iam

package
v0.10.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 15, 2023 License: Apache-2.0 Imports: 5 Imported by: 28

Documentation

Overview

These APIs allow you to manage Account Access Control, Account Access Control Proxy, Account Groups, Account Service Principals, Account Users, Current User, Groups, Permissions, Service Principals, Users, Workspace Assignment, etc.

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessControlRequest 

type AccessControlRequest struct {
	// name of the group
	GroupName string `json:"group_name,omitempty"`
	// Permission level
	PermissionLevel PermissionLevel `json:"permission_level,omitempty"`
	// name of the service principal
	ServicePrincipalName string `json:"service_principal_name,omitempty"`
	// name of the user
	UserName string `json:"user_name,omitempty"`
}

type AccessControlResponse 

type AccessControlResponse struct {
	// All permissions.
	AllPermissions []Permission `json:"all_permissions,omitempty"`
	// name of the group
	GroupName string `json:"group_name,omitempty"`
	// name of the service principal
	ServicePrincipalName string `json:"service_principal_name,omitempty"`
	// name of the user
	UserName string `json:"user_name,omitempty"`
}

type AccountAccessControlAPI added in v0.10.0 

type AccountAccessControlAPI struct {
	// contains filtered or unexported fields
}

These APIs manage access rules on resources in an account. Currently, only grant rules are supported. A grant rule specifies a role assigned to a set of principals. A list of rules attached to a resource is called a rule set.

func NewAccountAccessControl added in v0.10.0 

func NewAccountAccessControl(client *client.DatabricksClient) *AccountAccessControlAPI

func (*AccountAccessControlAPI) GetAssignableRolesForResource added in v0.10.0 

func (a *AccountAccessControlAPI) GetAssignableRolesForResource(ctx context.Context, request GetAssignableRolesForResourceRequest) (*GetAssignableRolesForResourceResponse, error)

Get assignable roles for a resource.

Gets all the roles that can be granted on an account level resource. A role is grantable if the rule set on the resource can contain an access rule of the role.

func (*AccountAccessControlAPI) GetRuleSet added in v0.10.0 

func (a *AccountAccessControlAPI) GetRuleSet(ctx context.Context, request GetRuleSetRequest) (*RuleSetResponse, error)

Get a rule set.

Get a rule set by its name. A rule set is always attached to a resource and contains a list of access rules on the said resource. Currently only a default rule set for each resource is supported.

func (*AccountAccessControlAPI) Impl added in v0.10.0 

func (a *AccountAccessControlAPI) Impl() AccountAccessControlService

Impl returns low-level AccountAccessControl API implementation

func (*AccountAccessControlAPI) UpdateRuleSet added in v0.10.0 

func (a *AccountAccessControlAPI) UpdateRuleSet(ctx context.Context, request UpdateRuleSetRequest) (*RuleSetResponse, error)

Update a rule set.

Replace the rules of a rule set. First, use get to read the current version of the rule set before modifying it. This pattern helps prevent conflicts between concurrent updates.

func (*AccountAccessControlAPI) WithImpl added in v0.10.0 

func (a *AccountAccessControlAPI) WithImpl(impl AccountAccessControlService) *AccountAccessControlAPI

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks.

type AccountAccessControlProxyAPI added in v0.10.0 

type AccountAccessControlProxyAPI struct {
	// contains filtered or unexported fields
}

These APIs manage access rules on resources in an account. Currently, only grant rules are supported. A grant rule specifies a role assigned to a set of principals. A list of rules attached to a resource is called a rule set. A workspace must belong to an account for these APIs to work.

func NewAccountAccessControlProxy added in v0.10.0 

func NewAccountAccessControlProxy(client *client.DatabricksClient) *AccountAccessControlProxyAPI

func (*AccountAccessControlProxyAPI) GetAssignableRolesForResource added in v0.10.0 

func (a *AccountAccessControlProxyAPI) GetAssignableRolesForResource(ctx context.Context, request GetAssignableRolesForResourceRequest) (*GetAssignableRolesForResourceResponse, error)

Get assignable roles for a resource.

Gets all the roles that can be granted on an account-level resource. A role is grantable if the rule set on the resource can contain an access rule of the role.

func (*AccountAccessControlProxyAPI) GetRuleSet added in v0.10.0 

func (a *AccountAccessControlProxyAPI) GetRuleSet(ctx context.Context, request GetRuleSetRequest) (*RuleSetResponse, error)

Get a rule set.

Get a rule set by its name. A rule set is always attached to a resource and contains a list of access rules on the said resource. Currently only a default rule set for each resource is supported.

func (*AccountAccessControlProxyAPI) Impl added in v0.10.0 

func (a *AccountAccessControlProxyAPI) Impl() AccountAccessControlProxyService

Impl returns low-level AccountAccessControlProxy API implementation

func (*AccountAccessControlProxyAPI) UpdateRuleSet added in v0.10.0 

func (a *AccountAccessControlProxyAPI) UpdateRuleSet(ctx context.Context, request UpdateRuleSetRequest) (*RuleSetResponse, error)

Update a rule set.

Replace the rules of a rule set. First, use a GET rule set request to read the current version of the rule set before modifying it. This pattern helps prevent conflicts between concurrent updates.

func (*AccountAccessControlProxyAPI) WithImpl added in v0.10.0 

func (a *AccountAccessControlProxyAPI) WithImpl(impl AccountAccessControlProxyService) *AccountAccessControlProxyAPI

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks.

type AccountAccessControlProxyService added in v0.10.0 

type AccountAccessControlProxyService interface {

	// Get assignable roles for a resource.
	//
	// Gets all the roles that can be granted on an account-level resource. A
	// role is grantable if the rule set on the resource can contain an access
	// rule of the role.
	GetAssignableRolesForResource(ctx context.Context, request GetAssignableRolesForResourceRequest) (*GetAssignableRolesForResourceResponse, error)

	// Get a rule set.
	//
	// Get a rule set by its name. A rule set is always attached to a resource
	// and contains a list of access rules on the said resource. Currently only
	// a default rule set for each resource is supported.
	GetRuleSet(ctx context.Context, request GetRuleSetRequest) (*RuleSetResponse, error)

	// Update a rule set.
	//
	// Replace the rules of a rule set. First, use a GET rule set request to
	// read the current version of the rule set before modifying it. This
	// pattern helps prevent conflicts between concurrent updates.
	UpdateRuleSet(ctx context.Context, request UpdateRuleSetRequest) (*RuleSetResponse, error)
}

These APIs manage access rules on resources in an account. Currently, only grant rules are supported. A grant rule specifies a role assigned to a set of principals. A list of rules attached to a resource is called a rule set. A workspace must belong to an account for these APIs to work.

type AccountAccessControlService added in v0.10.0 

type AccountAccessControlService interface {

	// Get assignable roles for a resource.
	//
	// Gets all the roles that can be granted on an account level resource. A
	// role is grantable if the rule set on the resource can contain an access
	// rule of the role.
	GetAssignableRolesForResource(ctx context.Context, request GetAssignableRolesForResourceRequest) (*GetAssignableRolesForResourceResponse, error)

	// Get a rule set.
	//
	// Get a rule set by its name. A rule set is always attached to a resource
	// and contains a list of access rules on the said resource. Currently only
	// a default rule set for each resource is supported.
	GetRuleSet(ctx context.Context, request GetRuleSetRequest) (*RuleSetResponse, error)

	// Update a rule set.
	//
	// Replace the rules of a rule set. First, use get to read the current
	// version of the rule set before modifying it. This pattern helps prevent
	// conflicts between concurrent updates.
	UpdateRuleSet(ctx context.Context, request UpdateRuleSetRequest) (*RuleSetResponse, error)
}

These APIs manage access rules on resources in an account. Currently, only grant rules are supported. A grant rule specifies a role assigned to a set of principals. A list of rules attached to a resource is called a rule set.

type AccountGroupsAPI 

type AccountGroupsAPI struct {
	// contains filtered or unexported fields
}

Groups simplify identity management, making it easier to assign access to Databricks account, data, and other securable objects.

It is best practice to assign access to workspaces and access-control policies in Unity Catalog to groups, instead of to users individually. All Databricks account identities can be assigned as members of groups, and members inherit permissions that are assigned to their group.

func NewAccountGroups 

func NewAccountGroups(client *client.DatabricksClient) *AccountGroupsAPI

func (*AccountGroupsAPI) Create 

func (a *AccountGroupsAPI) Create(ctx context.Context, request Group) (*Group, error)

Create a new group.

Creates a group in the Databricks account with a unique name, using the supplied group details.

func (*AccountGroupsAPI) Delete 

func (a *AccountGroupsAPI) Delete(ctx context.Context, request DeleteAccountGroupRequest) error

Delete a group.

Deletes a group from the Databricks account.

func (*AccountGroupsAPI) DeleteById 

func (a *AccountGroupsAPI) DeleteById(ctx context.Context, id string) error

Delete a group.

Deletes a group from the Databricks account.

func (*AccountGroupsAPI) Get 

func (a *AccountGroupsAPI) Get(ctx context.Context, request GetAccountGroupRequest) (*Group, error)

Get group details.

Gets the information for a specific group in the Databricks account.

func (*AccountGroupsAPI) GetByDisplayName 

func (a *AccountGroupsAPI) GetByDisplayName(ctx context.Context, name string) (*Group, error)

GetByDisplayName calls AccountGroupsAPI.GroupDisplayNameToIdMap and returns a single Group.

Returns an error if there's more than one Group with the same .DisplayName.

Note: All Group instances are loaded into memory before returning matching by name.

This method is generated by Databricks SDK Code Generator.

func (*AccountGroupsAPI) GetById 

func (a *AccountGroupsAPI) GetById(ctx context.Context, id string) (*Group, error)

Get group details.

Gets the information for a specific group in the Databricks account.

func (*AccountGroupsAPI) GroupDisplayNameToIdMap 

func (a *AccountGroupsAPI) GroupDisplayNameToIdMap(ctx context.Context, request ListAccountGroupsRequest) (map[string]string, error)

GroupDisplayNameToIdMap calls AccountGroupsAPI.ListAll and creates a map of results with Group.DisplayName as key and Group.Id as value.

Returns an error if there's more than one Group with the same .DisplayName.

Note: All Group instances are loaded into memory before creating a map.

This method is generated by Databricks SDK Code Generator.

func (*AccountGroupsAPI) Impl 

func (a *AccountGroupsAPI) Impl() AccountGroupsService

Impl returns low-level AccountGroups API implementation

func (*AccountGroupsAPI) ListAll 

func (a *AccountGroupsAPI) ListAll(ctx context.Context, request ListAccountGroupsRequest) ([]Group, error)

List group details.

Gets all details of the groups associated with the Databricks account.

This method is generated by Databricks SDK Code Generator.

func (*AccountGroupsAPI) Patch 

func (a *AccountGroupsAPI) Patch(ctx context.Context, request PartialUpdate) error

Update group details.

Partially updates the details of a group.

func (*AccountGroupsAPI) Update 

func (a *AccountGroupsAPI) Update(ctx context.Context, request Group) error

Replace a group.

Updates the details of a group by replacing the entire group entity.

func (*AccountGroupsAPI) WithImpl 

func (a *AccountGroupsAPI) WithImpl(impl AccountGroupsService) *AccountGroupsAPI

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks.

type AccountGroupsService 

type AccountGroupsService interface {

	// Create a new group.
	//
	// Creates a group in the Databricks account with a unique name, using the
	// supplied group details.
	Create(ctx context.Context, request Group) (*Group, error)

	// Delete a group.
	//
	// Deletes a group from the Databricks account.
	Delete(ctx context.Context, request DeleteAccountGroupRequest) error

	// Get group details.
	//
	// Gets the information for a specific group in the Databricks account.
	Get(ctx context.Context, request GetAccountGroupRequest) (*Group, error)

	// List group details.
	//
	// Gets all details of the groups associated with the Databricks account.
	//
	// Use ListAll() to get all Group instances
	List(ctx context.Context, request ListAccountGroupsRequest) (*ListGroupsResponse, error)

	// Update group details.
	//
	// Partially updates the details of a group.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace a group.
	//
	// Updates the details of a group by replacing the entire group entity.
	Update(ctx context.Context, request Group) error
}

Groups simplify identity management, making it easier to assign access to Databricks account, data, and other securable objects.

It is best practice to assign access to workspaces and access-control policies in Unity Catalog to groups, instead of to users individually. All Databricks account identities can be assigned as members of groups, and members inherit permissions that are assigned to their group.

type AccountServicePrincipalsAPI 

type AccountServicePrincipalsAPI struct {
	// contains filtered or unexported fields
}

Identities for use with jobs, automated tools, and systems such as scripts, apps, and CI/CD platforms. Databricks recommends creating service principals to run production jobs or modify production data. If all processes that act on production data run with service principals, interactive users do not need any write, delete, or modify privileges in production. This eliminates the risk of a user overwriting production data by accident.

func NewAccountServicePrincipals 

func NewAccountServicePrincipals(client *client.DatabricksClient) *AccountServicePrincipalsAPI

func (*AccountServicePrincipalsAPI) Create 

func (a *AccountServicePrincipalsAPI) Create(ctx context.Context, request ServicePrincipal) (*ServicePrincipal, error)

Create a service principal.

Creates a new service principal in the Databricks account.

func (*AccountServicePrincipalsAPI) Delete 

func (a *AccountServicePrincipalsAPI) Delete(ctx context.Context, request DeleteAccountServicePrincipalRequest) error

Delete a service principal.

Delete a single service principal in the Databricks account.

func (*AccountServicePrincipalsAPI) DeleteById 

func (a *AccountServicePrincipalsAPI) DeleteById(ctx context.Context, id string) error

Delete a service principal.

Delete a single service principal in the Databricks account.

func (*AccountServicePrincipalsAPI) Get 

func (a *AccountServicePrincipalsAPI) Get(ctx context.Context, request GetAccountServicePrincipalRequest) (*ServicePrincipal, error)

Get service principal details.

Gets the details for a single service principal define in the Databricks account.

func (*AccountServicePrincipalsAPI) GetByDisplayName 

func (a *AccountServicePrincipalsAPI) GetByDisplayName(ctx context.Context, name string) (*ServicePrincipal, error)

GetByDisplayName calls AccountServicePrincipalsAPI.ServicePrincipalDisplayNameToIdMap and returns a single ServicePrincipal.

Returns an error if there's more than one ServicePrincipal with the same .DisplayName.

Note: All ServicePrincipal instances are loaded into memory before returning matching by name.

This method is generated by Databricks SDK Code Generator.

func (*AccountServicePrincipalsAPI) GetById 

func (a *AccountServicePrincipalsAPI) GetById(ctx context.Context, id string) (*ServicePrincipal, error)

Get service principal details.

Gets the details for a single service principal define in the Databricks account.

func (*AccountServicePrincipalsAPI) Impl 

func (a *AccountServicePrincipalsAPI) Impl() AccountServicePrincipalsService

Impl returns low-level AccountServicePrincipals API implementation

func (*AccountServicePrincipalsAPI) ListAll 

func (a *AccountServicePrincipalsAPI) ListAll(ctx context.Context, request ListAccountServicePrincipalsRequest) ([]ServicePrincipal, error)

List service principals.

Gets the set of service principals associated with a Databricks account.

This method is generated by Databricks SDK Code Generator.

func (*AccountServicePrincipalsAPI) Patch 

func (a *AccountServicePrincipalsAPI) Patch(ctx context.Context, request PartialUpdate) error

Update service principal details.

Partially updates the details of a single service principal in the Databricks account.

func (*AccountServicePrincipalsAPI) ServicePrincipalDisplayNameToIdMap 

func (a *AccountServicePrincipalsAPI) ServicePrincipalDisplayNameToIdMap(ctx context.Context, request ListAccountServicePrincipalsRequest) (map[string]string, error)

ServicePrincipalDisplayNameToIdMap calls AccountServicePrincipalsAPI.ListAll and creates a map of results with ServicePrincipal.DisplayName as key and ServicePrincipal.Id as value.

Returns an error if there's more than one ServicePrincipal with the same .DisplayName.

Note: All ServicePrincipal instances are loaded into memory before creating a map.

This method is generated by Databricks SDK Code Generator.

func (*AccountServicePrincipalsAPI) Update 

func (a *AccountServicePrincipalsAPI) Update(ctx context.Context, request ServicePrincipal) error

Replace service principal.

Updates the details of a single service principal.

This action replaces the existing service principal with the same name.

func (*AccountServicePrincipalsAPI) WithImpl 

func (a *AccountServicePrincipalsAPI) WithImpl(impl AccountServicePrincipalsService) *AccountServicePrincipalsAPI

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks.

type AccountServicePrincipalsService 

type AccountServicePrincipalsService interface {

	// Create a service principal.
	//
	// Creates a new service principal in the Databricks account.
	Create(ctx context.Context, request ServicePrincipal) (*ServicePrincipal, error)

	// Delete a service principal.
	//
	// Delete a single service principal in the Databricks account.
	Delete(ctx context.Context, request DeleteAccountServicePrincipalRequest) error

	// Get service principal details.
	//
	// Gets the details for a single service principal define in the Databricks
	// account.
	Get(ctx context.Context, request GetAccountServicePrincipalRequest) (*ServicePrincipal, error)

	// List service principals.
	//
	// Gets the set of service principals associated with a Databricks account.
	//
	// Use ListAll() to get all ServicePrincipal instances
	List(ctx context.Context, request ListAccountServicePrincipalsRequest) (*ListServicePrincipalResponse, error)

	// Update service principal details.
	//
	// Partially updates the details of a single service principal in the
	// Databricks account.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace service principal.
	//
	// Updates the details of a single service principal.
	//
	// This action replaces the existing service principal with the same name.
	Update(ctx context.Context, request ServicePrincipal) error
}

Identities for use with jobs, automated tools, and systems such as scripts, apps, and CI/CD platforms. Databricks recommends creating service principals to run production jobs or modify production data. If all processes that act on production data run with service principals, interactive users do not need any write, delete, or modify privileges in production. This eliminates the risk of a user overwriting production data by accident.

type AccountUsersAPI 

type AccountUsersAPI struct {
	// contains filtered or unexported fields
}

User identities recognized by Databricks and represented by email addresses.

Databricks recommends using SCIM provisioning to sync users and groups automatically from your identity provider to your Databricks account. SCIM streamlines onboarding a new employee or team by using your identity provider to create users and groups in Databricks account and give them the proper level of access. When a user leaves your organization or no longer needs access to Databricks account, admins can terminate the user in your identity provider and that user’s account will also be removed from Databricks account. This ensures a consistent offboarding process and prevents unauthorized users from accessing sensitive data.

func NewAccountUsers 

func NewAccountUsers(client *client.DatabricksClient) *AccountUsersAPI

func (*AccountUsersAPI) Create 

func (a *AccountUsersAPI) Create(ctx context.Context, request User) (*User, error)

Create a new user.

Creates a new user in the Databricks account. This new user will also be added to the Databricks account.

func (*AccountUsersAPI) Delete 

func (a *AccountUsersAPI) Delete(ctx context.Context, request DeleteAccountUserRequest) error

Delete a user.

Deletes a user. Deleting a user from a Databricks account also removes objects associated with the user.

func (*AccountUsersAPI) DeleteById 

func (a *AccountUsersAPI) DeleteById(ctx context.Context, id string) error

Delete a user.

Deletes a user. Deleting a user from a Databricks account also removes objects associated with the user.

func (*AccountUsersAPI) Get 

func (a *AccountUsersAPI) Get(ctx context.Context, request GetAccountUserRequest) (*User, error)

Get user details.

Gets information for a specific user in Databricks account.

func (*AccountUsersAPI) GetById 

func (a *AccountUsersAPI) GetById(ctx context.Context, id string) (*User, error)

Get user details.

Gets information for a specific user in Databricks account.

func (*AccountUsersAPI) GetByUserName 

func (a *AccountUsersAPI) GetByUserName(ctx context.Context, name string) (*User, error)

GetByUserName calls AccountUsersAPI.UserUserNameToIdMap and returns a single User.

Returns an error if there's more than one User with the same .UserName.

Note: All User instances are loaded into memory before returning matching by name.

This method is generated by Databricks SDK Code Generator.

func (*AccountUsersAPI) Impl 

func (a *AccountUsersAPI) Impl() AccountUsersService

Impl returns low-level AccountUsers API implementation

func (*AccountUsersAPI) ListAll 

func (a *AccountUsersAPI) ListAll(ctx context.Context, request ListAccountUsersRequest) ([]User, error)

List users.

Gets details for all the users associated with a Databricks account.

This method is generated by Databricks SDK Code Generator.

func (*AccountUsersAPI) Patch 

func (a *AccountUsersAPI) Patch(ctx context.Context, request PartialUpdate) error

Update user details.

Partially updates a user resource by applying the supplied operations on specific user attributes.

func (*AccountUsersAPI) Update 

func (a *AccountUsersAPI) Update(ctx context.Context, request User) error

Replace a user.

Replaces a user's information with the data supplied in request.

func (*AccountUsersAPI) UserUserNameToIdMap 

func (a *AccountUsersAPI) UserUserNameToIdMap(ctx context.Context, request ListAccountUsersRequest) (map[string]string, error)

UserUserNameToIdMap calls AccountUsersAPI.ListAll and creates a map of results with User.UserName as key and User.Id as value.

Returns an error if there's more than one User with the same .UserName.

Note: All User instances are loaded into memory before creating a map.

This method is generated by Databricks SDK Code Generator.

func (*AccountUsersAPI) WithImpl 

func (a *AccountUsersAPI) WithImpl(impl AccountUsersService) *AccountUsersAPI

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks.

type AccountUsersService 

type AccountUsersService interface {

	// Create a new user.
	//
	// Creates a new user in the Databricks account. This new user will also be
	// added to the Databricks account.
	Create(ctx context.Context, request User) (*User, error)

	// Delete a user.
	//
	// Deletes a user. Deleting a user from a Databricks account also removes
	// objects associated with the user.
	Delete(ctx context.Context, request DeleteAccountUserRequest) error

	// Get user details.
	//
	// Gets information for a specific user in Databricks account.
	Get(ctx context.Context, request GetAccountUserRequest) (*User, error)

	// List users.
	//
	// Gets details for all the users associated with a Databricks account.
	//
	// Use ListAll() to get all User instances
	List(ctx context.Context, request ListAccountUsersRequest) (*ListUsersResponse, error)

	// Update user details.
	//
	// Partially updates a user resource by applying the supplied operations on
	// specific user attributes.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace a user.
	//
	// Replaces a user's information with the data supplied in request.
	Update(ctx context.Context, request User) error
}

User identities recognized by Databricks and represented by email addresses.

Databricks recommends using SCIM provisioning to sync users and groups automatically from your identity provider to your Databricks account. SCIM streamlines onboarding a new employee or team by using your identity provider to create users and groups in Databricks account and give them the proper level of access. When a user leaves your organization or no longer needs access to Databricks account, admins can terminate the user in your identity provider and that user’s account will also be removed from Databricks account. This ensures a consistent offboarding process and prevents unauthorized users from accessing sensitive data.

type ComplexValue 

type ComplexValue struct {
	Display string `json:"display,omitempty"`

	Primary bool `json:"primary,omitempty"`

	Ref string `json:"$ref,omitempty"`

	Type string `json:"type,omitempty"`

	Value string `json:"value,omitempty"`
}

type CurrentUserAPI 

type CurrentUserAPI struct {
	// contains filtered or unexported fields
}

This API allows retrieving information about currently authenticated user or service principal.

func NewCurrentUser 

func NewCurrentUser(client *client.DatabricksClient) *CurrentUserAPI

func (*CurrentUserAPI) Impl 

func (a *CurrentUserAPI) Impl() CurrentUserService

Impl returns low-level CurrentUser API implementation

func (*CurrentUserAPI) Me 

func (a *CurrentUserAPI) Me(ctx context.Context) (*User, error)

Get current user info.

Get details about the current method caller's identity.

Example (CurrentUser) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

me, err := w.CurrentUser.Me(ctx)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", me)

Output:
Example (Tokens) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

me2, err := w.CurrentUser.Me(ctx)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", me2)

Output:

func (*CurrentUserAPI) WithImpl 

func (a *CurrentUserAPI) WithImpl(impl CurrentUserService) *CurrentUserAPI

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks.

type CurrentUserService 

type CurrentUserService interface {

	// Get current user info.
	//
	// Get details about the current method caller's identity.
	Me(ctx context.Context) (*User, error)
}

This API allows retrieving information about currently authenticated user or service principal.

type DeleteAccountGroupRequest 

type DeleteAccountGroupRequest struct {
	// Unique ID for a group in the Databricks account.
	Id string `json:"-" url:"-"`
}

Delete a group

type DeleteAccountServicePrincipalRequest 

type DeleteAccountServicePrincipalRequest struct {
	// Unique ID for a service principal in the Databricks account.
	Id string `json:"-" url:"-"`
}

Delete a service principal

type DeleteAccountUserRequest 

type DeleteAccountUserRequest struct {
	// Unique ID for a user in the Databricks account.
	Id string `json:"-" url:"-"`
}

Delete a user

type DeleteGroupRequest 

type DeleteGroupRequest struct {
	// Unique ID for a group in the Databricks workspace.
	Id string `json:"-" url:"-"`
}

Delete a group

type DeleteServicePrincipalRequest 

type DeleteServicePrincipalRequest struct {
	// Unique ID for a service principal in the Databricks workspace.
	Id string `json:"-" url:"-"`
}

Delete a service principal

type DeleteUserRequest 

type DeleteUserRequest struct {
	// Unique ID for a user in the Databricks workspace.
	Id string `json:"-" url:"-"`
}

Delete a user

type DeleteWorkspaceAssignmentRequest 

type DeleteWorkspaceAssignmentRequest struct {
	// The ID of the user, service principal, or group.
	PrincipalId int64 `json:"-" url:"-"`
	// The workspace ID.
	WorkspaceId int64 `json:"-" url:"-"`
}

Delete permissions assignment

type GetAccountGroupRequest 

type GetAccountGroupRequest struct {
	// Unique ID for a group in the Databricks account.
	Id string `json:"-" url:"-"`
}

Get group details

type GetAccountServicePrincipalRequest 

type GetAccountServicePrincipalRequest struct {
	// Unique ID for a service principal in the Databricks account.
	Id string `json:"-" url:"-"`
}

Get service principal details

type GetAccountUserRequest 

type GetAccountUserRequest struct {
	// Unique ID for a user in the Databricks account.
	Id string `json:"-" url:"-"`
}

Get user details

type GetAssignableRolesForResourceRequest added in v0.10.0 

type GetAssignableRolesForResourceRequest struct {
	// The resource name for which assignable roles will be listed.
	Resource string `json:"-" url:"resource"`
}

Get assignable roles for a resource

type GetAssignableRolesForResourceResponse added in v0.10.0 

type GetAssignableRolesForResourceResponse struct {
	Roles []string `json:"roles,omitempty"`
}

type GetGroupRequest 

type GetGroupRequest struct {
	// Unique ID for a group in the Databricks workspace.
	Id string `json:"-" url:"-"`
}

Get group details

type GetPermissionLevelsRequest 

type GetPermissionLevelsRequest struct {
	// <needs content>
	RequestObjectId string `json:"-" url:"-"`
	// <needs content>
	RequestObjectType string `json:"-" url:"-"`
}

Get permission levels

type GetPermissionLevelsResponse 

type GetPermissionLevelsResponse struct {
	// Specific permission levels
	PermissionLevels []PermissionsDescription `json:"permission_levels,omitempty"`
}

type GetPermissionRequest 

type GetPermissionRequest struct {
	RequestObjectId string `json:"-" url:"-"`
	// <needs content>
	RequestObjectType string `json:"-" url:"-"`
}

Get object permissions

type GetRuleSetRequest added in v0.10.0 

type GetRuleSetRequest struct {
	// Etag used for versioning. The response is at least as fresh as the eTag
	// provided. Etag is used for optimistic concurrency control as a way to
	// help prevent simultaneous updates of a rule set from overwriting each
	// other. It is strongly suggested that systems make use of the etag in the
	// read -> modify -> write pattern to perform rule set updates in order to
	// avoid race conditions that is get an etag from a GET rule set request,
	// and pass it with the PUT update request to identify the rule set version
	// you are updating.
	Etag string `json:"-" url:"etag"`
	// The ruleset name associated with the request.
	Name string `json:"-" url:"name"`
}

Get a rule set

type GetServicePrincipalRequest 

type GetServicePrincipalRequest struct {
	// Unique ID for a service principal in the Databricks workspace.
	Id string `json:"-" url:"-"`
}

Get service principal details

type GetUserRequest 

type GetUserRequest struct {
	// Unique ID for a user in the Databricks workspace.
	Id string `json:"-" url:"-"`
}

Get user details

type GetWorkspaceAssignmentRequest 

type GetWorkspaceAssignmentRequest struct {
	// The workspace ID.
	WorkspaceId int64 `json:"-" url:"-"`
}

List workspace permissions

type GrantRule added in v0.10.0 

type GrantRule struct {
	// Principals this grant rule applies to.
	Principals []string `json:"principals,omitempty"`
	// Role that is assigned to the list of principals.
	Role string `json:"role"`
}

type Group 

type Group struct {
	// String that represents a human-readable group name
	DisplayName string `json:"displayName,omitempty"`

	Entitlements []ComplexValue `json:"entitlements,omitempty"`

	ExternalId string `json:"externalId,omitempty"`

	Groups []ComplexValue `json:"groups,omitempty"`
	// Databricks group ID
	Id string `json:"id,omitempty" url:"-"`

	Members []ComplexValue `json:"members,omitempty"`

	Roles []ComplexValue `json:"roles,omitempty"`
}

type GroupsAPI 

type GroupsAPI struct {
	// contains filtered or unexported fields
}

Groups simplify identity management, making it easier to assign access to Databricks workspace, data, and other securable objects.

It is best practice to assign access to workspaces and access-control policies in Unity Catalog to groups, instead of to users individually. All Databricks workspace identities can be assigned as members of groups, and members inherit permissions that are assigned to their group.

func NewGroups 

func NewGroups(client *client.DatabricksClient) *GroupsAPI

func (*GroupsAPI) Create 

func (a *GroupsAPI) Create(ctx context.Context, request Group) (*Group, error)

Create a new group.

Creates a group in the Databricks workspace with a unique name, using the supplied group details.

Example (GenericPermissions) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

// cleanup

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:
Example (Groups) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

// cleanup

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:
Example (Secrets) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

// cleanup

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:

func (*GroupsAPI) Delete 

func (a *GroupsAPI) Delete(ctx context.Context, request DeleteGroupRequest) error

Delete a group.

Deletes a group from the Databricks workspace.

Example (GenericPermissions) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:
Example (Groups) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

// cleanup

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:
Example (Secrets) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:

func (*GroupsAPI) DeleteById 

func (a *GroupsAPI) DeleteById(ctx context.Context, id string) error

Delete a group.

Deletes a group from the Databricks workspace.

func (*GroupsAPI) Get 

func (a *GroupsAPI) Get(ctx context.Context, request GetGroupRequest) (*Group, error)

Get group details.

Gets the information for a specific group in the Databricks workspace.

Example (Groups) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

fetch, err := w.Groups.GetById(ctx, group.Id)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", fetch)

// cleanup

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:

func (*GroupsAPI) GetByDisplayName 

func (a *GroupsAPI) GetByDisplayName(ctx context.Context, name string) (*Group, error)

GetByDisplayName calls GroupsAPI.GroupDisplayNameToIdMap and returns a single Group.

Returns an error if there's more than one Group with the same .DisplayName.

Note: All Group instances are loaded into memory before returning matching by name.

This method is generated by Databricks SDK Code Generator.

func (*GroupsAPI) GetById 

func (a *GroupsAPI) GetById(ctx context.Context, id string) (*Group, error)

Get group details.

Gets the information for a specific group in the Databricks workspace.

func (*GroupsAPI) GroupDisplayNameToIdMap 

func (a *GroupsAPI) GroupDisplayNameToIdMap(ctx context.Context, request ListGroupsRequest) (map[string]string, error)

GroupDisplayNameToIdMap calls GroupsAPI.ListAll and creates a map of results with Group.DisplayName as key and Group.Id as value.

Returns an error if there's more than one Group with the same .DisplayName.

Note: All Group instances are loaded into memory before creating a map.

This method is generated by Databricks SDK Code Generator.

func (*GroupsAPI) Impl 

func (a *GroupsAPI) Impl() GroupsService

Impl returns low-level Groups API implementation

func (*GroupsAPI) ListAll 

func (a *GroupsAPI) ListAll(ctx context.Context, request ListGroupsRequest) ([]Group, error)

List group details.

Gets all details of the groups associated with the Databricks workspace.

This method is generated by Databricks SDK Code Generator.

func (*GroupsAPI) Patch 

func (a *GroupsAPI) Patch(ctx context.Context, request PartialUpdate) error

Update group details.

Partially updates the details of a group.

func (*GroupsAPI) Update 

func (a *GroupsAPI) Update(ctx context.Context, request Group) error

Replace a group.

Updates the details of a group by replacing the entire group entity.

func (*GroupsAPI) WithImpl 

func (a *GroupsAPI) WithImpl(impl GroupsService) *GroupsAPI

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks.

type GroupsService 

type GroupsService interface {

	// Create a new group.
	//
	// Creates a group in the Databricks workspace with a unique name, using the
	// supplied group details.
	Create(ctx context.Context, request Group) (*Group, error)

	// Delete a group.
	//
	// Deletes a group from the Databricks workspace.
	Delete(ctx context.Context, request DeleteGroupRequest) error

	// Get group details.
	//
	// Gets the information for a specific group in the Databricks workspace.
	Get(ctx context.Context, request GetGroupRequest) (*Group, error)

	// List group details.
	//
	// Gets all details of the groups associated with the Databricks workspace.
	//
	// Use ListAll() to get all Group instances
	List(ctx context.Context, request ListGroupsRequest) (*ListGroupsResponse, error)

	// Update group details.
	//
	// Partially updates the details of a group.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace a group.
	//
	// Updates the details of a group by replacing the entire group entity.
	Update(ctx context.Context, request Group) error
}

Groups simplify identity management, making it easier to assign access to Databricks workspace, data, and other securable objects.

It is best practice to assign access to workspaces and access-control policies in Unity Catalog to groups, instead of to users individually. All Databricks workspace identities can be assigned as members of groups, and members inherit permissions that are assigned to their group.

type ListAccountGroupsRequest 

type ListAccountGroupsRequest struct {
	// Comma-separated list of attributes to return in response.
	Attributes string `json:"-" url:"attributes,omitempty"`
	// Desired number of results per page. Default is 10000.
	Count int `json:"-" url:"count,omitempty"`
	// Comma-separated list of attributes to exclude in response.
	ExcludedAttributes string `json:"-" url:"excludedAttributes,omitempty"`
	// Query by which the results have to be filtered. Supported operators are
	// equals(`eq`), contains(`co`), starts with(`sw`) and not equals(`ne`).
	// Additionally, simple expressions can be formed using logical operators -
	// `and` and `or`. The [SCIM RFC] has more details but we currently only
	// support simple expressions.
	//
	// [SCIM RFC]: https://tools.ietf.org/html/rfc7644#section-3.4.2.2
	Filter string `json:"-" url:"filter,omitempty"`
	// Attribute to sort the results.
	SortBy string `json:"-" url:"sortBy,omitempty"`
	// The order to sort the results.
	SortOrder ListSortOrder `json:"-" url:"sortOrder,omitempty"`
	// Specifies the index of the first result. First item is number 1.
	StartIndex int `json:"-" url:"startIndex,omitempty"`
}

List group details

type ListAccountServicePrincipalsRequest 

type ListAccountServicePrincipalsRequest struct {
	// Comma-separated list of attributes to return in response.
	Attributes string `json:"-" url:"attributes,omitempty"`
	// Desired number of results per page. Default is 10000.
	Count int `json:"-" url:"count,omitempty"`
	// Comma-separated list of attributes to exclude in response.
	ExcludedAttributes string `json:"-" url:"excludedAttributes,omitempty"`
	// Query by which the results have to be filtered. Supported operators are
	// equals(`eq`), contains(`co`), starts with(`sw`) and not equals(`ne`).
	// Additionally, simple expressions can be formed using logical operators -
	// `and` and `or`. The [SCIM RFC] has more details but we currently only
	// support simple expressions.
	//
	// [SCIM RFC]: https://tools.ietf.org/html/rfc7644#section-3.4.2.2
	Filter string `json:"-" url:"filter,omitempty"`
	// Attribute to sort the results.
	SortBy string `json:"-" url:"sortBy,omitempty"`
	// The order to sort the results.
	SortOrder ListSortOrder `json:"-" url:"sortOrder,omitempty"`
	// Specifies the index of the first result. First item is number 1.
	StartIndex int `json:"-" url:"startIndex,omitempty"`
}

List service principals

type ListAccountUsersRequest 

type ListAccountUsersRequest struct {
	// Comma-separated list of attributes to return in response.
	Attributes string `json:"-" url:"attributes,omitempty"`
	// Desired number of results per page. Default is 10000.
	Count int `json:"-" url:"count,omitempty"`
	// Comma-separated list of attributes to exclude in response.
	ExcludedAttributes string `json:"-" url:"excludedAttributes,omitempty"`
	// Query by which the results have to be filtered. Supported operators are
	// equals(`eq`), contains(`co`), starts with(`sw`) and not equals(`ne`).
	// Additionally, simple expressions can be formed using logical operators -
	// `and` and `or`. The [SCIM RFC] has more details but we currently only
	// support simple expressions.
	//
	// [SCIM RFC]: https://tools.ietf.org/html/rfc7644#section-3.4.2.2
	Filter string `json:"-" url:"filter,omitempty"`
	// Attribute to sort the results. Multi-part paths are supported. For
	// example, `userName`, `name.givenName`, and `emails`.
	SortBy string `json:"-" url:"sortBy,omitempty"`
	// The order to sort the results.
	SortOrder ListSortOrder `json:"-" url:"sortOrder,omitempty"`
	// Specifies the index of the first result. First item is number 1.
	StartIndex int `json:"-" url:"startIndex,omitempty"`
}

List users

type ListGroupsRequest 

type ListGroupsRequest struct {
	// Comma-separated list of attributes to return in response.
	Attributes string `json:"-" url:"attributes,omitempty"`
	// Desired number of results per page.
	Count int `json:"-" url:"count,omitempty"`
	// Comma-separated list of attributes to exclude in response.
	ExcludedAttributes string `json:"-" url:"excludedAttributes,omitempty"`
	// Query by which the results have to be filtered. Supported operators are
	// equals(`eq`), contains(`co`), starts with(`sw`) and not equals(`ne`).
	// Additionally, simple expressions can be formed using logical operators -
	// `and` and `or`. The [SCIM RFC] has more details but we currently only
	// support simple expressions.
	//
	// [SCIM RFC]: https://tools.ietf.org/html/rfc7644#section-3.4.2.2
	Filter string `json:"-" url:"filter,omitempty"`
	// Attribute to sort the results.
	SortBy string `json:"-" url:"sortBy,omitempty"`
	// The order to sort the results.
	SortOrder ListSortOrder `json:"-" url:"sortOrder,omitempty"`
	// Specifies the index of the first result. First item is number 1.
	StartIndex int `json:"-" url:"startIndex,omitempty"`
}

List group details

type ListGroupsResponse 

type ListGroupsResponse struct {
	// Total results returned in the response.
	ItemsPerPage int64 `json:"itemsPerPage,omitempty"`
	// User objects returned in the response.
	Resources []Group `json:"Resources,omitempty"`
	// Starting index of all the results that matched the request filters. First
	// item is number 1.
	StartIndex int64 `json:"startIndex,omitempty"`
	// Total results that match the request filters.
	TotalResults int64 `json:"totalResults,omitempty"`
}

type ListServicePrincipalResponse 

type ListServicePrincipalResponse struct {
	// Total results returned in the response.
	ItemsPerPage int64 `json:"itemsPerPage,omitempty"`
	// User objects returned in the response.
	Resources []ServicePrincipal `json:"Resources,omitempty"`
	// Starting index of all the results that matched the request filters. First
	// item is number 1.
	StartIndex int64 `json:"startIndex,omitempty"`
	// Total results that match the request filters.
	TotalResults int64 `json:"totalResults,omitempty"`
}

type ListServicePrincipalsRequest 

type ListServicePrincipalsRequest struct {
	// Comma-separated list of attributes to return in response.
	Attributes string `json:"-" url:"attributes,omitempty"`
	// Desired number of results per page.
	Count int `json:"-" url:"count,omitempty"`
	// Comma-separated list of attributes to exclude in response.
	ExcludedAttributes string `json:"-" url:"excludedAttributes,omitempty"`
	// Query by which the results have to be filtered. Supported operators are
	// equals(`eq`), contains(`co`), starts with(`sw`) and not equals(`ne`).
	// Additionally, simple expressions can be formed using logical operators -
	// `and` and `or`. The [SCIM RFC] has more details but we currently only
	// support simple expressions.
	//
	// [SCIM RFC]: https://tools.ietf.org/html/rfc7644#section-3.4.2.2
	Filter string `json:"-" url:"filter,omitempty"`
	// Attribute to sort the results.
	SortBy string `json:"-" url:"sortBy,omitempty"`
	// The order to sort the results.
	SortOrder ListSortOrder `json:"-" url:"sortOrder,omitempty"`
	// Specifies the index of the first result. First item is number 1.
	StartIndex int `json:"-" url:"startIndex,omitempty"`
}

List service principals

type ListSortOrder 

type ListSortOrder string
const ListSortOrderAscending ListSortOrder = `ascending`
const ListSortOrderDescending ListSortOrder = `descending`

func (*ListSortOrder) Set 

func (f *ListSortOrder) Set(v string) error

Set raw string value and validate it against allowed values

func (*ListSortOrder) String 

func (f *ListSortOrder) String() string

String representation for fmt.Print

func (*ListSortOrder) Type 

func (f *ListSortOrder) Type() string

Type always returns ListSortOrder to satisfy [pflag.Value] interface

type ListUsersRequest 

type ListUsersRequest struct {
	// Comma-separated list of attributes to return in response.
	Attributes string `json:"-" url:"attributes,omitempty"`
	// Desired number of results per page.
	Count int `json:"-" url:"count,omitempty"`
	// Comma-separated list of attributes to exclude in response.
	ExcludedAttributes string `json:"-" url:"excludedAttributes,omitempty"`
	// Query by which the results have to be filtered. Supported operators are
	// equals(`eq`), contains(`co`), starts with(`sw`) and not equals(`ne`).
	// Additionally, simple expressions can be formed using logical operators -
	// `and` and `or`. The [SCIM RFC] has more details but we currently only
	// support simple expressions.
	//
	// [SCIM RFC]: https://tools.ietf.org/html/rfc7644#section-3.4.2.2
	Filter string `json:"-" url:"filter,omitempty"`
	// Attribute to sort the results. Multi-part paths are supported. For
	// example, `userName`, `name.givenName`, and `emails`.
	SortBy string `json:"-" url:"sortBy,omitempty"`
	// The order to sort the results.
	SortOrder ListSortOrder `json:"-" url:"sortOrder,omitempty"`
	// Specifies the index of the first result. First item is number 1.
	StartIndex int `json:"-" url:"startIndex,omitempty"`
}

List users

type ListUsersResponse 

type ListUsersResponse struct {
	// Total results returned in the response.
	ItemsPerPage int64 `json:"itemsPerPage,omitempty"`
	// User objects returned in the response.
	Resources []User `json:"Resources,omitempty"`
	// Starting index of all the results that matched the request filters. First
	// item is number 1.
	StartIndex int64 `json:"startIndex,omitempty"`
	// Total results that match the request filters.
	TotalResults int64 `json:"totalResults,omitempty"`
}

type ListWorkspaceAssignmentRequest 

type ListWorkspaceAssignmentRequest struct {
	// The workspace ID for the account.
	WorkspaceId int64 `json:"-" url:"-"`
}

Get permission assignments

type Name 

type Name struct {
	// Family name of the Databricks user.
	FamilyName string `json:"familyName,omitempty"`
	// Given name of the Databricks user.
	GivenName string `json:"givenName,omitempty"`
}

type ObjectPermissions 

type ObjectPermissions struct {
	AccessControlList []AccessControlResponse `json:"access_control_list,omitempty"`

	ObjectId string `json:"object_id,omitempty"`

	ObjectType string `json:"object_type,omitempty"`
}

type PartialUpdate 

type PartialUpdate struct {
	// Unique ID for a user in the Databricks workspace.
	Id string `json:"-" url:"-"`

	Operations []Patch `json:"operations,omitempty"`
}

type Patch 

type Patch struct {
	// Type of patch operation.
	Op PatchOp `json:"op,omitempty"`
	// Selection of patch operation
	Path string `json:"path,omitempty"`
	// Value to modify
	Value string `json:"value,omitempty"`
}

type PatchOp 

type PatchOp string

Type of patch operation. 

const PatchOpAdd PatchOp = `add`
const PatchOpRemove PatchOp = `remove`
const PatchOpReplace PatchOp = `replace`

func (*PatchOp) Set 

func (f *PatchOp) Set(v string) error

Set raw string value and validate it against allowed values

func (*PatchOp) String 

func (f *PatchOp) String() string

String representation for fmt.Print

func (*PatchOp) Type 

func (f *PatchOp) Type() string

Type always returns PatchOp to satisfy [pflag.Value] interface

type Permission 

type Permission struct {
	Inherited bool `json:"inherited,omitempty"`

	InheritedFromObject []string `json:"inherited_from_object,omitempty"`
	// Permission level
	PermissionLevel PermissionLevel `json:"permission_level,omitempty"`
}

type PermissionAssignment 

type PermissionAssignment struct {
	// Error response associated with a workspace permission assignment, if any.
	Error string `json:"error,omitempty"`
	// The permissions level of the principal.
	Permissions []WorkspacePermission `json:"permissions,omitempty"`
	// Information about the principal assigned to the workspace.
	Principal *PrincipalOutput `json:"principal,omitempty"`
}

type PermissionAssignments 

type PermissionAssignments struct {
	// Array of permissions assignments defined for a workspace.
	PermissionAssignments []PermissionAssignment `json:"permission_assignments,omitempty"`
}

type PermissionLevel 

type PermissionLevel string

Permission level 

const PermissionLevelCanAttachTo PermissionLevel = `CAN_ATTACH_TO`
const PermissionLevelCanBind PermissionLevel = `CAN_BIND`
const PermissionLevelCanEdit PermissionLevel = `CAN_EDIT`
const PermissionLevelCanEditMetadata PermissionLevel = `CAN_EDIT_METADATA`
const PermissionLevelCanManage PermissionLevel = `CAN_MANAGE`
const PermissionLevelCanManageProductionVersions PermissionLevel = `CAN_MANAGE_PRODUCTION_VERSIONS`
const PermissionLevelCanManageRun PermissionLevel = `CAN_MANAGE_RUN`
const PermissionLevelCanManageStagingVersions PermissionLevel = `CAN_MANAGE_STAGING_VERSIONS`
const PermissionLevelCanRead PermissionLevel = `CAN_READ`
const PermissionLevelCanRestart PermissionLevel = `CAN_RESTART`
const PermissionLevelCanRun PermissionLevel = `CAN_RUN`
const PermissionLevelCanUse PermissionLevel = `CAN_USE`
const PermissionLevelCanView PermissionLevel = `CAN_VIEW`
const PermissionLevelCanViewMetadata PermissionLevel = `CAN_VIEW_METADATA`
const PermissionLevelIsOwner PermissionLevel = `IS_OWNER`

func (*PermissionLevel) Set 

func (f *PermissionLevel) Set(v string) error

Set raw string value and validate it against allowed values

func (*PermissionLevel) String 

func (f *PermissionLevel) String() string

String representation for fmt.Print

func (*PermissionLevel) Type 

func (f *PermissionLevel) Type() string

Type always returns PermissionLevel to satisfy [pflag.Value] interface

type PermissionOutput 

type PermissionOutput struct {
	// The results of a permissions query.
	Description string `json:"description,omitempty"`

	PermissionLevel WorkspacePermission `json:"permission_level,omitempty"`
}

type PermissionsAPI 

type PermissionsAPI struct {
	// contains filtered or unexported fields
}

Permissions API are used to create read, write, edit, update and manage access for various users on different objects and endpoints.

func NewPermissions 

func NewPermissions(client *client.DatabricksClient) *PermissionsAPI

func (*PermissionsAPI) Get 

func (a *PermissionsAPI) Get(ctx context.Context, request GetPermissionRequest) (*ObjectPermissions, error)

Get object permissions.

Gets the permission of an object. Objects can inherit permissions from their parent objects or root objects.

Example (GenericPermissions) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

notebookPath := func() string {
	me, err := w.CurrentUser.Me(ctx)
	if err != nil {
		panic(err)
	}
	return filepath.Join("/Users", me.UserName, fmt.Sprintf("sdk-%x", time.Now().UnixNano()))
}()

obj, err := w.Workspace.GetStatusByPath(ctx, notebookPath)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", obj)

_, err = w.Permissions.Get(ctx, iam.GetPermissionRequest{
	RequestObjectType: "notebooks",
	RequestObjectId:   fmt.Sprintf("%d", obj.ObjectId),
})
if err != nil {
	panic(err)
}

Output:

func (*PermissionsAPI) GetByRequestObjectTypeAndRequestObjectId 

func (a *PermissionsAPI) GetByRequestObjectTypeAndRequestObjectId(ctx context.Context, requestObjectType string, requestObjectId string) (*ObjectPermissions, error)

Get object permissions.

Gets the permission of an object. Objects can inherit permissions from their parent objects or root objects.

func (*PermissionsAPI) GetPermissionLevels 

func (a *PermissionsAPI) GetPermissionLevels(ctx context.Context, request GetPermissionLevelsRequest) (*GetPermissionLevelsResponse, error)

Get permission levels.

Gets the permission levels that a user can have on an object.

Example (GenericPermissions) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

notebookPath := func() string {
	me, err := w.CurrentUser.Me(ctx)
	if err != nil {
		panic(err)
	}
	return filepath.Join("/Users", me.UserName, fmt.Sprintf("sdk-%x", time.Now().UnixNano()))
}()

obj, err := w.Workspace.GetStatusByPath(ctx, notebookPath)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", obj)

levels, err := w.Permissions.GetPermissionLevels(ctx, iam.GetPermissionLevelsRequest{
	RequestObjectType: "notebooks",
	RequestObjectId:   fmt.Sprintf("%d", obj.ObjectId),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", levels)

Output:

func (*PermissionsAPI) GetPermissionLevelsByRequestObjectTypeAndRequestObjectId 

func (a *PermissionsAPI) GetPermissionLevelsByRequestObjectTypeAndRequestObjectId(ctx context.Context, requestObjectType string, requestObjectId string) (*GetPermissionLevelsResponse, error)

Get permission levels.

Gets the permission levels that a user can have on an object.

func (*PermissionsAPI) Impl 

func (a *PermissionsAPI) Impl() PermissionsService

Impl returns low-level Permissions API implementation

func (*PermissionsAPI) Set 

func (a *PermissionsAPI) Set(ctx context.Context, request PermissionsRequest) error

Set permissions.

Sets permissions on object. Objects can inherit permissions from their parent objects and root objects.

Example (GenericPermissions) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

notebookPath := func() string {
	me, err := w.CurrentUser.Me(ctx)
	if err != nil {
		panic(err)
	}
	return filepath.Join("/Users", me.UserName, fmt.Sprintf("sdk-%x", time.Now().UnixNano()))
}()

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

obj, err := w.Workspace.GetStatusByPath(ctx, notebookPath)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", obj)

err = w.Permissions.Set(ctx, iam.PermissionsRequest{
	RequestObjectType: "notebooks",
	RequestObjectId:   fmt.Sprintf("%d", obj.ObjectId),
	AccessControlList: []iam.AccessControlRequest{iam.AccessControlRequest{
		GroupName:       group.DisplayName,
		PermissionLevel: iam.PermissionLevelCanRun,
	}},
})
if err != nil {
	panic(err)
}

// cleanup

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:

func (*PermissionsAPI) Update 

func (a *PermissionsAPI) Update(ctx context.Context, request PermissionsRequest) error

Update permission.

Updates the permissions on an object.

func (*PermissionsAPI) WithImpl 

func (a *PermissionsAPI) WithImpl(impl PermissionsService) *PermissionsAPI

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks.

type PermissionsDescription 

type PermissionsDescription struct {
	Description string `json:"description,omitempty"`
	// Permission level
	PermissionLevel PermissionLevel `json:"permission_level,omitempty"`
}

type PermissionsRequest 

type PermissionsRequest struct {
	AccessControlList []AccessControlRequest `json:"access_control_list,omitempty"`

	RequestObjectId string `json:"-" url:"-"`
	// <needs content>
	RequestObjectType string `json:"-" url:"-"`
}

type PermissionsService 

type PermissionsService interface {

	// Get object permissions.
	//
	// Gets the permission of an object. Objects can inherit permissions from
	// their parent objects or root objects.
	Get(ctx context.Context, request GetPermissionRequest) (*ObjectPermissions, error)

	// Get permission levels.
	//
	// Gets the permission levels that a user can have on an object.
	GetPermissionLevels(ctx context.Context, request GetPermissionLevelsRequest) (*GetPermissionLevelsResponse, error)

	// Set permissions.
	//
	// Sets permissions on object. Objects can inherit permissions from their
	// parent objects and root objects.
	Set(ctx context.Context, request PermissionsRequest) error

	// Update permission.
	//
	// Updates the permissions on an object.
	Update(ctx context.Context, request PermissionsRequest) error
}

Permissions API are used to create read, write, edit, update and manage access for various users on different objects and endpoints.

type PrincipalOutput 

type PrincipalOutput struct {
	// The display name of the principal.
	DisplayName string `json:"display_name,omitempty"`
	// The group name of the groupl. Present only if the principal is a group.
	GroupName string `json:"group_name,omitempty"`
	// The unique, opaque id of the principal.
	PrincipalId int64 `json:"principal_id,omitempty"`
	// The name of the service principal. Present only if the principal is a
	// service principal.
	ServicePrincipalName string `json:"service_principal_name,omitempty"`
	// The username of the user. Present only if the principal is a user.
	UserName string `json:"user_name,omitempty"`
}

type RuleSetResponse added in v0.10.0 

type RuleSetResponse struct {
	// Identifies the version of the rule set returned.
	Etag string `json:"etag,omitempty"`

	GrantRules []GrantRule `json:"grant_rules,omitempty"`
	// Name of the rule set.
	Name string `json:"name,omitempty"`
}

type RuleSetUpdateRequest added in v0.10.0 

type RuleSetUpdateRequest struct {
	// The expected etag of the rule set to update. The update will fail if the
	// value does not match the value that is stored in account access control
	// service.
	Etag string `json:"etag"`

	GrantRules []GrantRule `json:"grant_rules,omitempty"`
	// Name of the rule set.
	Name string `json:"name"`
}

type ServicePrincipal 

type ServicePrincipal struct {
	// If this user is active
	Active bool `json:"active,omitempty"`
	// UUID relating to the service principal
	ApplicationId string `json:"applicationId,omitempty"`
	// String that represents a concatenation of given and family names.
	DisplayName string `json:"displayName,omitempty"`

	Entitlements []ComplexValue `json:"entitlements,omitempty"`

	ExternalId string `json:"externalId,omitempty"`

	Groups []ComplexValue `json:"groups,omitempty"`
	// Databricks service principal ID.
	Id string `json:"id,omitempty" url:"-"`

	Roles []ComplexValue `json:"roles,omitempty"`
}

type ServicePrincipalsAPI 

type ServicePrincipalsAPI struct {
	// contains filtered or unexported fields
}

Identities for use with jobs, automated tools, and systems such as scripts, apps, and CI/CD platforms. Databricks recommends creating service principals to run production jobs or modify production data. If all processes that act on production data run with service principals, interactive users do not need any write, delete, or modify privileges in production. This eliminates the risk of a user overwriting production data by accident.

func NewServicePrincipals 

func NewServicePrincipals(client *client.DatabricksClient) *ServicePrincipalsAPI

func (*ServicePrincipalsAPI) Create 

func (a *ServicePrincipalsAPI) Create(ctx context.Context, request ServicePrincipal) (*ServicePrincipal, error)

Create a service principal.

Creates a new service principal in the Databricks workspace.

Example (CreateOboTokenOnAws) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

groups, err := w.Groups.GroupDisplayNameToIdMap(ctx, iam.ListGroupsRequest{})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", groups)

spn, err := w.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	Groups: []iam.ComplexValue{iam.ComplexValue{
		Value: groups["admins"],
	}},
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", spn)

// cleanup

err = w.ServicePrincipals.DeleteById(ctx, spn.Id)
if err != nil {
	panic(err)
}

Output:
Example (ServicePrincipalsOnAws) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

created, err := w.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", created)

// cleanup

err = w.ServicePrincipals.DeleteById(ctx, created.Id)
if err != nil {
	panic(err)
}

Output:
Example (WorkspaceAssignmentOnAws) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

spn, err := a.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", spn)

Output:

func (*ServicePrincipalsAPI) Delete 

func (a *ServicePrincipalsAPI) Delete(ctx context.Context, request DeleteServicePrincipalRequest) error

Delete a service principal.

Delete a single service principal in the Databricks workspace.

func (*ServicePrincipalsAPI) DeleteById 

func (a *ServicePrincipalsAPI) DeleteById(ctx context.Context, id string) error

Delete a service principal.

Delete a single service principal in the Databricks workspace.

func (*ServicePrincipalsAPI) Get 

func (a *ServicePrincipalsAPI) Get(ctx context.Context, request GetServicePrincipalRequest) (*ServicePrincipal, error)

Get service principal details.

Gets the details for a single service principal define in the Databricks workspace.

Example (ServicePrincipalsOnAws) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

created, err := w.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", created)

byId, err := w.ServicePrincipals.GetById(ctx, created.Id)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", byId)

// cleanup

err = w.ServicePrincipals.DeleteById(ctx, created.Id)
if err != nil {
	panic(err)
}

Output:

func (*ServicePrincipalsAPI) GetByDisplayName 

func (a *ServicePrincipalsAPI) GetByDisplayName(ctx context.Context, name string) (*ServicePrincipal, error)

GetByDisplayName calls ServicePrincipalsAPI.ServicePrincipalDisplayNameToIdMap and returns a single ServicePrincipal.

Returns an error if there's more than one ServicePrincipal with the same .DisplayName.

Note: All ServicePrincipal instances are loaded into memory before returning matching by name.

This method is generated by Databricks SDK Code Generator.

func (*ServicePrincipalsAPI) GetById 

func (a *ServicePrincipalsAPI) GetById(ctx context.Context, id string) (*ServicePrincipal, error)

Get service principal details.

Gets the details for a single service principal define in the Databricks workspace.

func (*ServicePrincipalsAPI) Impl 

func (a *ServicePrincipalsAPI) Impl() ServicePrincipalsService

Impl returns low-level ServicePrincipals API implementation

func (*ServicePrincipalsAPI) ListAll 

func (a *ServicePrincipalsAPI) ListAll(ctx context.Context, request ListServicePrincipalsRequest) ([]ServicePrincipal, error)

List service principals.

Gets the set of service principals associated with a Databricks workspace.

This method is generated by Databricks SDK Code Generator.

Example (ServicePrincipalsOnAws) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

all, err := w.ServicePrincipals.ListAll(ctx, iam.ListServicePrincipalsRequest{})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", all)

Output:

func (*ServicePrincipalsAPI) Patch 

func (a *ServicePrincipalsAPI) Patch(ctx context.Context, request PartialUpdate) error

Update service principal details.

Partially updates the details of a single service principal in the Databricks workspace.

func (*ServicePrincipalsAPI) ServicePrincipalDisplayNameToIdMap 

func (a *ServicePrincipalsAPI) ServicePrincipalDisplayNameToIdMap(ctx context.Context, request ListServicePrincipalsRequest) (map[string]string, error)

ServicePrincipalDisplayNameToIdMap calls ServicePrincipalsAPI.ListAll and creates a map of results with ServicePrincipal.DisplayName as key and ServicePrincipal.Id as value.

Returns an error if there's more than one ServicePrincipal with the same .DisplayName.

Note: All ServicePrincipal instances are loaded into memory before creating a map.

This method is generated by Databricks SDK Code Generator.

func (*ServicePrincipalsAPI) Update 

func (a *ServicePrincipalsAPI) Update(ctx context.Context, request ServicePrincipal) error

Replace service principal.

Updates the details of a single service principal.

This action replaces the existing service principal with the same name.

Example (ServicePrincipalsOnAws) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

created, err := w.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", created)

err = w.ServicePrincipals.Update(ctx, iam.ServicePrincipal{
	Id:          created.Id,
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	Roles: []iam.ComplexValue{iam.ComplexValue{
		Value: "xyz",
	}},
})
if err != nil {
	panic(err)
}

// cleanup

err = w.ServicePrincipals.DeleteById(ctx, created.Id)
if err != nil {
	panic(err)
}

Output:

func (*ServicePrincipalsAPI) WithImpl 

func (a *ServicePrincipalsAPI) WithImpl(impl ServicePrincipalsService) *ServicePrincipalsAPI

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks.

type ServicePrincipalsService 

type ServicePrincipalsService interface {

	// Create a service principal.
	//
	// Creates a new service principal in the Databricks workspace.
	Create(ctx context.Context, request ServicePrincipal) (*ServicePrincipal, error)

	// Delete a service principal.
	//
	// Delete a single service principal in the Databricks workspace.
	Delete(ctx context.Context, request DeleteServicePrincipalRequest) error

	// Get service principal details.
	//
	// Gets the details for a single service principal define in the Databricks
	// workspace.
	Get(ctx context.Context, request GetServicePrincipalRequest) (*ServicePrincipal, error)

	// List service principals.
	//
	// Gets the set of service principals associated with a Databricks
	// workspace.
	//
	// Use ListAll() to get all ServicePrincipal instances
	List(ctx context.Context, request ListServicePrincipalsRequest) (*ListServicePrincipalResponse, error)

	// Update service principal details.
	//
	// Partially updates the details of a single service principal in the
	// Databricks workspace.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace service principal.
	//
	// Updates the details of a single service principal.
	//
	// This action replaces the existing service principal with the same name.
	Update(ctx context.Context, request ServicePrincipal) error
}

Identities for use with jobs, automated tools, and systems such as scripts, apps, and CI/CD platforms. Databricks recommends creating service principals to run production jobs or modify production data. If all processes that act on production data run with service principals, interactive users do not need any write, delete, or modify privileges in production. This eliminates the risk of a user overwriting production data by accident.

type UpdateRuleSetRequest added in v0.10.0 

type UpdateRuleSetRequest struct {
	// Name of the rule set.
	Name string `json:"name"`

	RuleSet RuleSetUpdateRequest `json:"rule_set"`
}

type UpdateWorkspaceAssignments 

type UpdateWorkspaceAssignments struct {
	// Array of permissions assignments to update on the workspace.
	Permissions []WorkspacePermission `json:"permissions"`
	// The ID of the user, service principal, or group.
	PrincipalId int64 `json:"-" url:"-"`
	// The workspace ID.
	WorkspaceId int64 `json:"-" url:"-"`
}

type User 

type User struct {
	// If this user is active
	Active bool `json:"active,omitempty"`
	// String that represents a concatenation of given and family names. For
	// example `John Smith`.
	DisplayName string `json:"displayName,omitempty"`
	// All the emails associated with the Databricks user.
	Emails []ComplexValue `json:"emails,omitempty"`

	Entitlements []ComplexValue `json:"entitlements,omitempty"`

	ExternalId string `json:"externalId,omitempty"`

	Groups []ComplexValue `json:"groups,omitempty"`
	// Databricks user ID.
	Id string `json:"id,omitempty" url:"-"`

	Name *Name `json:"name,omitempty"`

	Roles []ComplexValue `json:"roles,omitempty"`
	// Email address of the Databricks user.
	UserName string `json:"userName,omitempty"`
}

type UsersAPI 

type UsersAPI struct {
	// contains filtered or unexported fields
}

User identities recognized by Databricks and represented by email addresses.

Databricks recommends using SCIM provisioning to sync users and groups automatically from your identity provider to your Databricks workspace. SCIM streamlines onboarding a new employee or team by using your identity provider to create users and groups in Databricks workspace and give them the proper level of access. When a user leaves your organization or no longer needs access to Databricks workspace, admins can terminate the user in your identity provider and that user’s account will also be removed from Databricks workspace. This ensures a consistent offboarding process and prevents unauthorized users from accessing sensitive data.

func NewUsers 

func NewUsers(client *client.DatabricksClient) *UsersAPI

func (*UsersAPI) Create 

func (a *UsersAPI) Create(ctx context.Context, request User) (*User, error)

Create a new user.

Creates a new user in the Databricks workspace. This new user will also be added to the Databricks account.

Example (ClustersApiIntegration) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

otherOwner, err := w.Users.Create(ctx, iam.User{
	UserName: fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", otherOwner)

// cleanup

err = w.Users.DeleteById(ctx, otherOwner.Id)
if err != nil {
	panic(err)
}

Output:
Example (Users) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

user, err := w.Users.Create(ctx, iam.User{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	UserName:    fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", user)

Output:

func (*UsersAPI) Delete 

func (a *UsersAPI) Delete(ctx context.Context, request DeleteUserRequest) error

Delete a user.

Deletes a user. Deleting a user from a Databricks workspace also removes objects associated with the user.

Example (ClustersApiIntegration) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

otherOwner, err := w.Users.Create(ctx, iam.User{
	UserName: fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", otherOwner)

err = w.Users.DeleteById(ctx, otherOwner.Id)
if err != nil {
	panic(err)
}

Output:
Example (Users) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

user, err := w.Users.Create(ctx, iam.User{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	UserName:    fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", user)

err = w.Users.DeleteById(ctx, user.Id)
if err != nil {
	panic(err)
}

Output:

func (*UsersAPI) DeleteById 

func (a *UsersAPI) DeleteById(ctx context.Context, id string) error

Delete a user.

Deletes a user. Deleting a user from a Databricks workspace also removes objects associated with the user.

func (*UsersAPI) Get 

func (a *UsersAPI) Get(ctx context.Context, request GetUserRequest) (*User, error)

Get user details.

Gets information for a specific user in Databricks workspace.

Example (Users) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

user, err := w.Users.Create(ctx, iam.User{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	UserName:    fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", user)

fetch, err := w.Users.GetById(ctx, user.Id)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", fetch)

Output:

func (*UsersAPI) GetById 

func (a *UsersAPI) GetById(ctx context.Context, id string) (*User, error)

Get user details.

Gets information for a specific user in Databricks workspace.

func (*UsersAPI) GetByUserName 

func (a *UsersAPI) GetByUserName(ctx context.Context, name string) (*User, error)

GetByUserName calls UsersAPI.UserUserNameToIdMap and returns a single User.

Returns an error if there's more than one User with the same .UserName.

Note: All User instances are loaded into memory before returning matching by name.

This method is generated by Databricks SDK Code Generator.

func (*UsersAPI) Impl 

func (a *UsersAPI) Impl() UsersService

Impl returns low-level Users API implementation

func (*UsersAPI) ListAll 

func (a *UsersAPI) ListAll(ctx context.Context, request ListUsersRequest) ([]User, error)

List users.

Gets details for all the users associated with a Databricks workspace.

This method is generated by Databricks SDK Code Generator.

Example (Users) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

allUsers, err := w.Users.ListAll(ctx, iam.ListUsersRequest{
	Attributes: "id,userName",
	SortBy:     "userName",
	SortOrder:  iam.ListSortOrderDescending,
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", allUsers)

Output:

func (*UsersAPI) Patch 

func (a *UsersAPI) Patch(ctx context.Context, request PartialUpdate) error

Update user details.

Partially updates a user resource by applying the supplied operations on specific user attributes.

func (*UsersAPI) Update 

func (a *UsersAPI) Update(ctx context.Context, request User) error

Replace a user.

Replaces a user's information with the data supplied in request.

func (*UsersAPI) UserUserNameToIdMap 

func (a *UsersAPI) UserUserNameToIdMap(ctx context.Context, request ListUsersRequest) (map[string]string, error)

UserUserNameToIdMap calls UsersAPI.ListAll and creates a map of results with User.UserName as key and User.Id as value.

Returns an error if there's more than one User with the same .UserName.

Note: All User instances are loaded into memory before creating a map.

This method is generated by Databricks SDK Code Generator.

func (*UsersAPI) WithImpl 

func (a *UsersAPI) WithImpl(impl UsersService) *UsersAPI

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks.

type UsersService 

type UsersService interface {

	// Create a new user.
	//
	// Creates a new user in the Databricks workspace. This new user will also
	// be added to the Databricks account.
	Create(ctx context.Context, request User) (*User, error)

	// Delete a user.
	//
	// Deletes a user. Deleting a user from a Databricks workspace also removes
	// objects associated with the user.
	Delete(ctx context.Context, request DeleteUserRequest) error

	// Get user details.
	//
	// Gets information for a specific user in Databricks workspace.
	Get(ctx context.Context, request GetUserRequest) (*User, error)

	// List users.
	//
	// Gets details for all the users associated with a Databricks workspace.
	//
	// Use ListAll() to get all User instances
	List(ctx context.Context, request ListUsersRequest) (*ListUsersResponse, error)

	// Update user details.
	//
	// Partially updates a user resource by applying the supplied operations on
	// specific user attributes.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace a user.
	//
	// Replaces a user's information with the data supplied in request.
	Update(ctx context.Context, request User) error
}

User identities recognized by Databricks and represented by email addresses.

Databricks recommends using SCIM provisioning to sync users and groups automatically from your identity provider to your Databricks workspace. SCIM streamlines onboarding a new employee or team by using your identity provider to create users and groups in Databricks workspace and give them the proper level of access. When a user leaves your organization or no longer needs access to Databricks workspace, admins can terminate the user in your identity provider and that user’s account will also be removed from Databricks workspace. This ensures a consistent offboarding process and prevents unauthorized users from accessing sensitive data.

type WorkspaceAssignmentAPI 

type WorkspaceAssignmentAPI struct {
	// contains filtered or unexported fields
}

The Workspace Permission Assignment API allows you to manage workspace permissions for principals in your account.

func NewWorkspaceAssignment 

func NewWorkspaceAssignment(client *client.DatabricksClient) *WorkspaceAssignmentAPI

func (*WorkspaceAssignmentAPI) Delete 

func (a *WorkspaceAssignmentAPI) Delete(ctx context.Context, request DeleteWorkspaceAssignmentRequest) error

Delete permissions assignment.

Deletes the workspace permissions assignment in a given account and workspace for the specified principal.

func (*WorkspaceAssignmentAPI) DeleteByWorkspaceIdAndPrincipalId 

func (a *WorkspaceAssignmentAPI) DeleteByWorkspaceIdAndPrincipalId(ctx context.Context, workspaceId int64, principalId int64) error

Delete permissions assignment.

Deletes the workspace permissions assignment in a given account and workspace for the specified principal.

func (*WorkspaceAssignmentAPI) Get 

func (a *WorkspaceAssignmentAPI) Get(ctx context.Context, request GetWorkspaceAssignmentRequest) (*WorkspacePermissions, error)

List workspace permissions.

Get an array of workspace permissions for the specified account and workspace.

func (*WorkspaceAssignmentAPI) GetByWorkspaceId 

func (a *WorkspaceAssignmentAPI) GetByWorkspaceId(ctx context.Context, workspaceId int64) (*WorkspacePermissions, error)

List workspace permissions.

Get an array of workspace permissions for the specified account and workspace.

func (*WorkspaceAssignmentAPI) Impl 

func (a *WorkspaceAssignmentAPI) Impl() WorkspaceAssignmentService

Impl returns low-level WorkspaceAssignment API implementation

func (*WorkspaceAssignmentAPI) ListAll 

func (a *WorkspaceAssignmentAPI) ListAll(ctx context.Context, request ListWorkspaceAssignmentRequest) ([]PermissionAssignment, error)

Get permission assignments.

Get the permission assignments for the specified Databricks account and Databricks workspace.

This method is generated by Databricks SDK Code Generator.

Example (WorkspaceAssignmentOnAws) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

workspaceId := func(v string) int64 {
	i, err := strconv.ParseInt(v, 10, 64)
	if err != nil {
		panic(fmt.Sprintf("`%s` is not int64: %s", v, err))
	}
	return i
}(os.Getenv("TEST_WORKSPACE_ID"))

all, err := a.WorkspaceAssignment.ListByWorkspaceId(ctx, workspaceId)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", all)

Output:

func (*WorkspaceAssignmentAPI) ListByWorkspaceId 

func (a *WorkspaceAssignmentAPI) ListByWorkspaceId(ctx context.Context, workspaceId int64) (*PermissionAssignments, error)

Get permission assignments.

Get the permission assignments for the specified Databricks account and Databricks workspace.

func (*WorkspaceAssignmentAPI) Update 

func (a *WorkspaceAssignmentAPI) Update(ctx context.Context, request UpdateWorkspaceAssignments) error

Create or update permissions assignment.

Creates or updates the workspace permissions assignment in a given account and workspace for the specified principal.

Example (WorkspaceAssignmentOnAws) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

spn, err := a.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", spn)

spnId := func(v string) int64 {
	i, err := strconv.ParseInt(v, 10, 64)
	if err != nil {
		panic(fmt.Sprintf("`%s` is not int64: %s", v, err))
	}
	return i
}(spn.Id)

workspaceId := func(v string) int64 {
	i, err := strconv.ParseInt(v, 10, 64)
	if err != nil {
		panic(fmt.Sprintf("`%s` is not int64: %s", v, err))
	}
	return i
}(os.Getenv("TEST_WORKSPACE_ID"))

err = a.WorkspaceAssignment.Update(ctx, iam.UpdateWorkspaceAssignments{
	WorkspaceId: workspaceId,
	PrincipalId: spnId,
	Permissions: []iam.WorkspacePermission{iam.WorkspacePermissionUser},
})
if err != nil {
	panic(err)
}

Output:

func (*WorkspaceAssignmentAPI) WithImpl 

func (a *WorkspaceAssignmentAPI) WithImpl(impl WorkspaceAssignmentService) *WorkspaceAssignmentAPI

WithImpl could be used to override low-level API implementations for unit testing purposes with github.com/golang/mock or other mocking frameworks.

type WorkspaceAssignmentService 

type WorkspaceAssignmentService interface {

	// Delete permissions assignment.
	//
	// Deletes the workspace permissions assignment in a given account and
	// workspace for the specified principal.
	Delete(ctx context.Context, request DeleteWorkspaceAssignmentRequest) error

	// List workspace permissions.
	//
	// Get an array of workspace permissions for the specified account and
	// workspace.
	Get(ctx context.Context, request GetWorkspaceAssignmentRequest) (*WorkspacePermissions, error)

	// Get permission assignments.
	//
	// Get the permission assignments for the specified Databricks account and
	// Databricks workspace.
	//
	// Use ListAll() to get all PermissionAssignment instances
	List(ctx context.Context, request ListWorkspaceAssignmentRequest) (*PermissionAssignments, error)

	// Create or update permissions assignment.
	//
	// Creates or updates the workspace permissions assignment in a given
	// account and workspace for the specified principal.
	Update(ctx context.Context, request UpdateWorkspaceAssignments) error
}

The Workspace Permission Assignment API allows you to manage workspace permissions for principals in your account.

type WorkspacePermission 

type WorkspacePermission string
const WorkspacePermissionAdmin WorkspacePermission = `ADMIN`
const WorkspacePermissionUnknown WorkspacePermission = `UNKNOWN`
const WorkspacePermissionUser WorkspacePermission = `USER`

func (*WorkspacePermission) Set 

func (f *WorkspacePermission) Set(v string) error

Set raw string value and validate it against allowed values

func (*WorkspacePermission) String 

func (f *WorkspacePermission) String() string

String representation for fmt.Print

func (*WorkspacePermission) Type 

func (f *WorkspacePermission) Type() string

Type always returns WorkspacePermission to satisfy [pflag.Value] interface

type WorkspacePermissions 

type WorkspacePermissions struct {
	// Array of permissions defined for a workspace.
	Permissions []PermissionOutput `json:"permissions,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.