github.com/golang/mock] or other mocking frameworks.
	// Deprecated: use MockUsersInterface instead.
	WithImpl(impl UsersService) UsersInterface

	// Impl returns low-level Users API implementation
	// Deprecated: use MockUsersInterface instead.
	Impl() UsersService

	// Create a new user.
	//
	// Creates a new user in the Databricks workspace. This new user will also be
	// added to the Databricks account.
	Create(ctx context.Context, request User) (*User, error)

	// Delete a user.
	//
	// Deletes a user. Deleting a user from a Databricks workspace also removes
	// objects associated with the user.
	Delete(ctx context.Context, request DeleteUserRequest) error

	// Delete a user.
	//
	// Deletes a user. Deleting a user from a Databricks workspace also removes
	// objects associated with the user.
	DeleteById(ctx context.Context, id string) error

	// Get user details.
	//
	// Gets information for a specific user in Databricks workspace.
	Get(ctx context.Context, request GetUserRequest) (*User, error)

	// Get user details.
	//
	// Gets information for a specific user in Databricks workspace.
	GetById(ctx context.Context, id string) (*User, error)

	// Get password permission levels.
	//
	// Gets the permission levels that a user can have on an object.
	GetPermissionLevels(ctx context.Context) (*GetPasswordPermissionLevelsResponse, error)

	// Get password permissions.
	//
	// Gets the permissions of all passwords. Passwords can inherit permissions from
	// their root object.
	GetPermissions(ctx context.Context) (*PasswordPermissions, error)

	// List users.
	//
	// Gets details for all the users associated with a Databricks workspace.
	//
	// This method is generated by Databricks SDK Code Generator.
	List(ctx context.Context, request ListUsersRequest) listing.Iterator[User]

	// List users.
	//
	// Gets details for all the users associated with a Databricks workspace.
	//
	// This method is generated by Databricks SDK Code Generator.
	ListAll(ctx context.Context, request ListUsersRequest) ([]User, error)

	// UserUserNameToIdMap calls [UsersAPI.ListAll] and creates a map of results with [User].UserName as key and [User].Id as value.
	//
	// Returns an error if there's more than one [User] with the same .UserName.
	//
	// Note: All [User] instances are loaded into memory before creating a map.
	//
	// This method is generated by Databricks SDK Code Generator.
	UserUserNameToIdMap(ctx context.Context, request ListUsersRequest) (map[string]string, error)

	// GetByUserName calls [UsersAPI.UserUserNameToIdMap] and returns a single [User].
	//
	// Returns an error if there's more than one [User] with the same .UserName.
	//
	// Note: All [User] instances are loaded into memory before returning matching by name.
	//
	// This method is generated by Databricks SDK Code Generator.
	GetByUserName(ctx context.Context, name string) (*User, error)

	// Update user details.
	//
	// Partially updates a user resource by applying the supplied operations on
	// specific user attributes.
	Patch(ctx context.Context, request PartialUpdate) error

	// Set password permissions.
	//
	// Sets permissions on all passwords. Passwords can inherit permissions from
	// their root object.
	SetPermissions(ctx context.Context, request PasswordPermissionsRequest) (*PasswordPermissions, error)

	// Replace a user.
	//
	// Replaces a user's information with the data supplied in request.
	Update(ctx context.Context, request User) error

	// Update password permissions.
	//
	// Updates the permissions on all passwords. Passwords can inherit permissions
	// from their root object.
	UpdatePermissions(ctx context.Context, request PasswordPermissionsRequest) (*PasswordPermissions, error)
}

type UsersService 

type UsersService interface {

	// Create a new user.
	//
	// Creates a new user in the Databricks workspace. This new user will also
	// be added to the Databricks account.
	Create(ctx context.Context, request User) (*User, error)

	// Delete a user.
	//
	// Deletes a user. Deleting a user from a Databricks workspace also removes
	// objects associated with the user.
	Delete(ctx context.Context, request DeleteUserRequest) error

	// Get user details.
	//
	// Gets information for a specific user in Databricks workspace.
	Get(ctx context.Context, request GetUserRequest) (*User, error)

	// Get password permission levels.
	//
	// Gets the permission levels that a user can have on an object.
	GetPermissionLevels(ctx context.Context) (*GetPasswordPermissionLevelsResponse, error)

	// Get password permissions.
	//
	// Gets the permissions of all passwords. Passwords can inherit permissions
	// from their root object.
	GetPermissions(ctx context.Context) (*PasswordPermissions, error)

	// List users.
	//
	// Gets details for all the users associated with a Databricks workspace.
	//
	// Use ListAll() to get all User instances, which will iterate over every result page.
	List(ctx context.Context, request ListUsersRequest) (*ListUsersResponse, error)

	// Update user details.
	//
	// Partially updates a user resource by applying the supplied operations on
	// specific user attributes.
	Patch(ctx context.Context, request PartialUpdate) error

	// Set password permissions.
	//
	// Sets permissions on all passwords. Passwords can inherit permissions from
	// their root object.
	SetPermissions(ctx context.Context, request PasswordPermissionsRequest) (*PasswordPermissions, error)

	// Replace a user.
	//
	// Replaces a user's information with the data supplied in request.
	Update(ctx context.Context, request User) error

	// Update password permissions.
	//
	// Updates the permissions on all passwords. Passwords can inherit
	// permissions from their root object.
	UpdatePermissions(ctx context.Context, request PasswordPermissionsRequest) (*PasswordPermissions, error)
}

User identities recognized by Databricks and represented by email addresses.

Databricks recommends using SCIM provisioning to sync users and groups automatically from your identity provider to your Databricks workspace. SCIM streamlines onboarding a new employee or team by using your identity provider to create users and groups in Databricks workspace and give them the proper level of access. When a user leaves your organization or no longer needs access to Databricks workspace, admins can terminate the user in your identity provider and that user’s account will also be removed from Databricks workspace. This ensures a consistent offboarding process and prevents unauthorized users from accessing sensitive data.

type WorkspaceAssignmentAPI 

type WorkspaceAssignmentAPI struct {
	// contains filtered or unexported fields
}

The Workspace Permission Assignment API allows you to manage workspace permissions for principals in your account.

func NewWorkspaceAssignment 

func NewWorkspaceAssignment(client *client.DatabricksClient) *WorkspaceAssignmentAPI

func (*WorkspaceAssignmentAPI) Delete 

func (a *WorkspaceAssignmentAPI) Delete(ctx context.Context, request DeleteWorkspaceAssignmentRequest) error

Delete permissions assignment.

Deletes the workspace permissions assignment in a given account and workspace for the specified principal.

func (*WorkspaceAssignmentAPI) DeleteByWorkspaceIdAndPrincipalId 

func (a *WorkspaceAssignmentAPI) DeleteByWorkspaceIdAndPrincipalId(ctx context.Context, workspaceId int64, principalId int64) error

Delete permissions assignment.

Deletes the workspace permissions assignment in a given account and workspace for the specified principal.

func (*WorkspaceAssignmentAPI) Get 

func (a *WorkspaceAssignmentAPI) Get(ctx context.Context, request GetWorkspaceAssignmentRequest) (*WorkspacePermissions, error)

List workspace permissions.

Get an array of workspace permissions for the specified account and workspace.

func (*WorkspaceAssignmentAPI) GetByWorkspaceId 

func (a *WorkspaceAssignmentAPI) GetByWorkspaceId(ctx context.Context, workspaceId int64) (*WorkspacePermissions, error)

List workspace permissions.

Get an array of workspace permissions for the specified account and workspace.

func (*WorkspaceAssignmentAPI) Impl 

func (a *WorkspaceAssignmentAPI) Impl() WorkspaceAssignmentService

Impl returns low-level WorkspaceAssignment API implementation Deprecated: use MockWorkspaceAssignmentInterface instead.

func (*WorkspaceAssignmentAPI) List added in v0.24.0 

func (a *WorkspaceAssignmentAPI) List(ctx context.Context, request ListWorkspaceAssignmentRequest) listing.Iterator[PermissionAssignment]

Get permission assignments.

Get the permission assignments for the specified Databricks account and Databricks workspace.

This method is generated by Databricks SDK Code Generator.

func (*WorkspaceAssignmentAPI) ListAll 

func (a *WorkspaceAssignmentAPI) ListAll(ctx context.Context, request ListWorkspaceAssignmentRequest) ([]PermissionAssignment, error)

Get permission assignments.

Get the permission assignments for the specified Databricks account and Databricks workspace.

This method is generated by Databricks SDK Code Generator.

Example (WorkspaceAssignmentOnAws) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

workspaceId := func(v string) int64 {
	i, err := strconv.ParseInt(v, 10, 64)
	if err != nil {
		panic(fmt.Sprintf("`%s` is not int64: %s", v, err))
	}
	return i
}(os.Getenv("DUMMY_WORKSPACE_ID"))

all, err := a.WorkspaceAssignment.ListByWorkspaceId(ctx, workspaceId)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", all)

Output:

func (*WorkspaceAssignmentAPI) ListByWorkspaceId 

func (a *WorkspaceAssignmentAPI) ListByWorkspaceId(ctx context.Context, workspaceId int64) (*PermissionAssignments, error)

Get permission assignments.

Get the permission assignments for the specified Databricks account and Databricks workspace.

func (*WorkspaceAssignmentAPI) Update 

func (a *WorkspaceAssignmentAPI) Update(ctx context.Context, request UpdateWorkspaceAssignments) (*PermissionAssignment, error)

Create or update permissions assignment.

Creates or updates the workspace permissions assignment in a given account and workspace for the specified principal.

Example (WorkspaceAssignmentOnAws) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

spn, err := a.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", spn)

spnId := func(v string) int64 {
	i, err := strconv.ParseInt(v, 10, 64)
	if err != nil {
		panic(fmt.Sprintf("`%s` is not int64: %s", v, err))
	}
	return i
}(spn.Id)

workspaceId := func(v string) int64 {
	i, err := strconv.ParseInt(v, 10, 64)
	if err != nil {
		panic(fmt.Sprintf("`%s` is not int64: %s", v, err))
	}
	return i
}(os.Getenv("DUMMY_WORKSPACE_ID"))

_, err = a.WorkspaceAssignment.Update(ctx, iam.UpdateWorkspaceAssignments{
	WorkspaceId: workspaceId,
	PrincipalId: spnId,
	Permissions: []iam.WorkspacePermission{iam.WorkspacePermissionUser},
})
if err != nil {
	panic(err)
}

Output:

func (*WorkspaceAssignmentAPI) WithImpl 

func (a *WorkspaceAssignmentAPI) WithImpl(impl WorkspaceAssignmentService) WorkspaceAssignmentInterface

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks. Deprecated: use MockWorkspaceAssignmentInterface instead.

type WorkspaceAssignmentInterface added in v0.29.0 

type WorkspaceAssignmentInterface interface {
	// WithImpl could be used to override low-level API implementations for unit
	// testing purposes with [github.com/golang/mock] or other mocking frameworks.
	// Deprecated: use MockWorkspaceAssignmentInterface instead.
	WithImpl(impl WorkspaceAssignmentService) WorkspaceAssignmentInterface

	// Impl returns low-level WorkspaceAssignment API implementation
	// Deprecated: use MockWorkspaceAssignmentInterface instead.
	Impl() WorkspaceAssignmentService

	// Delete permissions assignment.
	//
	// Deletes the workspace permissions assignment in a given account and workspace
	// for the specified principal.
	Delete(ctx context.Context, request DeleteWorkspaceAssignmentRequest) error

	// Delete permissions assignment.
	//
	// Deletes the workspace permissions assignment in a given account and workspace
	// for the specified principal.
	DeleteByWorkspaceIdAndPrincipalId(ctx context.Context, workspaceId int64, principalId int64) error

	// List workspace permissions.
	//
	// Get an array of workspace permissions for the specified account and
	// workspace.
	Get(ctx context.Context, request GetWorkspaceAssignmentRequest) (*WorkspacePermissions, error)

	// List workspace permissions.
	//
	// Get an array of workspace permissions for the specified account and
	// workspace.
	GetByWorkspaceId(ctx context.Context, workspaceId int64) (*WorkspacePermissions, error)

	// Get permission assignments.
	//
	// Get the permission assignments for the specified Databricks account and
	// Databricks workspace.
	//
	// This method is generated by Databricks SDK Code Generator.
	List(ctx context.Context, request ListWorkspaceAssignmentRequest) listing.Iterator[PermissionAssignment]

	// Get permission assignments.
	//
	// Get the permission assignments for the specified Databricks account and
	// Databricks workspace.
	//
	// This method is generated by Databricks SDK Code Generator.
	ListAll(ctx context.Context, request ListWorkspaceAssignmentRequest) ([]PermissionAssignment, error)

	// Get permission assignments.
	//
	// Get the permission assignments for the specified Databricks account and
	// Databricks workspace.
	ListByWorkspaceId(ctx context.Context, workspaceId int64) (*PermissionAssignments, error)

	// Create or update permissions assignment.
	//
	// Creates or updates the workspace permissions assignment in a given account
	// and workspace for the specified principal.
	Update(ctx context.Context, request UpdateWorkspaceAssignments) (*PermissionAssignment, error)
}

type WorkspaceAssignmentService 

type WorkspaceAssignmentService interface {

	// Delete permissions assignment.
	//
	// Deletes the workspace permissions assignment in a given account and
	// workspace for the specified principal.
	Delete(ctx context.Context, request DeleteWorkspaceAssignmentRequest) error

	// List workspace permissions.
	//
	// Get an array of workspace permissions for the specified account and
	// workspace.
	Get(ctx context.Context, request GetWorkspaceAssignmentRequest) (*WorkspacePermissions, error)

	// Get permission assignments.
	//
	// Get the permission assignments for the specified Databricks account and
	// Databricks workspace.
	//
	// Use ListAll() to get all PermissionAssignment instances
	List(ctx context.Context, request ListWorkspaceAssignmentRequest) (*PermissionAssignments, error)

	// Create or update permissions assignment.
	//
	// Creates or updates the workspace permissions assignment in a given
	// account and workspace for the specified principal.
	Update(ctx context.Context, request UpdateWorkspaceAssignments) (*PermissionAssignment, error)
}

The Workspace Permission Assignment API allows you to manage workspace permissions for principals in your account.

type WorkspacePermission 

type WorkspacePermission string
const WorkspacePermissionAdmin WorkspacePermission = `ADMIN`
const WorkspacePermissionUnknown WorkspacePermission = `UNKNOWN`
const WorkspacePermissionUser WorkspacePermission = `USER`

func (*WorkspacePermission) Set 

func (f *WorkspacePermission) Set(v string) error

Set raw string value and validate it against allowed values

func (*WorkspacePermission) String 

func (f *WorkspacePermission) String() string

String representation for fmt.Print

func (*WorkspacePermission) Type 

func (f *WorkspacePermission) Type() string

Type always returns WorkspacePermission to satisfy [pflag.Value] interface

type WorkspacePermissions 

type WorkspacePermissions struct {
	// Array of permissions defined for a workspace.
	Permissions []PermissionOutput `json:"permissions,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.