iam

package
v0.56.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 23, 2025 License: Apache-2.0 Imports: 7 Imported by: 28

Documentation

Overview

These APIs allow you to manage Access Control, Account Access Control, Account Access Control Proxy, Account Groups, Account Service Principals, Account Users, Current User, Groups, Permission Migration, Permissions, Service Principals, Users, Workspace Assignment, etc.

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessControlAPI added in v0.56.0 

type AccessControlAPI struct {
	// contains filtered or unexported fields
}

Rule based Access Control for Databricks Resources.

func NewAccessControl added in v0.56.0 

func NewAccessControl(client *client.DatabricksClient) *AccessControlAPI

func (*AccessControlAPI) CheckPolicy added in v0.56.0 

func (a *AccessControlAPI) CheckPolicy(ctx context.Context, request CheckPolicyRequest) (*CheckPolicyResponse, error)

type AccessControlInterface added in v0.56.0 

type AccessControlInterface interface {

	// Check access policy to a resource.
	CheckPolicy(ctx context.Context, request CheckPolicyRequest) (*CheckPolicyResponse, error)
}

type AccessControlRequest 

type AccessControlRequest struct {
	// name of the group
	GroupName string `json:"group_name,omitempty"`
	// Permission level
	PermissionLevel PermissionLevel `json:"permission_level,omitempty"`
	// application ID of a service principal
	ServicePrincipalName string `json:"service_principal_name,omitempty"`
	// name of the user
	UserName string `json:"user_name,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (AccessControlRequest) MarshalJSON added in v0.23.0 

func (s AccessControlRequest) MarshalJSON() ([]byte, error)

func (*AccessControlRequest) UnmarshalJSON added in v0.23.0 

func (s *AccessControlRequest) UnmarshalJSON(b []byte) error

type AccessControlResponse 

type AccessControlResponse struct {
	// All permissions.
	AllPermissions []Permission `json:"all_permissions,omitempty"`
	// Display name of the user or service principal.
	DisplayName string `json:"display_name,omitempty"`
	// name of the group
	GroupName string `json:"group_name,omitempty"`
	// Name of the service principal.
	ServicePrincipalName string `json:"service_principal_name,omitempty"`
	// name of the user
	UserName string `json:"user_name,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (AccessControlResponse) MarshalJSON added in v0.23.0 

func (s AccessControlResponse) MarshalJSON() ([]byte, error)

func (*AccessControlResponse) UnmarshalJSON added in v0.23.0 

func (s *AccessControlResponse) UnmarshalJSON(b []byte) error

type AccessControlService added in v0.56.0 

type AccessControlService interface {

	// Check access policy to a resource.
	CheckPolicy(ctx context.Context, request CheckPolicyRequest) (*CheckPolicyResponse, error)
}

Rule based Access Control for Databricks Resources.

type AccountAccessControlAPI added in v0.10.0 

type AccountAccessControlAPI struct {
	// contains filtered or unexported fields
}

These APIs manage access rules on resources in an account. Currently, only grant rules are supported. A grant rule specifies a role assigned to a set of principals. A list of rules attached to a resource is called a rule set.

func NewAccountAccessControl added in v0.10.0 

func NewAccountAccessControl(client *client.DatabricksClient) *AccountAccessControlAPI

func (*AccountAccessControlAPI) GetAssignableRolesForResource added in v0.10.0 

func (a *AccountAccessControlAPI) GetAssignableRolesForResource(ctx context.Context, request GetAssignableRolesForResourceRequest) (*GetAssignableRolesForResourceResponse, error)

func (*AccountAccessControlAPI) GetRuleSet added in v0.10.0 

func (a *AccountAccessControlAPI) GetRuleSet(ctx context.Context, request GetRuleSetRequest) (*RuleSetResponse, error)

func (*AccountAccessControlAPI) UpdateRuleSet added in v0.10.0 

func (a *AccountAccessControlAPI) UpdateRuleSet(ctx context.Context, request UpdateRuleSetRequest) (*RuleSetResponse, error)

type AccountAccessControlInterface added in v0.29.0 

type AccountAccessControlInterface interface {

	// Get assignable roles for a resource.
	//
	// Gets all the roles that can be granted on an account level resource. A role
	// is grantable if the rule set on the resource can contain an access rule of
	// the role.
	GetAssignableRolesForResource(ctx context.Context, request GetAssignableRolesForResourceRequest) (*GetAssignableRolesForResourceResponse, error)

	// Get a rule set.
	//
	// Get a rule set by its name. A rule set is always attached to a resource and
	// contains a list of access rules on the said resource. Currently only a
	// default rule set for each resource is supported.
	GetRuleSet(ctx context.Context, request GetRuleSetRequest) (*RuleSetResponse, error)

	// Update a rule set.
	//
	// Replace the rules of a rule set. First, use get to read the current version
	// of the rule set before modifying it. This pattern helps prevent conflicts
	// between concurrent updates.
	UpdateRuleSet(ctx context.Context, request UpdateRuleSetRequest) (*RuleSetResponse, error)
}

type AccountAccessControlProxyAPI added in v0.10.0 

type AccountAccessControlProxyAPI struct {
	// contains filtered or unexported fields
}

These APIs manage access rules on resources in an account. Currently, only grant rules are supported. A grant rule specifies a role assigned to a set of principals. A list of rules attached to a resource is called a rule set. A workspace must belong to an account for these APIs to work.

func NewAccountAccessControlProxy added in v0.10.0 

func NewAccountAccessControlProxy(client *client.DatabricksClient) *AccountAccessControlProxyAPI

func (*AccountAccessControlProxyAPI) GetAssignableRolesForResource added in v0.10.0 

func (a *AccountAccessControlProxyAPI) GetAssignableRolesForResource(ctx context.Context, request GetAssignableRolesForResourceRequest) (*GetAssignableRolesForResourceResponse, error)

func (*AccountAccessControlProxyAPI) GetRuleSet added in v0.10.0 

func (a *AccountAccessControlProxyAPI) GetRuleSet(ctx context.Context, request GetRuleSetRequest) (*RuleSetResponse, error)

func (*AccountAccessControlProxyAPI) UpdateRuleSet added in v0.10.0 

func (a *AccountAccessControlProxyAPI) UpdateRuleSet(ctx context.Context, request UpdateRuleSetRequest) (*RuleSetResponse, error)

type AccountAccessControlProxyInterface added in v0.29.0 

type AccountAccessControlProxyInterface interface {

	// Get assignable roles for a resource.
	//
	// Gets all the roles that can be granted on an account-level resource. A role
	// is grantable if the rule set on the resource can contain an access rule of
	// the role.
	GetAssignableRolesForResource(ctx context.Context, request GetAssignableRolesForResourceRequest) (*GetAssignableRolesForResourceResponse, error)

	// Get a rule set.
	//
	// Get a rule set by its name. A rule set is always attached to a resource and
	// contains a list of access rules on the said resource. Currently only a
	// default rule set for each resource is supported.
	GetRuleSet(ctx context.Context, request GetRuleSetRequest) (*RuleSetResponse, error)

	// Update a rule set.
	//
	// Replace the rules of a rule set. First, use a GET rule set request to read
	// the current version of the rule set before modifying it. This pattern helps
	// prevent conflicts between concurrent updates.
	UpdateRuleSet(ctx context.Context, request UpdateRuleSetRequest) (*RuleSetResponse, error)
}

type AccountAccessControlProxyService added in v0.10.0 

type AccountAccessControlProxyService interface {

	// Get assignable roles for a resource.
	//
	// Gets all the roles that can be granted on an account-level resource. A
	// role is grantable if the rule set on the resource can contain an access
	// rule of the role.
	GetAssignableRolesForResource(ctx context.Context, request GetAssignableRolesForResourceRequest) (*GetAssignableRolesForResourceResponse, error)

	// Get a rule set.
	//
	// Get a rule set by its name. A rule set is always attached to a resource
	// and contains a list of access rules on the said resource. Currently only
	// a default rule set for each resource is supported.
	GetRuleSet(ctx context.Context, request GetRuleSetRequest) (*RuleSetResponse, error)

	// Update a rule set.
	//
	// Replace the rules of a rule set. First, use a GET rule set request to
	// read the current version of the rule set before modifying it. This
	// pattern helps prevent conflicts between concurrent updates.
	UpdateRuleSet(ctx context.Context, request UpdateRuleSetRequest) (*RuleSetResponse, error)
}

These APIs manage access rules on resources in an account. Currently, only grant rules are supported. A grant rule specifies a role assigned to a set of principals. A list of rules attached to a resource is called a rule set. A workspace must belong to an account for these APIs to work.

type AccountAccessControlService added in v0.10.0 

type AccountAccessControlService interface {

	// Get assignable roles for a resource.
	//
	// Gets all the roles that can be granted on an account level resource. A
	// role is grantable if the rule set on the resource can contain an access
	// rule of the role.
	GetAssignableRolesForResource(ctx context.Context, request GetAssignableRolesForResourceRequest) (*GetAssignableRolesForResourceResponse, error)

	// Get a rule set.
	//
	// Get a rule set by its name. A rule set is always attached to a resource
	// and contains a list of access rules on the said resource. Currently only
	// a default rule set for each resource is supported.
	GetRuleSet(ctx context.Context, request GetRuleSetRequest) (*RuleSetResponse, error)

	// Update a rule set.
	//
	// Replace the rules of a rule set. First, use get to read the current
	// version of the rule set before modifying it. This pattern helps prevent
	// conflicts between concurrent updates.
	UpdateRuleSet(ctx context.Context, request UpdateRuleSetRequest) (*RuleSetResponse, error)
}

These APIs manage access rules on resources in an account. Currently, only grant rules are supported. A grant rule specifies a role assigned to a set of principals. A list of rules attached to a resource is called a rule set.

type AccountGroupsAPI 

type AccountGroupsAPI struct {
	// contains filtered or unexported fields
}

Groups simplify identity management, making it easier to assign access to Databricks account, data, and other securable objects.

It is best practice to assign access to workspaces and access-control policies in Unity Catalog to groups, instead of to users individually. All Databricks account identities can be assigned as members of groups, and members inherit permissions that are assigned to their group.

func NewAccountGroups 

func NewAccountGroups(client *client.DatabricksClient) *AccountGroupsAPI

func (*AccountGroupsAPI) Create 

func (a *AccountGroupsAPI) Create(ctx context.Context, request Group) (*Group, error)

func (*AccountGroupsAPI) Delete 

func (a *AccountGroupsAPI) Delete(ctx context.Context, request DeleteAccountGroupRequest) error

func (*AccountGroupsAPI) DeleteById 

func (a *AccountGroupsAPI) DeleteById(ctx context.Context, id string) error

Delete a group.

Deletes a group from the Databricks account.

func (*AccountGroupsAPI) Get 

func (a *AccountGroupsAPI) Get(ctx context.Context, request GetAccountGroupRequest) (*Group, error)

func (*AccountGroupsAPI) GetByDisplayName 

func (a *AccountGroupsAPI) GetByDisplayName(ctx context.Context, name string) (*Group, error)

GetByDisplayName calls AccountGroupsAPI.GroupDisplayNameToIdMap and returns a single Group.

Returns an error if there's more than one Group with the same .DisplayName.

Note: All Group instances are loaded into memory before returning matching by name.

This method is generated by Databricks SDK Code Generator.

func (*AccountGroupsAPI) GetById 

func (a *AccountGroupsAPI) GetById(ctx context.Context, id string) (*Group, error)

Get group details.

Gets the information for a specific group in the Databricks account.

func (*AccountGroupsAPI) GroupDisplayNameToIdMap 

func (a *AccountGroupsAPI) GroupDisplayNameToIdMap(ctx context.Context, request ListAccountGroupsRequest) (map[string]string, error)

GroupDisplayNameToIdMap calls AccountGroupsAPI.ListAll and creates a map of results with Group.DisplayName as key and Group.Id as value.

Returns an error if there's more than one Group with the same .DisplayName.

Note: All Group instances are loaded into memory before creating a map.

This method is generated by Databricks SDK Code Generator.

func (*AccountGroupsAPI) List added in v0.24.0 

func (a *AccountGroupsAPI) List(ctx context.Context, request ListAccountGroupsRequest) listing.Iterator[Group]

List group details.

Gets all details of the groups associated with the Databricks account.

This method is generated by Databricks SDK Code Generator.

func (*AccountGroupsAPI) ListAll 

func (a *AccountGroupsAPI) ListAll(ctx context.Context, request ListAccountGroupsRequest) ([]Group, error)

List group details.

Gets all details of the groups associated with the Databricks account.

This method is generated by Databricks SDK Code Generator.

func (*AccountGroupsAPI) Patch 

func (a *AccountGroupsAPI) Patch(ctx context.Context, request PartialUpdate) error

func (*AccountGroupsAPI) Update 

func (a *AccountGroupsAPI) Update(ctx context.Context, request Group) error

type AccountGroupsInterface added in v0.29.0 

type AccountGroupsInterface interface {

	// Create a new group.
	//
	// Creates a group in the Databricks account with a unique name, using the
	// supplied group details.
	Create(ctx context.Context, request Group) (*Group, error)

	// Delete a group.
	//
	// Deletes a group from the Databricks account.
	Delete(ctx context.Context, request DeleteAccountGroupRequest) error

	// Delete a group.
	//
	// Deletes a group from the Databricks account.
	DeleteById(ctx context.Context, id string) error

	// Get group details.
	//
	// Gets the information for a specific group in the Databricks account.
	Get(ctx context.Context, request GetAccountGroupRequest) (*Group, error)

	// Get group details.
	//
	// Gets the information for a specific group in the Databricks account.
	GetById(ctx context.Context, id string) (*Group, error)

	// List group details.
	//
	// Gets all details of the groups associated with the Databricks account.
	//
	// This method is generated by Databricks SDK Code Generator.
	List(ctx context.Context, request ListAccountGroupsRequest) listing.Iterator[Group]

	// List group details.
	//
	// Gets all details of the groups associated with the Databricks account.
	//
	// This method is generated by Databricks SDK Code Generator.
	ListAll(ctx context.Context, request ListAccountGroupsRequest) ([]Group, error)

	// GroupDisplayNameToIdMap calls [AccountGroupsAPI.ListAll] and creates a map of results with [Group].DisplayName as key and [Group].Id as value.
	//
	// Returns an error if there's more than one [Group] with the same .DisplayName.
	//
	// Note: All [Group] instances are loaded into memory before creating a map.
	//
	// This method is generated by Databricks SDK Code Generator.
	GroupDisplayNameToIdMap(ctx context.Context, request ListAccountGroupsRequest) (map[string]string, error)

	// GetByDisplayName calls [AccountGroupsAPI.GroupDisplayNameToIdMap] and returns a single [Group].
	//
	// Returns an error if there's more than one [Group] with the same .DisplayName.
	//
	// Note: All [Group] instances are loaded into memory before returning matching by name.
	//
	// This method is generated by Databricks SDK Code Generator.
	GetByDisplayName(ctx context.Context, name string) (*Group, error)

	// Update group details.
	//
	// Partially updates the details of a group.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace a group.
	//
	// Updates the details of a group by replacing the entire group entity.
	Update(ctx context.Context, request Group) error
}

type AccountGroupsService 

type AccountGroupsService interface {

	// Create a new group.
	//
	// Creates a group in the Databricks account with a unique name, using the
	// supplied group details.
	Create(ctx context.Context, request Group) (*Group, error)

	// Delete a group.
	//
	// Deletes a group from the Databricks account.
	Delete(ctx context.Context, request DeleteAccountGroupRequest) error

	// Get group details.
	//
	// Gets the information for a specific group in the Databricks account.
	Get(ctx context.Context, request GetAccountGroupRequest) (*Group, error)

	// List group details.
	//
	// Gets all details of the groups associated with the Databricks account.
	//
	// Use ListAll() to get all Group instances, which will iterate over every result page.
	List(ctx context.Context, request ListAccountGroupsRequest) (*ListGroupsResponse, error)

	// Update group details.
	//
	// Partially updates the details of a group.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace a group.
	//
	// Updates the details of a group by replacing the entire group entity.
	Update(ctx context.Context, request Group) error
}

Groups simplify identity management, making it easier to assign access to Databricks account, data, and other securable objects.

It is best practice to assign access to workspaces and access-control policies in Unity Catalog to groups, instead of to users individually. All Databricks account identities can be assigned as members of groups, and members inherit permissions that are assigned to their group.

type AccountServicePrincipalsAPI 

type AccountServicePrincipalsAPI struct {
	// contains filtered or unexported fields
}

Identities for use with jobs, automated tools, and systems such as scripts, apps, and CI/CD platforms. Databricks recommends creating service principals to run production jobs or modify production data. If all processes that act on production data run with service principals, interactive users do not need any write, delete, or modify privileges in production. This eliminates the risk of a user overwriting production data by accident.

func NewAccountServicePrincipals 

func NewAccountServicePrincipals(client *client.DatabricksClient) *AccountServicePrincipalsAPI

func (*AccountServicePrincipalsAPI) Create 

func (a *AccountServicePrincipalsAPI) Create(ctx context.Context, request ServicePrincipal) (*ServicePrincipal, error)

func (*AccountServicePrincipalsAPI) Delete 

func (a *AccountServicePrincipalsAPI) Delete(ctx context.Context, request DeleteAccountServicePrincipalRequest) error

func (*AccountServicePrincipalsAPI) DeleteById 

func (a *AccountServicePrincipalsAPI) DeleteById(ctx context.Context, id string) error

Delete a service principal.

Delete a single service principal in the Databricks account.

func (*AccountServicePrincipalsAPI) Get 

func (a *AccountServicePrincipalsAPI) Get(ctx context.Context, request GetAccountServicePrincipalRequest) (*ServicePrincipal, error)

func (*AccountServicePrincipalsAPI) GetByDisplayName 

func (a *AccountServicePrincipalsAPI) GetByDisplayName(ctx context.Context, name string) (*ServicePrincipal, error)

GetByDisplayName calls AccountServicePrincipalsAPI.ServicePrincipalDisplayNameToIdMap and returns a single ServicePrincipal.

Returns an error if there's more than one ServicePrincipal with the same .DisplayName.

Note: All ServicePrincipal instances are loaded into memory before returning matching by name.

This method is generated by Databricks SDK Code Generator.

func (*AccountServicePrincipalsAPI) GetById 

func (a *AccountServicePrincipalsAPI) GetById(ctx context.Context, id string) (*ServicePrincipal, error)

Get service principal details.

Gets the details for a single service principal define in the Databricks account.

func (*AccountServicePrincipalsAPI) List added in v0.24.0 

func (a *AccountServicePrincipalsAPI) List(ctx context.Context, request ListAccountServicePrincipalsRequest) listing.Iterator[ServicePrincipal]

List service principals.

Gets the set of service principals associated with a Databricks account.

This method is generated by Databricks SDK Code Generator.

func (*AccountServicePrincipalsAPI) ListAll 

func (a *AccountServicePrincipalsAPI) ListAll(ctx context.Context, request ListAccountServicePrincipalsRequest) ([]ServicePrincipal, error)

List service principals.

Gets the set of service principals associated with a Databricks account.

This method is generated by Databricks SDK Code Generator.

func (*AccountServicePrincipalsAPI) Patch 

func (a *AccountServicePrincipalsAPI) Patch(ctx context.Context, request PartialUpdate) error

func (*AccountServicePrincipalsAPI) ServicePrincipalDisplayNameToIdMap 

func (a *AccountServicePrincipalsAPI) ServicePrincipalDisplayNameToIdMap(ctx context.Context, request ListAccountServicePrincipalsRequest) (map[string]string, error)

ServicePrincipalDisplayNameToIdMap calls AccountServicePrincipalsAPI.ListAll and creates a map of results with ServicePrincipal.DisplayName as key and ServicePrincipal.Id as value.

Returns an error if there's more than one ServicePrincipal with the same .DisplayName.

Note: All ServicePrincipal instances are loaded into memory before creating a map.

This method is generated by Databricks SDK Code Generator.

func (*AccountServicePrincipalsAPI) Update 

func (a *AccountServicePrincipalsAPI) Update(ctx context.Context, request ServicePrincipal) error

type AccountServicePrincipalsInterface added in v0.29.0 

type AccountServicePrincipalsInterface interface {

	// Create a service principal.
	//
	// Creates a new service principal in the Databricks account.
	Create(ctx context.Context, request ServicePrincipal) (*ServicePrincipal, error)

	// Delete a service principal.
	//
	// Delete a single service principal in the Databricks account.
	Delete(ctx context.Context, request DeleteAccountServicePrincipalRequest) error

	// Delete a service principal.
	//
	// Delete a single service principal in the Databricks account.
	DeleteById(ctx context.Context, id string) error

	// Get service principal details.
	//
	// Gets the details for a single service principal define in the Databricks
	// account.
	Get(ctx context.Context, request GetAccountServicePrincipalRequest) (*ServicePrincipal, error)

	// Get service principal details.
	//
	// Gets the details for a single service principal define in the Databricks
	// account.
	GetById(ctx context.Context, id string) (*ServicePrincipal, error)

	// List service principals.
	//
	// Gets the set of service principals associated with a Databricks account.
	//
	// This method is generated by Databricks SDK Code Generator.
	List(ctx context.Context, request ListAccountServicePrincipalsRequest) listing.Iterator[ServicePrincipal]

	// List service principals.
	//
	// Gets the set of service principals associated with a Databricks account.
	//
	// This method is generated by Databricks SDK Code Generator.
	ListAll(ctx context.Context, request ListAccountServicePrincipalsRequest) ([]ServicePrincipal, error)

	// ServicePrincipalDisplayNameToIdMap calls [AccountServicePrincipalsAPI.ListAll] and creates a map of results with [ServicePrincipal].DisplayName as key and [ServicePrincipal].Id as value.
	//
	// Returns an error if there's more than one [ServicePrincipal] with the same .DisplayName.
	//
	// Note: All [ServicePrincipal] instances are loaded into memory before creating a map.
	//
	// This method is generated by Databricks SDK Code Generator.
	ServicePrincipalDisplayNameToIdMap(ctx context.Context, request ListAccountServicePrincipalsRequest) (map[string]string, error)

	// GetByDisplayName calls [AccountServicePrincipalsAPI.ServicePrincipalDisplayNameToIdMap] and returns a single [ServicePrincipal].
	//
	// Returns an error if there's more than one [ServicePrincipal] with the same .DisplayName.
	//
	// Note: All [ServicePrincipal] instances are loaded into memory before returning matching by name.
	//
	// This method is generated by Databricks SDK Code Generator.
	GetByDisplayName(ctx context.Context, name string) (*ServicePrincipal, error)

	// Update service principal details.
	//
	// Partially updates the details of a single service principal in the Databricks
	// account.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace service principal.
	//
	// Updates the details of a single service principal.
	//
	// This action replaces the existing service principal with the same name.
	Update(ctx context.Context, request ServicePrincipal) error
}

type AccountServicePrincipalsService 

type AccountServicePrincipalsService interface {

	// Create a service principal.
	//
	// Creates a new service principal in the Databricks account.
	Create(ctx context.Context, request ServicePrincipal) (*ServicePrincipal, error)

	// Delete a service principal.
	//
	// Delete a single service principal in the Databricks account.
	Delete(ctx context.Context, request DeleteAccountServicePrincipalRequest) error

	// Get service principal details.
	//
	// Gets the details for a single service principal define in the Databricks
	// account.
	Get(ctx context.Context, request GetAccountServicePrincipalRequest) (*ServicePrincipal, error)

	// List service principals.
	//
	// Gets the set of service principals associated with a Databricks account.
	//
	// Use ListAll() to get all ServicePrincipal instances, which will iterate over every result page.
	List(ctx context.Context, request ListAccountServicePrincipalsRequest) (*ListServicePrincipalResponse, error)

	// Update service principal details.
	//
	// Partially updates the details of a single service principal in the
	// Databricks account.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace service principal.
	//
	// Updates the details of a single service principal.
	//
	// This action replaces the existing service principal with the same name.
	Update(ctx context.Context, request ServicePrincipal) error
}

Identities for use with jobs, automated tools, and systems such as scripts, apps, and CI/CD platforms. Databricks recommends creating service principals to run production jobs or modify production data. If all processes that act on production data run with service principals, interactive users do not need any write, delete, or modify privileges in production. This eliminates the risk of a user overwriting production data by accident.

type AccountUsersAPI 

type AccountUsersAPI struct {
	// contains filtered or unexported fields
}

User identities recognized by Databricks and represented by email addresses.

Databricks recommends using SCIM provisioning to sync users and groups automatically from your identity provider to your Databricks account. SCIM streamlines onboarding a new employee or team by using your identity provider to create users and groups in Databricks account and give them the proper level of access. When a user leaves your organization or no longer needs access to Databricks account, admins can terminate the user in your identity provider and that user’s account will also be removed from Databricks account. This ensures a consistent offboarding process and prevents unauthorized users from accessing sensitive data.

func NewAccountUsers 

func NewAccountUsers(client *client.DatabricksClient) *AccountUsersAPI

func (*AccountUsersAPI) Create 

func (a *AccountUsersAPI) Create(ctx context.Context, request User) (*User, error)

func (*AccountUsersAPI) Delete 

func (a *AccountUsersAPI) Delete(ctx context.Context, request DeleteAccountUserRequest) error

func (*AccountUsersAPI) DeleteById 

func (a *AccountUsersAPI) DeleteById(ctx context.Context, id string) error

Delete a user.

Deletes a user. Deleting a user from a Databricks account also removes objects associated with the user.

func (*AccountUsersAPI) Get 

func (a *AccountUsersAPI) Get(ctx context.Context, request GetAccountUserRequest) (*User, error)

func (*AccountUsersAPI) GetById 

func (a *AccountUsersAPI) GetById(ctx context.Context, id string) (*User, error)

Get user details.

Gets information for a specific user in Databricks account.

func (*AccountUsersAPI) GetByUserName 

func (a *AccountUsersAPI) GetByUserName(ctx context.Context, name string) (*User, error)

GetByUserName calls AccountUsersAPI.UserUserNameToIdMap and returns a single User.

Returns an error if there's more than one User with the same .UserName.

Note: All User instances are loaded into memory before returning matching by name.

This method is generated by Databricks SDK Code Generator.

func (*AccountUsersAPI) List added in v0.24.0 

func (a *AccountUsersAPI) List(ctx context.Context, request ListAccountUsersRequest) listing.Iterator[User]

List users.

Gets details for all the users associated with a Databricks account.

This method is generated by Databricks SDK Code Generator.

func (*AccountUsersAPI) ListAll 

func (a *AccountUsersAPI) ListAll(ctx context.Context, request ListAccountUsersRequest) ([]User, error)

List users.

Gets details for all the users associated with a Databricks account.

This method is generated by Databricks SDK Code Generator.

func (*AccountUsersAPI) Patch 

func (a *AccountUsersAPI) Patch(ctx context.Context, request PartialUpdate) error

func (*AccountUsersAPI) Update 

func (a *AccountUsersAPI) Update(ctx context.Context, request User) error

func (*AccountUsersAPI) UserUserNameToIdMap 

func (a *AccountUsersAPI) UserUserNameToIdMap(ctx context.Context, request ListAccountUsersRequest) (map[string]string, error)

UserUserNameToIdMap calls AccountUsersAPI.ListAll and creates a map of results with User.UserName as key and User.Id as value.

Returns an error if there's more than one User with the same .UserName.

Note: All User instances are loaded into memory before creating a map.

This method is generated by Databricks SDK Code Generator.

type AccountUsersInterface added in v0.29.0 

type AccountUsersInterface interface {

	// Create a new user.
	//
	// Creates a new user in the Databricks account. This new user will also be
	// added to the Databricks account.
	Create(ctx context.Context, request User) (*User, error)

	// Delete a user.
	//
	// Deletes a user. Deleting a user from a Databricks account also removes
	// objects associated with the user.
	Delete(ctx context.Context, request DeleteAccountUserRequest) error

	// Delete a user.
	//
	// Deletes a user. Deleting a user from a Databricks account also removes
	// objects associated with the user.
	DeleteById(ctx context.Context, id string) error

	// Get user details.
	//
	// Gets information for a specific user in Databricks account.
	Get(ctx context.Context, request GetAccountUserRequest) (*User, error)

	// Get user details.
	//
	// Gets information for a specific user in Databricks account.
	GetById(ctx context.Context, id string) (*User, error)

	// List users.
	//
	// Gets details for all the users associated with a Databricks account.
	//
	// This method is generated by Databricks SDK Code Generator.
	List(ctx context.Context, request ListAccountUsersRequest) listing.Iterator[User]

	// List users.
	//
	// Gets details for all the users associated with a Databricks account.
	//
	// This method is generated by Databricks SDK Code Generator.
	ListAll(ctx context.Context, request ListAccountUsersRequest) ([]User, error)

	// UserUserNameToIdMap calls [AccountUsersAPI.ListAll] and creates a map of results with [User].UserName as key and [User].Id as value.
	//
	// Returns an error if there's more than one [User] with the same .UserName.
	//
	// Note: All [User] instances are loaded into memory before creating a map.
	//
	// This method is generated by Databricks SDK Code Generator.
	UserUserNameToIdMap(ctx context.Context, request ListAccountUsersRequest) (map[string]string, error)

	// GetByUserName calls [AccountUsersAPI.UserUserNameToIdMap] and returns a single [User].
	//
	// Returns an error if there's more than one [User] with the same .UserName.
	//
	// Note: All [User] instances are loaded into memory before returning matching by name.
	//
	// This method is generated by Databricks SDK Code Generator.
	GetByUserName(ctx context.Context, name string) (*User, error)

	// Update user details.
	//
	// Partially updates a user resource by applying the supplied operations on
	// specific user attributes.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace a user.
	//
	// Replaces a user's information with the data supplied in request.
	Update(ctx context.Context, request User) error
}

type AccountUsersService 

type AccountUsersService interface {

	// Create a new user.
	//
	// Creates a new user in the Databricks account. This new user will also be
	// added to the Databricks account.
	Create(ctx context.Context, request User) (*User, error)

	// Delete a user.
	//
	// Deletes a user. Deleting a user from a Databricks account also removes
	// objects associated with the user.
	Delete(ctx context.Context, request DeleteAccountUserRequest) error

	// Get user details.
	//
	// Gets information for a specific user in Databricks account.
	Get(ctx context.Context, request GetAccountUserRequest) (*User, error)

	// List users.
	//
	// Gets details for all the users associated with a Databricks account.
	//
	// Use ListAll() to get all User instances, which will iterate over every result page.
	List(ctx context.Context, request ListAccountUsersRequest) (*ListUsersResponse, error)

	// Update user details.
	//
	// Partially updates a user resource by applying the supplied operations on
	// specific user attributes.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace a user.
	//
	// Replaces a user's information with the data supplied in request.
	Update(ctx context.Context, request User) error
}

User identities recognized by Databricks and represented by email addresses.

Databricks recommends using SCIM provisioning to sync users and groups automatically from your identity provider to your Databricks account. SCIM streamlines onboarding a new employee or team by using your identity provider to create users and groups in Databricks account and give them the proper level of access. When a user leaves your organization or no longer needs access to Databricks account, admins can terminate the user in your identity provider and that user’s account will also be removed from Databricks account. This ensures a consistent offboarding process and prevents unauthorized users from accessing sensitive data.

type Actor added in v0.56.0 

type Actor struct {
	ActorId int64 `json:"actor_id,omitempty" url:"actor_id,omitempty"`

	ForceSendFields []string `json:"-"`
}

represents an identity trying to access a resource - user or a service principal group can be a principal of a permission set assignment but an actor is always a user or a service principal

func (Actor) MarshalJSON added in v0.56.0 

func (s Actor) MarshalJSON() ([]byte, error)

func (*Actor) UnmarshalJSON added in v0.56.0 

func (s *Actor) UnmarshalJSON(b []byte) error

type CheckPolicyRequest added in v0.56.0 

type CheckPolicyRequest struct {
	Actor Actor `json:"-" url:"actor"`

	AuthzIdentity RequestAuthzIdentity `json:"-" url:"authz_identity"`

	ConsistencyToken ConsistencyToken `json:"-" url:"consistency_token"`

	Permission string `json:"-" url:"permission"`
	// Ex: (servicePrincipal/use,
	// accounts/<account-id>/servicePrincipals/<sp-id>) Ex:
	// (servicePrincipal.ruleSet/update,
	// accounts/<account-id>/servicePrincipals/<sp-id>/ruleSets/default)
	Resource string `json:"-" url:"resource"`

	ResourceInfo *ResourceInfo `json:"-" url:"resource_info,omitempty"`
}

Check access policy to a resource

type CheckPolicyResponse added in v0.56.0 

type CheckPolicyResponse struct {
	ConsistencyToken ConsistencyToken `json:"consistency_token"`

	IsPermitted bool `json:"is_permitted,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (CheckPolicyResponse) MarshalJSON added in v0.56.0 

func (s CheckPolicyResponse) MarshalJSON() ([]byte, error)

func (*CheckPolicyResponse) UnmarshalJSON added in v0.56.0 

func (s *CheckPolicyResponse) UnmarshalJSON(b []byte) error

type ComplexValue 

type ComplexValue struct {
	Display string `json:"display,omitempty"`

	Primary bool `json:"primary,omitempty"`

	Ref string `json:"$ref,omitempty"`

	Type string `json:"type,omitempty"`

	Value string `json:"value,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (ComplexValue) MarshalJSON added in v0.23.0 

func (s ComplexValue) MarshalJSON() ([]byte, error)

func (*ComplexValue) UnmarshalJSON added in v0.23.0 

func (s *ComplexValue) UnmarshalJSON(b []byte) error

type ConsistencyToken added in v0.56.0 

type ConsistencyToken struct {
	Value string `json:"value"`
}

type CurrentUserAPI 

type CurrentUserAPI struct {
	// contains filtered or unexported fields
}

This API allows retrieving information about currently authenticated user or service principal.

func NewCurrentUser 

func NewCurrentUser(client *client.DatabricksClient) *CurrentUserAPI

func (*CurrentUserAPI) Me 

func (a *CurrentUserAPI) Me(ctx context.Context) (*User, error)
Example (CurrentUser) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

me, err := w.CurrentUser.Me(ctx)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", me)

Output:
Example (Tokens) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

me2, err := w.CurrentUser.Me(ctx)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", me2)

Output:

type CurrentUserInterface added in v0.29.0 

type CurrentUserInterface interface {

	// Get current user info.
	//
	// Get details about the current method caller's identity.
	Me(ctx context.Context) (*User, error)
}

type CurrentUserService 

type CurrentUserService interface {

	// Get current user info.
	//
	// Get details about the current method caller's identity.
	Me(ctx context.Context) (*User, error)
}

This API allows retrieving information about currently authenticated user or service principal.

type DeleteAccountGroupRequest 

type DeleteAccountGroupRequest struct {
	// Unique ID for a group in the Databricks account.
	Id string `json:"-" url:"-"`
}

Delete a group

type DeleteAccountServicePrincipalRequest 

type DeleteAccountServicePrincipalRequest struct {
	// Unique ID for a service principal in the Databricks account.
	Id string `json:"-" url:"-"`
}

Delete a service principal

type DeleteAccountUserRequest 

type DeleteAccountUserRequest struct {
	// Unique ID for a user in the Databricks account.
	Id string `json:"-" url:"-"`
}

Delete a user

type DeleteGroupRequest 

type DeleteGroupRequest struct {
	// Unique ID for a group in the Databricks workspace.
	Id string `json:"-" url:"-"`
}

Delete a group

type DeleteResponse added in v0.34.0 

type DeleteResponse struct {
}

type DeleteServicePrincipalRequest 

type DeleteServicePrincipalRequest struct {
	// Unique ID for a service principal in the Databricks workspace.
	Id string `json:"-" url:"-"`
}

Delete a service principal

type DeleteUserRequest 

type DeleteUserRequest struct {
	// Unique ID for a user in the Databricks workspace.
	Id string `json:"-" url:"-"`
}

Delete a user

type DeleteWorkspaceAssignmentRequest 

type DeleteWorkspaceAssignmentRequest struct {
	// The ID of the user, service principal, or group.
	PrincipalId int64 `json:"-" url:"-"`
	// The workspace ID for the account.
	WorkspaceId int64 `json:"-" url:"-"`
}

Delete permissions assignment

type DeleteWorkspacePermissionAssignmentResponse added in v0.44.0 

type DeleteWorkspacePermissionAssignmentResponse struct {
}

type GetAccountGroupRequest 

type GetAccountGroupRequest struct {
	// Unique ID for a group in the Databricks account.
	Id string `json:"-" url:"-"`
}

Get group details

type GetAccountServicePrincipalRequest 

type GetAccountServicePrincipalRequest struct {
	// Unique ID for a service principal in the Databricks account.
	Id string `json:"-" url:"-"`
}

Get service principal details

type GetAccountUserRequest 

type GetAccountUserRequest struct {
	// Comma-separated list of attributes to return in response.
	Attributes string `json:"-" url:"attributes,omitempty"`
	// Desired number of results per page. Default is 10000.
	Count int `json:"-" url:"count,omitempty"`
	// Comma-separated list of attributes to exclude in response.
	ExcludedAttributes string `json:"-" url:"excludedAttributes,omitempty"`
	// Query by which the results have to be filtered. Supported operators are
	// equals(`eq`), contains(`co`), starts with(`sw`) and not equals(`ne`).
	// Additionally, simple expressions can be formed using logical operators -
	// `and` and `or`. The [SCIM RFC] has more details but we currently only
	// support simple expressions.
	//
	// [SCIM RFC]: https://tools.ietf.org/html/rfc7644#section-3.4.2.2
	Filter string `json:"-" url:"filter,omitempty"`
	// Unique ID for a user in the Databricks account.
	Id string `json:"-" url:"-"`
	// Attribute to sort the results. Multi-part paths are supported. For
	// example, `userName`, `name.givenName`, and `emails`.
	SortBy string `json:"-" url:"sortBy,omitempty"`
	// The order to sort the results.
	SortOrder GetSortOrder `json:"-" url:"sortOrder,omitempty"`
	// Specifies the index of the first result. First item is number 1.
	StartIndex int `json:"-" url:"startIndex,omitempty"`

	ForceSendFields []string `json:"-"`
}

Get user details

func (GetAccountUserRequest) MarshalJSON added in v0.24.0 

func (s GetAccountUserRequest) MarshalJSON() ([]byte, error)

func (*GetAccountUserRequest) UnmarshalJSON added in v0.24.0 

func (s *GetAccountUserRequest) UnmarshalJSON(b []byte) error

type GetAssignableRolesForResourceRequest added in v0.10.0 

type GetAssignableRolesForResourceRequest struct {
	// The resource name for which assignable roles will be listed.
	Resource string `json:"-" url:"resource"`
}

Get assignable roles for a resource

type GetAssignableRolesForResourceResponse added in v0.10.0 

type GetAssignableRolesForResourceResponse struct {
	Roles []Role `json:"roles,omitempty"`
}

type GetGroupRequest 

type GetGroupRequest struct {
	// Unique ID for a group in the Databricks workspace.
	Id string `json:"-" url:"-"`
}

Get group details

type GetPasswordPermissionLevelsResponse added in v0.15.0 

type GetPasswordPermissionLevelsResponse struct {
	// Specific permission levels
	PermissionLevels []PasswordPermissionsDescription `json:"permission_levels,omitempty"`
}

type GetPermissionLevelsRequest 

type GetPermissionLevelsRequest struct {
	// <needs content>
	RequestObjectId string `json:"-" url:"-"`
	// <needs content>
	RequestObjectType string `json:"-" url:"-"`
}

Get object permission levels

type GetPermissionLevelsResponse 

type GetPermissionLevelsResponse struct {
	// Specific permission levels
	PermissionLevels []PermissionsDescription `json:"permission_levels,omitempty"`
}

type GetPermissionRequest 

type GetPermissionRequest struct {
	// The id of the request object.
	RequestObjectId string `json:"-" url:"-"`
	// The type of the request object. Can be one of the following: alerts,
	// authorization, clusters, cluster-policies, dashboards, dbsql-dashboards,
	// directories, experiments, files, instance-pools, jobs, notebooks,
	// pipelines, queries, registered-models, repos, serving-endpoints, or
	// warehouses.
	RequestObjectType string `json:"-" url:"-"`
}

Get object permissions

type GetRuleSetRequest added in v0.10.0 

type GetRuleSetRequest struct {
	// Etag used for versioning. The response is at least as fresh as the eTag
	// provided. Etag is used for optimistic concurrency control as a way to
	// help prevent simultaneous updates of a rule set from overwriting each
	// other. It is strongly suggested that systems make use of the etag in the
	// read -> modify -> write pattern to perform rule set updates in order to
	// avoid race conditions that is get an etag from a GET rule set request,
	// and pass it with the PUT update request to identify the rule set version
	// you are updating.
	Etag string `json:"-" url:"etag"`
	// The ruleset name associated with the request.
	Name string `json:"-" url:"name"`
}

Get a rule set

type GetServicePrincipalRequest 

type GetServicePrincipalRequest struct {
	// Unique ID for a service principal in the Databricks workspace.
	Id string `json:"-" url:"-"`
}

Get service principal details

type GetSortOrder added in v0.24.0 

type GetSortOrder string
const GetSortOrderAscending GetSortOrder = `ascending`
const GetSortOrderDescending GetSortOrder = `descending`

func (*GetSortOrder) Set added in v0.24.0 

func (f *GetSortOrder) Set(v string) error

Set raw string value and validate it against allowed values

func (*GetSortOrder) String added in v0.24.0 

func (f *GetSortOrder) String() string

String representation for fmt.Print

func (*GetSortOrder) Type added in v0.24.0 

func (f *GetSortOrder) Type() string

Type always returns GetSortOrder to satisfy [pflag.Value] interface

type GetUserRequest 

type GetUserRequest struct {
	// Comma-separated list of attributes to return in response.
	Attributes string `json:"-" url:"attributes,omitempty"`
	// Desired number of results per page.
	Count int `json:"-" url:"count,omitempty"`
	// Comma-separated list of attributes to exclude in response.
	ExcludedAttributes string `json:"-" url:"excludedAttributes,omitempty"`
	// Query by which the results have to be filtered. Supported operators are
	// equals(`eq`), contains(`co`), starts with(`sw`) and not equals(`ne`).
	// Additionally, simple expressions can be formed using logical operators -
	// `and` and `or`. The [SCIM RFC] has more details but we currently only
	// support simple expressions.
	//
	// [SCIM RFC]: https://tools.ietf.org/html/rfc7644#section-3.4.2.2
	Filter string `json:"-" url:"filter,omitempty"`
	// Unique ID for a user in the Databricks workspace.
	Id string `json:"-" url:"-"`
	// Attribute to sort the results. Multi-part paths are supported. For
	// example, `userName`, `name.givenName`, and `emails`.
	SortBy string `json:"-" url:"sortBy,omitempty"`
	// The order to sort the results.
	SortOrder GetSortOrder `json:"-" url:"sortOrder,omitempty"`
	// Specifies the index of the first result. First item is number 1.
	StartIndex int `json:"-" url:"startIndex,omitempty"`

	ForceSendFields []string `json:"-"`
}

Get user details

func (GetUserRequest) MarshalJSON added in v0.24.0 

func (s GetUserRequest) MarshalJSON() ([]byte, error)

func (*GetUserRequest) UnmarshalJSON added in v0.24.0 

func (s *GetUserRequest) UnmarshalJSON(b []byte) error

type GetWorkspaceAssignmentRequest 

type GetWorkspaceAssignmentRequest struct {
	// The workspace ID.
	WorkspaceId int64 `json:"-" url:"-"`
}

List workspace permissions

type GrantRule added in v0.10.0 

type GrantRule struct {
	// Principals this grant rule applies to.
	Principals []string `json:"principals,omitempty"`
	// Role that is assigned to the list of principals.
	Role string `json:"role"`
}

type Group 

type Group struct {
	// String that represents a human-readable group name
	DisplayName string `json:"displayName,omitempty"`
	// Entitlements assigned to the group. See [assigning entitlements] for a
	// full list of supported values.
	//
	// [assigning entitlements]: https://docs.databricks.com/administration-guide/users-groups/index.html#assigning-entitlements
	Entitlements []ComplexValue `json:"entitlements,omitempty"`

	ExternalId string `json:"externalId,omitempty"`

	Groups []ComplexValue `json:"groups,omitempty"`
	// Databricks group ID
	Id string `json:"id,omitempty" url:"-"`

	Members []ComplexValue `json:"members,omitempty"`
	// Container for the group identifier. Workspace local versus account.
	Meta *ResourceMeta `json:"meta,omitempty"`
	// Corresponds to AWS instance profile/arn role.
	Roles []ComplexValue `json:"roles,omitempty"`
	// The schema of the group.
	Schemas []GroupSchema `json:"schemas,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (Group) MarshalJSON added in v0.23.0 

func (s Group) MarshalJSON() ([]byte, error)

func (*Group) UnmarshalJSON added in v0.23.0 

func (s *Group) UnmarshalJSON(b []byte) error

type GroupSchema added in v0.24.0 

type GroupSchema string
const GroupSchemaUrnIetfParamsScimSchemasCore20Group GroupSchema = `urn:ietf:params:scim:schemas:core:2.0:Group`

func (*GroupSchema) Set added in v0.24.0 

func (f *GroupSchema) Set(v string) error

Set raw string value and validate it against allowed values

func (*GroupSchema) String added in v0.24.0 

func (f *GroupSchema) String() string

String representation for fmt.Print

func (*GroupSchema) Type added in v0.24.0 

func (f *GroupSchema) Type() string

Type always returns GroupSchema to satisfy [pflag.Value] interface

type GroupsAPI 

type GroupsAPI struct {
	// contains filtered or unexported fields
}

Groups simplify identity management, making it easier to assign access to Databricks workspace, data, and other securable objects.

It is best practice to assign access to workspaces and access-control policies in Unity Catalog to groups, instead of to users individually. All Databricks workspace identities can be assigned as members of groups, and members inherit permissions that are assigned to their group.

func NewGroups 

func NewGroups(client *client.DatabricksClient) *GroupsAPI

func (*GroupsAPI) Create 

func (a *GroupsAPI) Create(ctx context.Context, request Group) (*Group, error)
Example (GenericPermissions) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

// cleanup

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:
Example (Groups) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

// cleanup

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:
Example (Secrets) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

// cleanup

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:

func (*GroupsAPI) Delete 

func (a *GroupsAPI) Delete(ctx context.Context, request DeleteGroupRequest) error
Example (GenericPermissions) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:
Example (Groups) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

// cleanup

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:
Example (Secrets) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:

func (*GroupsAPI) DeleteById 

func (a *GroupsAPI) DeleteById(ctx context.Context, id string) error

Delete a group.

Deletes a group from the Databricks workspace.

func (*GroupsAPI) Get 

func (a *GroupsAPI) Get(ctx context.Context, request GetGroupRequest) (*Group, error)
Example (Groups) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

fetch, err := w.Groups.GetById(ctx, group.Id)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", fetch)

// cleanup

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:

func (*GroupsAPI) GetByDisplayName 

func (a *GroupsAPI) GetByDisplayName(ctx context.Context, name string) (*Group, error)

GetByDisplayName calls GroupsAPI.GroupDisplayNameToIdMap and returns a single Group.

Returns an error if there's more than one Group with the same .DisplayName.

Note: All Group instances are loaded into memory before returning matching by name.

This method is generated by Databricks SDK Code Generator.

func (*GroupsAPI) GetById 

func (a *GroupsAPI) GetById(ctx context.Context, id string) (*Group, error)

Get group details.

Gets the information for a specific group in the Databricks workspace.

func (*GroupsAPI) GroupDisplayNameToIdMap 

func (a *GroupsAPI) GroupDisplayNameToIdMap(ctx context.Context, request ListGroupsRequest) (map[string]string, error)

GroupDisplayNameToIdMap calls GroupsAPI.ListAll and creates a map of results with Group.DisplayName as key and Group.Id as value.

Returns an error if there's more than one Group with the same .DisplayName.

Note: All Group instances are loaded into memory before creating a map.

This method is generated by Databricks SDK Code Generator.

func (*GroupsAPI) List added in v0.24.0 

func (a *GroupsAPI) List(ctx context.Context, request ListGroupsRequest) listing.Iterator[Group]

List group details.

Gets all details of the groups associated with the Databricks workspace.

This method is generated by Databricks SDK Code Generator.

func (*GroupsAPI) ListAll 

func (a *GroupsAPI) ListAll(ctx context.Context, request ListGroupsRequest) ([]Group, error)

List group details.

Gets all details of the groups associated with the Databricks workspace.

This method is generated by Databricks SDK Code Generator.

func (*GroupsAPI) Patch 

func (a *GroupsAPI) Patch(ctx context.Context, request PartialUpdate) error

func (*GroupsAPI) Update 

func (a *GroupsAPI) Update(ctx context.Context, request Group) error

type GroupsInterface added in v0.29.0 

type GroupsInterface interface {

	// Create a new group.
	//
	// Creates a group in the Databricks workspace with a unique name, using the
	// supplied group details.
	Create(ctx context.Context, request Group) (*Group, error)

	// Delete a group.
	//
	// Deletes a group from the Databricks workspace.
	Delete(ctx context.Context, request DeleteGroupRequest) error

	// Delete a group.
	//
	// Deletes a group from the Databricks workspace.
	DeleteById(ctx context.Context, id string) error

	// Get group details.
	//
	// Gets the information for a specific group in the Databricks workspace.
	Get(ctx context.Context, request GetGroupRequest) (*Group, error)

	// Get group details.
	//
	// Gets the information for a specific group in the Databricks workspace.
	GetById(ctx context.Context, id string) (*Group, error)

	// List group details.
	//
	// Gets all details of the groups associated with the Databricks workspace.
	//
	// This method is generated by Databricks SDK Code Generator.
	List(ctx context.Context, request ListGroupsRequest) listing.Iterator[Group]

	// List group details.
	//
	// Gets all details of the groups associated with the Databricks workspace.
	//
	// This method is generated by Databricks SDK Code Generator.
	ListAll(ctx context.Context, request ListGroupsRequest) ([]Group, error)

	// GroupDisplayNameToIdMap calls [GroupsAPI.ListAll] and creates a map of results with [Group].DisplayName as key and [Group].Id as value.
	//
	// Returns an error if there's more than one [Group] with the same .DisplayName.
	//
	// Note: All [Group] instances are loaded into memory before creating a map.
	//
	// This method is generated by Databricks SDK Code Generator.
	GroupDisplayNameToIdMap(ctx context.Context, request ListGroupsRequest) (map[string]string, error)

	// GetByDisplayName calls [GroupsAPI.GroupDisplayNameToIdMap] and returns a single [Group].
	//
	// Returns an error if there's more than one [Group] with the same .DisplayName.
	//
	// Note: All [Group] instances are loaded into memory before returning matching by name.
	//
	// This method is generated by Databricks SDK Code Generator.
	GetByDisplayName(ctx context.Context, name string) (*Group, error)

	// Update group details.
	//
	// Partially updates the details of a group.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace a group.
	//
	// Updates the details of a group by replacing the entire group entity.
	Update(ctx context.Context, request Group) error
}

type GroupsService 

type GroupsService interface {

	// Create a new group.
	//
	// Creates a group in the Databricks workspace with a unique name, using the
	// supplied group details.
	Create(ctx context.Context, request Group) (*Group, error)

	// Delete a group.
	//
	// Deletes a group from the Databricks workspace.
	Delete(ctx context.Context, request DeleteGroupRequest) error

	// Get group details.
	//
	// Gets the information for a specific group in the Databricks workspace.
	Get(ctx context.Context, request GetGroupRequest) (*Group, error)

	// List group details.
	//
	// Gets all details of the groups associated with the Databricks workspace.
	//
	// Use ListAll() to get all Group instances, which will iterate over every result page.
	List(ctx context.Context, request ListGroupsRequest) (*ListGroupsResponse, error)

	// Update group details.
	//
	// Partially updates the details of a group.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace a group.
	//
	// Updates the details of a group by replacing the entire group entity.
	Update(ctx context.Context, request Group) error
}

Groups simplify identity management, making it easier to assign access to Databricks workspace, data, and other securable objects.

It is best practice to assign access to workspaces and access-control policies in Unity Catalog to groups, instead of to users individually. All Databricks workspace identities can be assigned as members of groups, and members inherit permissions that are assigned to their group.

type ListAccountGroupsRequest 

type ListAccountGroupsRequest struct {
	// Comma-separated list of attributes to return in response.
	Attributes string `json:"-" url:"attributes,omitempty"`
	// Desired number of results per page. Default is 10000.
	Count int64 `json:"-" url:"count,omitempty"`
	// Comma-separated list of attributes to exclude in response.
	ExcludedAttributes string `json:"-" url:"excludedAttributes,omitempty"`
	// Query by which the results have to be filtered. Supported operators are
	// equals(`eq`), contains(`co`), starts with(`sw`) and not equals(`ne`).
	// Additionally, simple expressions can be formed using logical operators -
	// `and` and `or`. The [SCIM RFC] has more details but we currently only
	// support simple expressions.
	//
	// [SCIM RFC]: https://tools.ietf.org/html/rfc7644#section-3.4.2.2
	Filter string `json:"-" url:"filter,omitempty"`
	// Attribute to sort the results.
	SortBy string `json:"-" url:"sortBy,omitempty"`
	// The order to sort the results.
	SortOrder ListSortOrder `json:"-" url:"sortOrder,omitempty"`
	// Specifies the index of the first result. First item is number 1.
	StartIndex int64 `json:"-" url:"startIndex,omitempty"`

	ForceSendFields []string `json:"-"`
}

List group details

func (ListAccountGroupsRequest) MarshalJSON added in v0.23.0 

func (s ListAccountGroupsRequest) MarshalJSON() ([]byte, error)

func (*ListAccountGroupsRequest) UnmarshalJSON added in v0.23.0 

func (s *ListAccountGroupsRequest) UnmarshalJSON(b []byte) error

type ListAccountServicePrincipalsRequest 

type ListAccountServicePrincipalsRequest struct {
	// Comma-separated list of attributes to return in response.
	Attributes string `json:"-" url:"attributes,omitempty"`
	// Desired number of results per page. Default is 10000.
	Count int64 `json:"-" url:"count,omitempty"`
	// Comma-separated list of attributes to exclude in response.
	ExcludedAttributes string `json:"-" url:"excludedAttributes,omitempty"`
	// Query by which the results have to be filtered. Supported operators are
	// equals(`eq`), contains(`co`), starts with(`sw`) and not equals(`ne`).
	// Additionally, simple expressions can be formed using logical operators -
	// `and` and `or`. The [SCIM RFC] has more details but we currently only
	// support simple expressions.
	//
	// [SCIM RFC]: https://tools.ietf.org/html/rfc7644#section-3.4.2.2
	Filter string `json:"-" url:"filter,omitempty"`
	// Attribute to sort the results.
	SortBy string `json:"-" url:"sortBy,omitempty"`
	// The order to sort the results.
	SortOrder ListSortOrder `json:"-" url:"sortOrder,omitempty"`
	// Specifies the index of the first result. First item is number 1.
	StartIndex int64 `json:"-" url:"startIndex,omitempty"`

	ForceSendFields []string `json:"-"`
}

List service principals

func (ListAccountServicePrincipalsRequest) MarshalJSON added in v0.23.0 

func (s ListAccountServicePrincipalsRequest) MarshalJSON() ([]byte, error)

func (*ListAccountServicePrincipalsRequest) UnmarshalJSON added in v0.23.0 

func (s *ListAccountServicePrincipalsRequest) UnmarshalJSON(b []byte) error

type ListAccountUsersRequest 

type ListAccountUsersRequest struct {
	// Comma-separated list of attributes to return in response.
	Attributes string `json:"-" url:"attributes,omitempty"`
	// Desired number of results per page. Default is 10000.
	Count int64 `json:"-" url:"count,omitempty"`
	// Comma-separated list of attributes to exclude in response.
	ExcludedAttributes string `json:"-" url:"excludedAttributes,omitempty"`
	// Query by which the results have to be filtered. Supported operators are
	// equals(`eq`), contains(`co`), starts with(`sw`) and not equals(`ne`).
	// Additionally, simple expressions can be formed using logical operators -
	// `and` and `or`. The [SCIM RFC] has more details but we currently only
	// support simple expressions.
	//
	// [SCIM RFC]: https://tools.ietf.org/html/rfc7644#section-3.4.2.2
	Filter string `json:"-" url:"filter,omitempty"`
	// Attribute to sort the results. Multi-part paths are supported. For
	// example, `userName`, `name.givenName`, and `emails`.
	SortBy string `json:"-" url:"sortBy,omitempty"`
	// The order to sort the results.
	SortOrder ListSortOrder `json:"-" url:"sortOrder,omitempty"`
	// Specifies the index of the first result. First item is number 1.
	StartIndex int64 `json:"-" url:"startIndex,omitempty"`

	ForceSendFields []string `json:"-"`
}

List users

func (ListAccountUsersRequest) MarshalJSON added in v0.23.0 

func (s ListAccountUsersRequest) MarshalJSON() ([]byte, error)

func (*ListAccountUsersRequest) UnmarshalJSON added in v0.23.0 

func (s *ListAccountUsersRequest) UnmarshalJSON(b []byte) error

type ListGroupsRequest 

type ListGroupsRequest struct {
	// Comma-separated list of attributes to return in response.
	Attributes string `json:"-" url:"attributes,omitempty"`
	// Desired number of results per page.
	Count int64 `json:"-" url:"count,omitempty"`
	// Comma-separated list of attributes to exclude in response.
	ExcludedAttributes string `json:"-" url:"excludedAttributes,omitempty"`
	// Query by which the results have to be filtered. Supported operators are
	// equals(`eq`), contains(`co`), starts with(`sw`) and not equals(`ne`).
	// Additionally, simple expressions can be formed using logical operators -
	// `and` and `or`. The [SCIM RFC] has more details but we currently only
	// support simple expressions.
	//
	// [SCIM RFC]: https://tools.ietf.org/html/rfc7644#section-3.4.2.2
	Filter string `json:"-" url:"filter,omitempty"`
	// Attribute to sort the results.
	SortBy string `json:"-" url:"sortBy,omitempty"`
	// The order to sort the results.
	SortOrder ListSortOrder `json:"-" url:"sortOrder,omitempty"`
	// Specifies the index of the first result. First item is number 1.
	StartIndex int64 `json:"-" url:"startIndex,omitempty"`

	ForceSendFields []string `json:"-"`
}

List group details

func (ListGroupsRequest) MarshalJSON added in v0.23.0 

func (s ListGroupsRequest) MarshalJSON() ([]byte, error)

func (*ListGroupsRequest) UnmarshalJSON added in v0.23.0 

func (s *ListGroupsRequest) UnmarshalJSON(b []byte) error

type ListGroupsResponse 

type ListGroupsResponse struct {
	// Total results returned in the response.
	ItemsPerPage int64 `json:"itemsPerPage,omitempty"`
	// User objects returned in the response.
	Resources []Group `json:"Resources,omitempty"`
	// The schema of the service principal.
	Schemas []ListResponseSchema `json:"schemas,omitempty"`
	// Starting index of all the results that matched the request filters. First
	// item is number 1.
	StartIndex int64 `json:"startIndex,omitempty"`
	// Total results that match the request filters.
	TotalResults int64 `json:"totalResults,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (ListGroupsResponse) MarshalJSON added in v0.23.0 

func (s ListGroupsResponse) MarshalJSON() ([]byte, error)

func (*ListGroupsResponse) UnmarshalJSON added in v0.23.0 

func (s *ListGroupsResponse) UnmarshalJSON(b []byte) error

type ListResponseSchema added in v0.24.0 

type ListResponseSchema string
const ListResponseSchemaUrnIetfParamsScimApiMessages20ListResponse ListResponseSchema = `urn:ietf:params:scim:api:messages:2.0:ListResponse`

func (*ListResponseSchema) Set added in v0.24.0 

func (f *ListResponseSchema) Set(v string) error

Set raw string value and validate it against allowed values

func (*ListResponseSchema) String added in v0.24.0 

func (f *ListResponseSchema) String() string

String representation for fmt.Print

func (*ListResponseSchema) Type added in v0.24.0 

func (f *ListResponseSchema) Type() string

Type always returns ListResponseSchema to satisfy [pflag.Value] interface

type ListServicePrincipalResponse 

type ListServicePrincipalResponse struct {
	// Total results returned in the response.
	ItemsPerPage int64 `json:"itemsPerPage,omitempty"`
	// User objects returned in the response.
	Resources []ServicePrincipal `json:"Resources,omitempty"`
	// The schema of the List response.
	Schemas []ListResponseSchema `json:"schemas,omitempty"`
	// Starting index of all the results that matched the request filters. First
	// item is number 1.
	StartIndex int64 `json:"startIndex,omitempty"`
	// Total results that match the request filters.
	TotalResults int64 `json:"totalResults,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (ListServicePrincipalResponse) MarshalJSON added in v0.23.0 

func (s ListServicePrincipalResponse) MarshalJSON() ([]byte, error)

func (*ListServicePrincipalResponse) UnmarshalJSON added in v0.23.0 

func (s *ListServicePrincipalResponse) UnmarshalJSON(b []byte) error

type ListServicePrincipalsRequest 

type ListServicePrincipalsRequest struct {
	// Comma-separated list of attributes to return in response.
	Attributes string `json:"-" url:"attributes,omitempty"`
	// Desired number of results per page.
	Count int64 `json:"-" url:"count,omitempty"`
	// Comma-separated list of attributes to exclude in response.
	ExcludedAttributes string `json:"-" url:"excludedAttributes,omitempty"`
	// Query by which the results have to be filtered. Supported operators are
	// equals(`eq`), contains(`co`), starts with(`sw`) and not equals(`ne`).
	// Additionally, simple expressions can be formed using logical operators -
	// `and` and `or`. The [SCIM RFC] has more details but we currently only
	// support simple expressions.
	//
	// [SCIM RFC]: https://tools.ietf.org/html/rfc7644#section-3.4.2.2
	Filter string `json:"-" url:"filter,omitempty"`
	// Attribute to sort the results.
	SortBy string `json:"-" url:"sortBy,omitempty"`
	// The order to sort the results.
	SortOrder ListSortOrder `json:"-" url:"sortOrder,omitempty"`
	// Specifies the index of the first result. First item is number 1.
	StartIndex int64 `json:"-" url:"startIndex,omitempty"`

	ForceSendFields []string `json:"-"`
}

List service principals

func (ListServicePrincipalsRequest) MarshalJSON added in v0.23.0 

func (s ListServicePrincipalsRequest) MarshalJSON() ([]byte, error)

func (*ListServicePrincipalsRequest) UnmarshalJSON added in v0.23.0 

func (s *ListServicePrincipalsRequest) UnmarshalJSON(b []byte) error

type ListSortOrder 

type ListSortOrder string
const ListSortOrderAscending ListSortOrder = `ascending`
const ListSortOrderDescending ListSortOrder = `descending`

func (*ListSortOrder) Set 

func (f *ListSortOrder) Set(v string) error

Set raw string value and validate it against allowed values

func (*ListSortOrder) String 

func (f *ListSortOrder) String() string

String representation for fmt.Print

func (*ListSortOrder) Type 

func (f *ListSortOrder) Type() string

Type always returns ListSortOrder to satisfy [pflag.Value] interface

type ListUsersRequest 

type ListUsersRequest struct {
	// Comma-separated list of attributes to return in response.
	Attributes string `json:"-" url:"attributes,omitempty"`
	// Desired number of results per page.
	Count int64 `json:"-" url:"count,omitempty"`
	// Comma-separated list of attributes to exclude in response.
	ExcludedAttributes string `json:"-" url:"excludedAttributes,omitempty"`
	// Query by which the results have to be filtered. Supported operators are
	// equals(`eq`), contains(`co`), starts with(`sw`) and not equals(`ne`).
	// Additionally, simple expressions can be formed using logical operators -
	// `and` and `or`. The [SCIM RFC] has more details but we currently only
	// support simple expressions.
	//
	// [SCIM RFC]: https://tools.ietf.org/html/rfc7644#section-3.4.2.2
	Filter string `json:"-" url:"filter,omitempty"`
	// Attribute to sort the results. Multi-part paths are supported. For
	// example, `userName`, `name.givenName`, and `emails`.
	SortBy string `json:"-" url:"sortBy,omitempty"`
	// The order to sort the results.
	SortOrder ListSortOrder `json:"-" url:"sortOrder,omitempty"`
	// Specifies the index of the first result. First item is number 1.
	StartIndex int64 `json:"-" url:"startIndex,omitempty"`

	ForceSendFields []string `json:"-"`
}

List users

func (ListUsersRequest) MarshalJSON added in v0.23.0 

func (s ListUsersRequest) MarshalJSON() ([]byte, error)

func (*ListUsersRequest) UnmarshalJSON added in v0.23.0 

func (s *ListUsersRequest) UnmarshalJSON(b []byte) error

type ListUsersResponse 

type ListUsersResponse struct {
	// Total results returned in the response.
	ItemsPerPage int64 `json:"itemsPerPage,omitempty"`
	// User objects returned in the response.
	Resources []User `json:"Resources,omitempty"`
	// The schema of the List response.
	Schemas []ListResponseSchema `json:"schemas,omitempty"`
	// Starting index of all the results that matched the request filters. First
	// item is number 1.
	StartIndex int64 `json:"startIndex,omitempty"`
	// Total results that match the request filters.
	TotalResults int64 `json:"totalResults,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (ListUsersResponse) MarshalJSON added in v0.23.0 

func (s ListUsersResponse) MarshalJSON() ([]byte, error)

func (*ListUsersResponse) UnmarshalJSON added in v0.23.0 

func (s *ListUsersResponse) UnmarshalJSON(b []byte) error

type ListWorkspaceAssignmentRequest 

type ListWorkspaceAssignmentRequest struct {
	// The workspace ID for the account.
	WorkspaceId int64 `json:"-" url:"-"`
}

Get permission assignments

type MigratePermissionsRequest added in v0.44.0 

type MigratePermissionsRequest struct {
	// The name of the workspace group that permissions will be migrated from.
	FromWorkspaceGroupName string `json:"from_workspace_group_name"`
	// The maximum number of permissions that will be migrated.
	Size int `json:"size,omitempty"`
	// The name of the account group that permissions will be migrated to.
	ToAccountGroupName string `json:"to_account_group_name"`
	// WorkspaceId of the associated workspace where the permission migration
	// will occur.
	WorkspaceId int64 `json:"workspace_id"`

	ForceSendFields []string `json:"-"`
}

func (MigratePermissionsRequest) MarshalJSON added in v0.44.0 

func (s MigratePermissionsRequest) MarshalJSON() ([]byte, error)

func (*MigratePermissionsRequest) UnmarshalJSON added in v0.44.0 

func (s *MigratePermissionsRequest) UnmarshalJSON(b []byte) error

type MigratePermissionsResponse added in v0.44.0 

type MigratePermissionsResponse struct {
	// Number of permissions migrated.
	PermissionsMigrated int `json:"permissions_migrated,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (MigratePermissionsResponse) MarshalJSON added in v0.44.0 

func (s MigratePermissionsResponse) MarshalJSON() ([]byte, error)

func (*MigratePermissionsResponse) UnmarshalJSON added in v0.44.0 

func (s *MigratePermissionsResponse) UnmarshalJSON(b []byte) error

type Name 

type Name struct {
	// Family name of the Databricks user.
	FamilyName string `json:"familyName,omitempty"`
	// Given name of the Databricks user.
	GivenName string `json:"givenName,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (Name) MarshalJSON added in v0.23.0 

func (s Name) MarshalJSON() ([]byte, error)

func (*Name) UnmarshalJSON added in v0.23.0 

func (s *Name) UnmarshalJSON(b []byte) error

type ObjectPermissions 

type ObjectPermissions struct {
	AccessControlList []AccessControlResponse `json:"access_control_list,omitempty"`

	ObjectId string `json:"object_id,omitempty"`

	ObjectType string `json:"object_type,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (ObjectPermissions) MarshalJSON added in v0.23.0 

func (s ObjectPermissions) MarshalJSON() ([]byte, error)

func (*ObjectPermissions) UnmarshalJSON added in v0.23.0 

func (s *ObjectPermissions) UnmarshalJSON(b []byte) error

type PartialUpdate 

type PartialUpdate struct {
	// Unique ID for a user in the Databricks workspace.
	Id string `json:"-" url:"-"`

	Operations []Patch `json:"Operations,omitempty"`
	// The schema of the patch request. Must be
	// ["urn:ietf:params:scim:api:messages:2.0:PatchOp"].
	Schemas []PatchSchema `json:"schemas,omitempty"`
}

type PasswordAccessControlRequest added in v0.15.0 

type PasswordAccessControlRequest struct {
	// name of the group
	GroupName string `json:"group_name,omitempty"`
	// Permission level
	PermissionLevel PasswordPermissionLevel `json:"permission_level,omitempty"`
	// application ID of a service principal
	ServicePrincipalName string `json:"service_principal_name,omitempty"`
	// name of the user
	UserName string `json:"user_name,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (PasswordAccessControlRequest) MarshalJSON added in v0.23.0 

func (s PasswordAccessControlRequest) MarshalJSON() ([]byte, error)

func (*PasswordAccessControlRequest) UnmarshalJSON added in v0.23.0 

func (s *PasswordAccessControlRequest) UnmarshalJSON(b []byte) error

type PasswordAccessControlResponse added in v0.15.0 

type PasswordAccessControlResponse struct {
	// All permissions.
	AllPermissions []PasswordPermission `json:"all_permissions,omitempty"`
	// Display name of the user or service principal.
	DisplayName string `json:"display_name,omitempty"`
	// name of the group
	GroupName string `json:"group_name,omitempty"`
	// Name of the service principal.
	ServicePrincipalName string `json:"service_principal_name,omitempty"`
	// name of the user
	UserName string `json:"user_name,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (PasswordAccessControlResponse) MarshalJSON added in v0.23.0 

func (s PasswordAccessControlResponse) MarshalJSON() ([]byte, error)

func (*PasswordAccessControlResponse) UnmarshalJSON added in v0.23.0 

func (s *PasswordAccessControlResponse) UnmarshalJSON(b []byte) error

type PasswordPermission added in v0.15.0 

type PasswordPermission struct {
	Inherited bool `json:"inherited,omitempty"`

	InheritedFromObject []string `json:"inherited_from_object,omitempty"`
	// Permission level
	PermissionLevel PasswordPermissionLevel `json:"permission_level,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (PasswordPermission) MarshalJSON added in v0.23.0 

func (s PasswordPermission) MarshalJSON() ([]byte, error)

func (*PasswordPermission) UnmarshalJSON added in v0.23.0 

func (s *PasswordPermission) UnmarshalJSON(b []byte) error

type PasswordPermissionLevel added in v0.15.0 

type PasswordPermissionLevel string

Permission level 

const PasswordPermissionLevelCanUse PasswordPermissionLevel = `CAN_USE`

func (*PasswordPermissionLevel) Set added in v0.15.0 

func (f *PasswordPermissionLevel) Set(v string) error

Set raw string value and validate it against allowed values

func (*PasswordPermissionLevel) String added in v0.15.0 

func (f *PasswordPermissionLevel) String() string

String representation for fmt.Print

func (*PasswordPermissionLevel) Type added in v0.15.0 

func (f *PasswordPermissionLevel) Type() string

Type always returns PasswordPermissionLevel to satisfy [pflag.Value] interface

type PasswordPermissions added in v0.15.0 

type PasswordPermissions struct {
	AccessControlList []PasswordAccessControlResponse `json:"access_control_list,omitempty"`

	ObjectId string `json:"object_id,omitempty"`

	ObjectType string `json:"object_type,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (PasswordPermissions) MarshalJSON added in v0.23.0 

func (s PasswordPermissions) MarshalJSON() ([]byte, error)

func (*PasswordPermissions) UnmarshalJSON added in v0.23.0 

func (s *PasswordPermissions) UnmarshalJSON(b []byte) error

type PasswordPermissionsDescription added in v0.15.0 

type PasswordPermissionsDescription struct {
	Description string `json:"description,omitempty"`
	// Permission level
	PermissionLevel PasswordPermissionLevel `json:"permission_level,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (PasswordPermissionsDescription) MarshalJSON added in v0.23.0 

func (s PasswordPermissionsDescription) MarshalJSON() ([]byte, error)

func (*PasswordPermissionsDescription) UnmarshalJSON added in v0.23.0 

func (s *PasswordPermissionsDescription) UnmarshalJSON(b []byte) error

type PasswordPermissionsRequest added in v0.15.0 

type PasswordPermissionsRequest struct {
	AccessControlList []PasswordAccessControlRequest `json:"access_control_list,omitempty"`
}

type Patch 

type Patch struct {
	// Type of patch operation.
	Op PatchOp `json:"op,omitempty"`
	// Selection of patch operation
	Path string `json:"path,omitempty"`
	// Value to modify
	Value any `json:"value,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (Patch) MarshalJSON added in v0.23.0 

func (s Patch) MarshalJSON() ([]byte, error)

func (*Patch) UnmarshalJSON added in v0.23.0 

func (s *Patch) UnmarshalJSON(b []byte) error

type PatchOp 

type PatchOp string

Type of patch operation. 

const PatchOpAdd PatchOp = `add`
const PatchOpRemove PatchOp = `remove`
const PatchOpReplace PatchOp = `replace`

func (*PatchOp) Set 

func (f *PatchOp) Set(v string) error

Set raw string value and validate it against allowed values

func (*PatchOp) String 

func (f *PatchOp) String() string

String representation for fmt.Print

func (*PatchOp) Type 

func (f *PatchOp) Type() string

Type always returns PatchOp to satisfy [pflag.Value] interface

type PatchResponse added in v0.34.0 

type PatchResponse struct {
}

type PatchSchema added in v0.13.0 

type PatchSchema string
const PatchSchemaUrnIetfParamsScimApiMessages20PatchOp PatchSchema = `urn:ietf:params:scim:api:messages:2.0:PatchOp`

func (*PatchSchema) Set added in v0.13.0 

func (f *PatchSchema) Set(v string) error

Set raw string value and validate it against allowed values

func (*PatchSchema) String added in v0.13.0 

func (f *PatchSchema) String() string

String representation for fmt.Print

func (*PatchSchema) Type added in v0.13.0 

func (f *PatchSchema) Type() string

Type always returns PatchSchema to satisfy [pflag.Value] interface

type Permission 

type Permission struct {
	Inherited bool `json:"inherited,omitempty"`

	InheritedFromObject []string `json:"inherited_from_object,omitempty"`
	// Permission level
	PermissionLevel PermissionLevel `json:"permission_level,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (Permission) MarshalJSON added in v0.23.0 

func (s Permission) MarshalJSON() ([]byte, error)

func (*Permission) UnmarshalJSON added in v0.23.0 

func (s *Permission) UnmarshalJSON(b []byte) error

type PermissionAssignment 

type PermissionAssignment struct {
	// Error response associated with a workspace permission assignment, if any.
	Error string `json:"error,omitempty"`
	// The permissions level of the principal.
	Permissions []WorkspacePermission `json:"permissions,omitempty"`
	// Information about the principal assigned to the workspace.
	Principal *PrincipalOutput `json:"principal,omitempty"`

	ForceSendFields []string `json:"-"`
}

The output format for existing workspace PermissionAssignment records, which contains some info for user consumption.

func (PermissionAssignment) MarshalJSON added in v0.23.0 

func (s PermissionAssignment) MarshalJSON() ([]byte, error)

func (*PermissionAssignment) UnmarshalJSON added in v0.23.0 

func (s *PermissionAssignment) UnmarshalJSON(b []byte) error

type PermissionAssignments 

type PermissionAssignments struct {
	// Array of permissions assignments defined for a workspace.
	PermissionAssignments []PermissionAssignment `json:"permission_assignments,omitempty"`
}

type PermissionLevel 

type PermissionLevel string

Permission level 

const PermissionLevelCanAttachTo PermissionLevel = `CAN_ATTACH_TO`
const PermissionLevelCanBind PermissionLevel = `CAN_BIND`
const PermissionLevelCanEdit PermissionLevel = `CAN_EDIT`
const PermissionLevelCanEditMetadata PermissionLevel = `CAN_EDIT_METADATA`
const PermissionLevelCanManage PermissionLevel = `CAN_MANAGE`
const PermissionLevelCanManageProductionVersions PermissionLevel = `CAN_MANAGE_PRODUCTION_VERSIONS`
const PermissionLevelCanManageRun PermissionLevel = `CAN_MANAGE_RUN`
const PermissionLevelCanManageStagingVersions PermissionLevel = `CAN_MANAGE_STAGING_VERSIONS`
const PermissionLevelCanMonitor PermissionLevel = `CAN_MONITOR`
const PermissionLevelCanQuery PermissionLevel = `CAN_QUERY`
const PermissionLevelCanRead PermissionLevel = `CAN_READ`
const PermissionLevelCanRestart PermissionLevel = `CAN_RESTART`
const PermissionLevelCanRun PermissionLevel = `CAN_RUN`
const PermissionLevelCanUse PermissionLevel = `CAN_USE`
const PermissionLevelCanView PermissionLevel = `CAN_VIEW`
const PermissionLevelCanViewMetadata PermissionLevel = `CAN_VIEW_METADATA`
const PermissionLevelIsOwner PermissionLevel = `IS_OWNER`

func (*PermissionLevel) Set 

func (f *PermissionLevel) Set(v string) error

Set raw string value and validate it against allowed values

func (*PermissionLevel) String 

func (f *PermissionLevel) String() string

String representation for fmt.Print

func (*PermissionLevel) Type 

func (f *PermissionLevel) Type() string

Type always returns PermissionLevel to satisfy [pflag.Value] interface

type PermissionMigrationAPI added in v0.34.0 

type PermissionMigrationAPI struct {
	// contains filtered or unexported fields
}

APIs for migrating acl permissions, used only by the ucx tool: https://github.com/databrickslabs/ucx

func NewPermissionMigration added in v0.34.0 

func NewPermissionMigration(client *client.DatabricksClient) *PermissionMigrationAPI

func (*PermissionMigrationAPI) MigratePermissions added in v0.34.0 

func (a *PermissionMigrationAPI) MigratePermissions(ctx context.Context, request MigratePermissionsRequest) (*MigratePermissionsResponse, error)

type PermissionMigrationInterface added in v0.34.0 

type PermissionMigrationInterface interface {

	// Migrate Permissions.
	MigratePermissions(ctx context.Context, request MigratePermissionsRequest) (*MigratePermissionsResponse, error)
}

type PermissionMigrationService added in v0.34.0 

type PermissionMigrationService interface {

	// Migrate Permissions.
	MigratePermissions(ctx context.Context, request MigratePermissionsRequest) (*MigratePermissionsResponse, error)
}

APIs for migrating acl permissions, used only by the ucx tool: https://github.com/databrickslabs/ucx

type PermissionOutput 

type PermissionOutput struct {
	// The results of a permissions query.
	Description string `json:"description,omitempty"`

	PermissionLevel WorkspacePermission `json:"permission_level,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (PermissionOutput) MarshalJSON added in v0.23.0 

func (s PermissionOutput) MarshalJSON() ([]byte, error)

func (*PermissionOutput) UnmarshalJSON added in v0.23.0 

func (s *PermissionOutput) UnmarshalJSON(b []byte) error

type PermissionsAPI 

type PermissionsAPI struct {
	// contains filtered or unexported fields
}

Permissions API are used to create read, write, edit, update and manage access for various users on different objects and endpoints.

* **[Apps permissions](:service:apps)** — Manage which users can manage or use apps.

* **[Cluster permissions](:service:clusters)** — Manage which users can manage, restart, or attach to clusters.

* **[Cluster policy permissions](:service:clusterpolicies)** — Manage which users can use cluster policies.

* **[Delta Live Tables pipeline permissions](:service:pipelines)** — Manage which users can view, manage, run, cancel, or own a Delta Live Tables pipeline.

* **[Job permissions](:service:jobs)** — Manage which users can view, manage, trigger, cancel, or own a job.

* **[MLflow experiment permissions](:service:experiments)** — Manage which users can read, edit, or manage MLflow experiments.

* **[MLflow registered model permissions](:service:modelregistry)** — Manage which users can read, edit, or manage MLflow registered models.

* **[Password permissions](:service:users)** — Manage which users can use password login when SSO is enabled.

* **[Instance Pool permissions](:service:instancepools)** — Manage which users can manage or attach to pools.

* **[Repo permissions](repos)** — Manage which users can read, run, edit, or manage a repo.

* **[Serving endpoint permissions](:service:servingendpoints)** — Manage which users can view, query, or manage a serving endpoint.

* **[SQL warehouse permissions](:service:warehouses)** — Manage which users can use or manage SQL warehouses.

* **[Token permissions](:service:tokenmanagement)** — Manage which users can create or use tokens.

* **[Workspace object permissions](:service:workspace)** — Manage which users can read, run, edit, or manage alerts, dbsql-dashboards, directories, files, notebooks and queries.

For the mapping of the required permissions for specific actions or abilities and other important information, see Access Control.

Note that to manage access control on service principals, use **[Account Access Control Proxy](:service:accountaccesscontrolproxy)**.

func NewPermissions 

func NewPermissions(client *client.DatabricksClient) *PermissionsAPI

func (*PermissionsAPI) Get 

func (a *PermissionsAPI) Get(ctx context.Context, request GetPermissionRequest) (*ObjectPermissions, error)
Example (GenericPermissions) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

notebookPath := func() string {
	me, err := w.CurrentUser.Me(ctx)
	if err != nil {
		panic(err)
	}
	return filepath.Join("/Users", me.UserName, fmt.Sprintf("sdk-%x", time.Now().UnixNano()))
}()

obj, err := w.Workspace.GetStatusByPath(ctx, notebookPath)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", obj)

_, err = w.Permissions.Get(ctx, iam.GetPermissionRequest{
	RequestObjectType: "notebooks",
	RequestObjectId:   fmt.Sprintf("%d", obj.ObjectId),
})
if err != nil {
	panic(err)
}

Output:

func (*PermissionsAPI) GetByRequestObjectTypeAndRequestObjectId 

func (a *PermissionsAPI) GetByRequestObjectTypeAndRequestObjectId(ctx context.Context, requestObjectType string, requestObjectId string) (*ObjectPermissions, error)

Get object permissions.

Gets the permissions of an object. Objects can inherit permissions from their parent objects or root object.

func (*PermissionsAPI) GetPermissionLevels 

func (a *PermissionsAPI) GetPermissionLevels(ctx context.Context, request GetPermissionLevelsRequest) (*GetPermissionLevelsResponse, error)
Example (GenericPermissions) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

notebookPath := func() string {
	me, err := w.CurrentUser.Me(ctx)
	if err != nil {
		panic(err)
	}
	return filepath.Join("/Users", me.UserName, fmt.Sprintf("sdk-%x", time.Now().UnixNano()))
}()

obj, err := w.Workspace.GetStatusByPath(ctx, notebookPath)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", obj)

levels, err := w.Permissions.GetPermissionLevels(ctx, iam.GetPermissionLevelsRequest{
	RequestObjectType: "notebooks",
	RequestObjectId:   fmt.Sprintf("%d", obj.ObjectId),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", levels)

Output:

func (*PermissionsAPI) GetPermissionLevelsByRequestObjectTypeAndRequestObjectId 

func (a *PermissionsAPI) GetPermissionLevelsByRequestObjectTypeAndRequestObjectId(ctx context.Context, requestObjectType string, requestObjectId string) (*GetPermissionLevelsResponse, error)

Get object permission levels.

Gets the permission levels that a user can have on an object.

func (*PermissionsAPI) Set 

func (a *PermissionsAPI) Set(ctx context.Context, request PermissionsRequest) (*ObjectPermissions, error)
Example (GenericPermissions) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

notebookPath := func() string {
	me, err := w.CurrentUser.Me(ctx)
	if err != nil {
		panic(err)
	}
	return filepath.Join("/Users", me.UserName, fmt.Sprintf("sdk-%x", time.Now().UnixNano()))
}()

group, err := w.Groups.Create(ctx, iam.Group{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", group)

obj, err := w.Workspace.GetStatusByPath(ctx, notebookPath)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", obj)

_, err = w.Permissions.Set(ctx, iam.PermissionsRequest{
	RequestObjectType: "notebooks",
	RequestObjectId:   fmt.Sprintf("%d", obj.ObjectId),
	AccessControlList: []iam.AccessControlRequest{iam.AccessControlRequest{
		GroupName:       group.DisplayName,
		PermissionLevel: iam.PermissionLevelCanRun,
	}},
})
if err != nil {
	panic(err)
}

// cleanup

err = w.Groups.DeleteById(ctx, group.Id)
if err != nil {
	panic(err)
}

Output:

func (*PermissionsAPI) Update 

func (a *PermissionsAPI) Update(ctx context.Context, request PermissionsRequest) (*ObjectPermissions, error)

type PermissionsDescription 

type PermissionsDescription struct {
	Description string `json:"description,omitempty"`
	// Permission level
	PermissionLevel PermissionLevel `json:"permission_level,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (PermissionsDescription) MarshalJSON added in v0.23.0 

func (s PermissionsDescription) MarshalJSON() ([]byte, error)

func (*PermissionsDescription) UnmarshalJSON added in v0.23.0 

func (s *PermissionsDescription) UnmarshalJSON(b []byte) error

type PermissionsInterface added in v0.29.0 

type PermissionsInterface interface {

	// Get object permissions.
	//
	// Gets the permissions of an object. Objects can inherit permissions from their
	// parent objects or root object.
	Get(ctx context.Context, request GetPermissionRequest) (*ObjectPermissions, error)

	// Get object permissions.
	//
	// Gets the permissions of an object. Objects can inherit permissions from their
	// parent objects or root object.
	GetByRequestObjectTypeAndRequestObjectId(ctx context.Context, requestObjectType string, requestObjectId string) (*ObjectPermissions, error)

	// Get object permission levels.
	//
	// Gets the permission levels that a user can have on an object.
	GetPermissionLevels(ctx context.Context, request GetPermissionLevelsRequest) (*GetPermissionLevelsResponse, error)

	// Get object permission levels.
	//
	// Gets the permission levels that a user can have on an object.
	GetPermissionLevelsByRequestObjectTypeAndRequestObjectId(ctx context.Context, requestObjectType string, requestObjectId string) (*GetPermissionLevelsResponse, error)

	// Set object permissions.
	//
	// Sets permissions on an object, replacing existing permissions if they exist.
	// Deletes all direct permissions if none are specified. Objects can inherit
	// permissions from their parent objects or root object.
	Set(ctx context.Context, request PermissionsRequest) (*ObjectPermissions, error)

	// Update object permissions.
	//
	// Updates the permissions on an object. Objects can inherit permissions from
	// their parent objects or root object.
	Update(ctx context.Context, request PermissionsRequest) (*ObjectPermissions, error)
}

type PermissionsRequest 

type PermissionsRequest struct {
	AccessControlList []AccessControlRequest `json:"access_control_list,omitempty"`
	// The id of the request object.
	RequestObjectId string `json:"-" url:"-"`
	// The type of the request object. Can be one of the following: alerts,
	// authorization, clusters, cluster-policies, dashboards, dbsql-dashboards,
	// directories, experiments, files, instance-pools, jobs, notebooks,
	// pipelines, queries, registered-models, repos, serving-endpoints, or
	// warehouses.
	RequestObjectType string `json:"-" url:"-"`
}

type PermissionsService 

type PermissionsService interface {

	// Get object permissions.
	//
	// Gets the permissions of an object. Objects can inherit permissions from
	// their parent objects or root object.
	Get(ctx context.Context, request GetPermissionRequest) (*ObjectPermissions, error)

	// Get object permission levels.
	//
	// Gets the permission levels that a user can have on an object.
	GetPermissionLevels(ctx context.Context, request GetPermissionLevelsRequest) (*GetPermissionLevelsResponse, error)

	// Set object permissions.
	//
	// Sets permissions on an object, replacing existing permissions if they
	// exist. Deletes all direct permissions if none are specified. Objects can
	// inherit permissions from their parent objects or root object.
	Set(ctx context.Context, request PermissionsRequest) (*ObjectPermissions, error)

	// Update object permissions.
	//
	// Updates the permissions on an object. Objects can inherit permissions
	// from their parent objects or root object.
	Update(ctx context.Context, request PermissionsRequest) (*ObjectPermissions, error)
}

Permissions API are used to create read, write, edit, update and manage access for various users on different objects and endpoints.

* **[Apps permissions](:service:apps)** — Manage which users can manage or use apps.

* **[Cluster permissions](:service:clusters)** — Manage which users can manage, restart, or attach to clusters.

* **[Cluster policy permissions](:service:clusterpolicies)** — Manage which users can use cluster policies.

* **[Delta Live Tables pipeline permissions](:service:pipelines)** — Manage which users can view, manage, run, cancel, or own a Delta Live Tables pipeline.

* **[Job permissions](:service:jobs)** — Manage which users can view, manage, trigger, cancel, or own a job.

* **[MLflow experiment permissions](:service:experiments)** — Manage which users can read, edit, or manage MLflow experiments.

* **[MLflow registered model permissions](:service:modelregistry)** — Manage which users can read, edit, or manage MLflow registered models.

* **[Password permissions](:service:users)** — Manage which users can use password login when SSO is enabled.

* **[Instance Pool permissions](:service:instancepools)** — Manage which users can manage or attach to pools.

* **[Repo permissions](repos)** — Manage which users can read, run, edit, or manage a repo.

* **[Serving endpoint permissions](:service:servingendpoints)** — Manage which users can view, query, or manage a serving endpoint.

* **[SQL warehouse permissions](:service:warehouses)** — Manage which users can use or manage SQL warehouses.

* **[Token permissions](:service:tokenmanagement)** — Manage which users can create or use tokens.

* **[Workspace object permissions](:service:workspace)** — Manage which users can read, run, edit, or manage alerts, dbsql-dashboards, directories, files, notebooks and queries.

For the mapping of the required permissions for specific actions or abilities and other important information, see Access Control.

Note that to manage access control on service principals, use **[Account Access Control Proxy](:service:accountaccesscontrolproxy)**.

type PrincipalOutput 

type PrincipalOutput struct {
	// The display name of the principal.
	DisplayName string `json:"display_name,omitempty"`
	// The group name of the group. Present only if the principal is a group.
	GroupName string `json:"group_name,omitempty"`
	// The unique, opaque id of the principal.
	PrincipalId int64 `json:"principal_id,omitempty"`
	// The name of the service principal. Present only if the principal is a
	// service principal.
	ServicePrincipalName string `json:"service_principal_name,omitempty"`
	// The username of the user. Present only if the principal is a user.
	UserName string `json:"user_name,omitempty"`

	ForceSendFields []string `json:"-"`
}

Information about the principal assigned to the workspace.

func (PrincipalOutput) MarshalJSON added in v0.23.0 

func (s PrincipalOutput) MarshalJSON() ([]byte, error)

func (*PrincipalOutput) UnmarshalJSON added in v0.23.0 

func (s *PrincipalOutput) UnmarshalJSON(b []byte) error

type RequestAuthzIdentity added in v0.56.0 

type RequestAuthzIdentity string

Defines the identity to be used for authZ of the request on the server side. See one pager for for more information: http://go/acl/service-identity 

const RequestAuthzIdentityRequestAuthzIdentityServiceIdentity RequestAuthzIdentity = `REQUEST_AUTHZ_IDENTITY_SERVICE_IDENTITY`
const RequestAuthzIdentityRequestAuthzIdentityUserContext RequestAuthzIdentity = `REQUEST_AUTHZ_IDENTITY_USER_CONTEXT`

func (*RequestAuthzIdentity) Set added in v0.56.0 

func (f *RequestAuthzIdentity) Set(v string) error

Set raw string value and validate it against allowed values

func (*RequestAuthzIdentity) String added in v0.56.0 

func (f *RequestAuthzIdentity) String() string

String representation for fmt.Print

func (*RequestAuthzIdentity) Type added in v0.56.0 

func (f *RequestAuthzIdentity) Type() string

Type always returns RequestAuthzIdentity to satisfy [pflag.Value] interface

type ResourceInfo added in v0.56.0 

type ResourceInfo struct {
	// Id of the current resource.
	Id string `json:"id" url:"id"`
	// The legacy acl path of the current resource.
	LegacyAclPath string `json:"legacy_acl_path,omitempty" url:"legacy_acl_path,omitempty"`
	// Parent resource info for the current resource. The parent may have
	// another parent.
	ParentResourceInfo *ResourceInfo `json:"parent_resource_info,omitempty" url:"parent_resource_info,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (ResourceInfo) MarshalJSON added in v0.56.0 

func (s ResourceInfo) MarshalJSON() ([]byte, error)

func (*ResourceInfo) UnmarshalJSON added in v0.56.0 

func (s *ResourceInfo) UnmarshalJSON(b []byte) error

type ResourceMeta added in v0.12.0 

type ResourceMeta struct {
	// Identifier for group type. Can be local workspace group
	// (`WorkspaceGroup`) or account group (`Group`).
	ResourceType string `json:"resourceType,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (ResourceMeta) MarshalJSON added in v0.23.0 

func (s ResourceMeta) MarshalJSON() ([]byte, error)

func (*ResourceMeta) UnmarshalJSON added in v0.23.0 

func (s *ResourceMeta) UnmarshalJSON(b []byte) error

type Role added in v0.15.0 

type Role struct {
	// Role to assign to a principal or a list of principals on a resource.
	Name string `json:"name"`
}

type RuleSetResponse added in v0.10.0 

type RuleSetResponse struct {
	// Identifies the version of the rule set returned.
	Etag string `json:"etag,omitempty"`

	GrantRules []GrantRule `json:"grant_rules,omitempty"`
	// Name of the rule set.
	Name string `json:"name,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (RuleSetResponse) MarshalJSON added in v0.23.0 

func (s RuleSetResponse) MarshalJSON() ([]byte, error)

func (*RuleSetResponse) UnmarshalJSON added in v0.23.0 

func (s *RuleSetResponse) UnmarshalJSON(b []byte) error

type RuleSetUpdateRequest added in v0.10.0 

type RuleSetUpdateRequest struct {
	// The expected etag of the rule set to update. The update will fail if the
	// value does not match the value that is stored in account access control
	// service.
	Etag string `json:"etag"`

	GrantRules []GrantRule `json:"grant_rules,omitempty"`
	// Name of the rule set.
	Name string `json:"name"`
}

type ServicePrincipal 

type ServicePrincipal struct {
	// If this user is active
	Active bool `json:"active,omitempty"`
	// UUID relating to the service principal
	ApplicationId string `json:"applicationId,omitempty"`
	// String that represents a concatenation of given and family names.
	DisplayName string `json:"displayName,omitempty"`
	// Entitlements assigned to the service principal. See [assigning
	// entitlements] for a full list of supported values.
	//
	// [assigning entitlements]: https://docs.databricks.com/administration-guide/users-groups/index.html#assigning-entitlements
	Entitlements []ComplexValue `json:"entitlements,omitempty"`

	ExternalId string `json:"externalId,omitempty"`

	Groups []ComplexValue `json:"groups,omitempty"`
	// Databricks service principal ID.
	Id string `json:"id,omitempty" url:"-"`
	// Corresponds to AWS instance profile/arn role.
	Roles []ComplexValue `json:"roles,omitempty"`
	// The schema of the List response.
	Schemas []ServicePrincipalSchema `json:"schemas,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (ServicePrincipal) MarshalJSON added in v0.23.0 

func (s ServicePrincipal) MarshalJSON() ([]byte, error)

func (*ServicePrincipal) UnmarshalJSON added in v0.23.0 

func (s *ServicePrincipal) UnmarshalJSON(b []byte) error

type ServicePrincipalSchema added in v0.24.0 

type ServicePrincipalSchema string
const ServicePrincipalSchemaUrnIetfParamsScimSchemasCore20ServicePrincipal ServicePrincipalSchema = `urn:ietf:params:scim:schemas:core:2.0:ServicePrincipal`

func (*ServicePrincipalSchema) Set added in v0.24.0 

func (f *ServicePrincipalSchema) Set(v string) error

Set raw string value and validate it against allowed values

func (*ServicePrincipalSchema) String added in v0.24.0 

func (f *ServicePrincipalSchema) String() string

String representation for fmt.Print

func (*ServicePrincipalSchema) Type added in v0.24.0 

func (f *ServicePrincipalSchema) Type() string

Type always returns ServicePrincipalSchema to satisfy [pflag.Value] interface

type ServicePrincipalsAPI 

type ServicePrincipalsAPI struct {
	// contains filtered or unexported fields
}

Identities for use with jobs, automated tools, and systems such as scripts, apps, and CI/CD platforms. Databricks recommends creating service principals to run production jobs or modify production data. If all processes that act on production data run with service principals, interactive users do not need any write, delete, or modify privileges in production. This eliminates the risk of a user overwriting production data by accident.

func NewServicePrincipals 

func NewServicePrincipals(client *client.DatabricksClient) *ServicePrincipalsAPI

func (*ServicePrincipalsAPI) Create 

func (a *ServicePrincipalsAPI) Create(ctx context.Context, request ServicePrincipal) (*ServicePrincipal, error)
Example (AccountServicePrincipal) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

spCreate, err := a.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	Active:      true,
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", spCreate)

// cleanup

err = a.ServicePrincipals.Delete(ctx, iam.DeleteAccountServicePrincipalRequest{
	Id: spCreate.Id,
})
if err != nil {
	panic(err)
}

Output:
Example (CreateOboTokenOnAws) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

groups, err := w.Groups.GroupDisplayNameToIdMap(ctx, iam.ListGroupsRequest{})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", groups)

spn, err := w.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	Groups: []iam.ComplexValue{iam.ComplexValue{
		Value: groups["admins"],
	}},
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", spn)

// cleanup

err = w.ServicePrincipals.DeleteById(ctx, spn.Id)
if err != nil {
	panic(err)
}

Output:
Example (ServicePrincipalsOnAws) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

created, err := w.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", created)

// cleanup

err = w.ServicePrincipals.DeleteById(ctx, created.Id)
if err != nil {
	panic(err)
}

Output:
Example (WorkspaceAssignmentOnAws) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

spn, err := a.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", spn)

Output:

func (*ServicePrincipalsAPI) Delete 

func (a *ServicePrincipalsAPI) Delete(ctx context.Context, request DeleteServicePrincipalRequest) error

func (*ServicePrincipalsAPI) DeleteById 

func (a *ServicePrincipalsAPI) DeleteById(ctx context.Context, id string) error

Delete a service principal.

Delete a single service principal in the Databricks workspace.

func (*ServicePrincipalsAPI) Get 

func (a *ServicePrincipalsAPI) Get(ctx context.Context, request GetServicePrincipalRequest) (*ServicePrincipal, error)
Example (AccountServicePrincipal) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

spCreate, err := a.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	Active:      true,
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", spCreate)

sp, err := a.ServicePrincipals.GetById(ctx, spCreate.Id)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", sp)

// cleanup

err = a.ServicePrincipals.Delete(ctx, iam.DeleteAccountServicePrincipalRequest{
	Id: spCreate.Id,
})
if err != nil {
	panic(err)
}

Output:
Example (ServicePrincipalsOnAws) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

created, err := w.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", created)

byId, err := w.ServicePrincipals.GetById(ctx, created.Id)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", byId)

// cleanup

err = w.ServicePrincipals.DeleteById(ctx, created.Id)
if err != nil {
	panic(err)
}

Output:

func (*ServicePrincipalsAPI) GetByDisplayName 

func (a *ServicePrincipalsAPI) GetByDisplayName(ctx context.Context, name string) (*ServicePrincipal, error)

GetByDisplayName calls ServicePrincipalsAPI.ServicePrincipalDisplayNameToIdMap and returns a single ServicePrincipal.

Returns an error if there's more than one ServicePrincipal with the same .DisplayName.

Note: All ServicePrincipal instances are loaded into memory before returning matching by name.

This method is generated by Databricks SDK Code Generator.

func (*ServicePrincipalsAPI) GetById 

func (a *ServicePrincipalsAPI) GetById(ctx context.Context, id string) (*ServicePrincipal, error)

Get service principal details.

Gets the details for a single service principal define in the Databricks workspace.

func (*ServicePrincipalsAPI) List added in v0.24.0 

func (a *ServicePrincipalsAPI) List(ctx context.Context, request ListServicePrincipalsRequest) listing.Iterator[ServicePrincipal]

List service principals.

Gets the set of service principals associated with a Databricks workspace.

This method is generated by Databricks SDK Code Generator.

func (*ServicePrincipalsAPI) ListAll 

func (a *ServicePrincipalsAPI) ListAll(ctx context.Context, request ListServicePrincipalsRequest) ([]ServicePrincipal, error)

List service principals.

Gets the set of service principals associated with a Databricks workspace.

This method is generated by Databricks SDK Code Generator.

Example (AccountServicePrincipal) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

spCreate, err := a.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	Active:      true,
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", spCreate)

sp, err := a.ServicePrincipals.GetById(ctx, spCreate.Id)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", sp)

spList, err := a.ServicePrincipals.ListAll(ctx, iam.ListAccountServicePrincipalsRequest{
	Filter: fmt.Sprintf("displayName eq %v", sp.DisplayName),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", spList)

// cleanup

err = a.ServicePrincipals.Delete(ctx, iam.DeleteAccountServicePrincipalRequest{
	Id: spCreate.Id,
})
if err != nil {
	panic(err)
}

Output:
Example (ServicePrincipalsOnAws) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

all, err := w.ServicePrincipals.ListAll(ctx, iam.ListServicePrincipalsRequest{})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", all)

Output:

func (*ServicePrincipalsAPI) Patch 

func (a *ServicePrincipalsAPI) Patch(ctx context.Context, request PartialUpdate) error
Example (AccountServicePrincipal) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

spCreate, err := a.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	Active:      true,
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", spCreate)

sp, err := a.ServicePrincipals.GetById(ctx, spCreate.Id)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", sp)

err = a.ServicePrincipals.Patch(ctx, iam.PartialUpdate{
	Id: sp.Id,
	Operations: []iam.Patch{iam.Patch{
		Op:    iam.PatchOpReplace,
		Path:  "active",
		Value: "false",
	}},
	Schemas: []iam.PatchSchema{iam.PatchSchemaUrnIetfParamsScimApiMessages20PatchOp},
})
if err != nil {
	panic(err)
}

// cleanup

err = a.ServicePrincipals.Delete(ctx, iam.DeleteAccountServicePrincipalRequest{
	Id: spCreate.Id,
})
if err != nil {
	panic(err)
}

Output:
Example (ServicePrincipalsOnAws) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

created, err := w.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", created)

byId, err := w.ServicePrincipals.GetById(ctx, created.Id)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", byId)

err = w.ServicePrincipals.Patch(ctx, iam.PartialUpdate{
	Id: byId.Id,
	Operations: []iam.Patch{iam.Patch{
		Op:    iam.PatchOpReplace,
		Path:  "active",
		Value: "false",
	}},
	Schemas: []iam.PatchSchema{iam.PatchSchemaUrnIetfParamsScimApiMessages20PatchOp},
})
if err != nil {
	panic(err)
}

// cleanup

err = w.ServicePrincipals.DeleteById(ctx, created.Id)
if err != nil {
	panic(err)
}

Output:

func (*ServicePrincipalsAPI) ServicePrincipalDisplayNameToIdMap 

func (a *ServicePrincipalsAPI) ServicePrincipalDisplayNameToIdMap(ctx context.Context, request ListServicePrincipalsRequest) (map[string]string, error)

ServicePrincipalDisplayNameToIdMap calls ServicePrincipalsAPI.ListAll and creates a map of results with ServicePrincipal.DisplayName as key and ServicePrincipal.Id as value.

Returns an error if there's more than one ServicePrincipal with the same .DisplayName.

Note: All ServicePrincipal instances are loaded into memory before creating a map.

This method is generated by Databricks SDK Code Generator.

func (*ServicePrincipalsAPI) Update 

func (a *ServicePrincipalsAPI) Update(ctx context.Context, request ServicePrincipal) error
Example (AccountServicePrincipal) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

spCreate, err := a.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	Active:      true,
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", spCreate)

sp, err := a.ServicePrincipals.GetById(ctx, spCreate.Id)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", sp)

err = a.ServicePrincipals.Update(ctx, iam.ServicePrincipal{
	Active:      true,
	DisplayName: sp.DisplayName,
	Id:          sp.Id,
})
if err != nil {
	panic(err)
}

// cleanup

err = a.ServicePrincipals.Delete(ctx, iam.DeleteAccountServicePrincipalRequest{
	Id: spCreate.Id,
})
if err != nil {
	panic(err)
}

Output:
Example (ServicePrincipalsOnAws) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

created, err := w.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", created)

err = w.ServicePrincipals.Update(ctx, iam.ServicePrincipal{
	Id:          created.Id,
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	Roles: []iam.ComplexValue{iam.ComplexValue{
		Value: "xyz",
	}},
})
if err != nil {
	panic(err)
}

// cleanup

err = w.ServicePrincipals.DeleteById(ctx, created.Id)
if err != nil {
	panic(err)
}

Output:

type ServicePrincipalsInterface added in v0.29.0 

type ServicePrincipalsInterface interface {

	// Create a service principal.
	//
	// Creates a new service principal in the Databricks workspace.
	Create(ctx context.Context, request ServicePrincipal) (*ServicePrincipal, error)

	// Delete a service principal.
	//
	// Delete a single service principal in the Databricks workspace.
	Delete(ctx context.Context, request DeleteServicePrincipalRequest) error

	// Delete a service principal.
	//
	// Delete a single service principal in the Databricks workspace.
	DeleteById(ctx context.Context, id string) error

	// Get service principal details.
	//
	// Gets the details for a single service principal define in the Databricks
	// workspace.
	Get(ctx context.Context, request GetServicePrincipalRequest) (*ServicePrincipal, error)

	// Get service principal details.
	//
	// Gets the details for a single service principal define in the Databricks
	// workspace.
	GetById(ctx context.Context, id string) (*ServicePrincipal, error)

	// List service principals.
	//
	// Gets the set of service principals associated with a Databricks workspace.
	//
	// This method is generated by Databricks SDK Code Generator.
	List(ctx context.Context, request ListServicePrincipalsRequest) listing.Iterator[ServicePrincipal]

	// List service principals.
	//
	// Gets the set of service principals associated with a Databricks workspace.
	//
	// This method is generated by Databricks SDK Code Generator.
	ListAll(ctx context.Context, request ListServicePrincipalsRequest) ([]ServicePrincipal, error)

	// ServicePrincipalDisplayNameToIdMap calls [ServicePrincipalsAPI.ListAll] and creates a map of results with [ServicePrincipal].DisplayName as key and [ServicePrincipal].Id as value.
	//
	// Returns an error if there's more than one [ServicePrincipal] with the same .DisplayName.
	//
	// Note: All [ServicePrincipal] instances are loaded into memory before creating a map.
	//
	// This method is generated by Databricks SDK Code Generator.
	ServicePrincipalDisplayNameToIdMap(ctx context.Context, request ListServicePrincipalsRequest) (map[string]string, error)

	// GetByDisplayName calls [ServicePrincipalsAPI.ServicePrincipalDisplayNameToIdMap] and returns a single [ServicePrincipal].
	//
	// Returns an error if there's more than one [ServicePrincipal] with the same .DisplayName.
	//
	// Note: All [ServicePrincipal] instances are loaded into memory before returning matching by name.
	//
	// This method is generated by Databricks SDK Code Generator.
	GetByDisplayName(ctx context.Context, name string) (*ServicePrincipal, error)

	// Update service principal details.
	//
	// Partially updates the details of a single service principal in the Databricks
	// workspace.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace service principal.
	//
	// Updates the details of a single service principal.
	//
	// This action replaces the existing service principal with the same name.
	Update(ctx context.Context, request ServicePrincipal) error
}

type ServicePrincipalsService 

type ServicePrincipalsService interface {

	// Create a service principal.
	//
	// Creates a new service principal in the Databricks workspace.
	Create(ctx context.Context, request ServicePrincipal) (*ServicePrincipal, error)

	// Delete a service principal.
	//
	// Delete a single service principal in the Databricks workspace.
	Delete(ctx context.Context, request DeleteServicePrincipalRequest) error

	// Get service principal details.
	//
	// Gets the details for a single service principal define in the Databricks
	// workspace.
	Get(ctx context.Context, request GetServicePrincipalRequest) (*ServicePrincipal, error)

	// List service principals.
	//
	// Gets the set of service principals associated with a Databricks
	// workspace.
	//
	// Use ListAll() to get all ServicePrincipal instances, which will iterate over every result page.
	List(ctx context.Context, request ListServicePrincipalsRequest) (*ListServicePrincipalResponse, error)

	// Update service principal details.
	//
	// Partially updates the details of a single service principal in the
	// Databricks workspace.
	Patch(ctx context.Context, request PartialUpdate) error

	// Replace service principal.
	//
	// Updates the details of a single service principal.
	//
	// This action replaces the existing service principal with the same name.
	Update(ctx context.Context, request ServicePrincipal) error
}

Identities for use with jobs, automated tools, and systems such as scripts, apps, and CI/CD platforms. Databricks recommends creating service principals to run production jobs or modify production data. If all processes that act on production data run with service principals, interactive users do not need any write, delete, or modify privileges in production. This eliminates the risk of a user overwriting production data by accident.

type UpdateResponse added in v0.34.0 

type UpdateResponse struct {
}

type UpdateRuleSetRequest added in v0.10.0 

type UpdateRuleSetRequest struct {
	// Name of the rule set.
	Name string `json:"name"`

	RuleSet RuleSetUpdateRequest `json:"rule_set"`
}

type UpdateWorkspaceAssignments 

type UpdateWorkspaceAssignments struct {
	// Array of permissions assignments to update on the workspace. Valid values
	// are "USER" and "ADMIN" (case-sensitive). If both "USER" and "ADMIN" are
	// provided, "ADMIN" takes precedence. Other values will be ignored. Note
	// that excluding this field, or providing unsupported values, will have the
	// same effect as providing an empty list, which will result in the deletion
	// of all permissions for the principal.
	Permissions []WorkspacePermission `json:"permissions,omitempty"`
	// The ID of the user, service principal, or group.
	PrincipalId int64 `json:"-" url:"-"`
	// The workspace ID.
	WorkspaceId int64 `json:"-" url:"-"`
}

type User 

type User struct {
	// If this user is active
	Active bool `json:"active,omitempty"`
	// String that represents a concatenation of given and family names. For
	// example `John Smith`. This field cannot be updated through the Workspace
	// SCIM APIs when [identity federation is enabled]. Use Account SCIM APIs to
	// update `displayName`.
	//
	// [identity federation is enabled]: https://docs.databricks.com/administration-guide/users-groups/best-practices.html#enable-identity-federation
	DisplayName string `json:"displayName,omitempty"`
	// All the emails associated with the Databricks user.
	Emails []ComplexValue `json:"emails,omitempty"`
	// Entitlements assigned to the user. See [assigning entitlements] for a
	// full list of supported values.
	//
	// [assigning entitlements]: https://docs.databricks.com/administration-guide/users-groups/index.html#assigning-entitlements
	Entitlements []ComplexValue `json:"entitlements,omitempty"`
	// External ID is not currently supported. It is reserved for future use.
	ExternalId string `json:"externalId,omitempty"`

	Groups []ComplexValue `json:"groups,omitempty"`
	// Databricks user ID. This is automatically set by Databricks. Any value
	// provided by the client will be ignored.
	Id string `json:"id,omitempty" url:"-"`

	Name *Name `json:"name,omitempty"`
	// Corresponds to AWS instance profile/arn role.
	Roles []ComplexValue `json:"roles,omitempty"`
	// The schema of the user.
	Schemas []UserSchema `json:"schemas,omitempty"`
	// Email address of the Databricks user.
	UserName string `json:"userName,omitempty"`

	ForceSendFields []string `json:"-"`
}

func (User) MarshalJSON added in v0.23.0 

func (s User) MarshalJSON() ([]byte, error)

func (*User) UnmarshalJSON added in v0.23.0 

func (s *User) UnmarshalJSON(b []byte) error

type UserSchema added in v0.24.0 

type UserSchema string
const UserSchemaUrnIetfParamsScimSchemasCore20User UserSchema = `urn:ietf:params:scim:schemas:core:2.0:User`
const UserSchemaUrnIetfParamsScimSchemasExtensionWorkspace20User UserSchema = `urn:ietf:params:scim:schemas:extension:workspace:2.0:User`

func (*UserSchema) Set added in v0.24.0 

func (f *UserSchema) Set(v string) error

Set raw string value and validate it against allowed values

func (*UserSchema) String added in v0.24.0 

func (f *UserSchema) String() string

String representation for fmt.Print

func (*UserSchema) Type added in v0.24.0 

func (f *UserSchema) Type() string

Type always returns UserSchema to satisfy [pflag.Value] interface

type UsersAPI 

type UsersAPI struct {
	// contains filtered or unexported fields
}

User identities recognized by Databricks and represented by email addresses.

Databricks recommends using SCIM provisioning to sync users and groups automatically from your identity provider to your Databricks workspace. SCIM streamlines onboarding a new employee or team by using your identity provider to create users and groups in Databricks workspace and give them the proper level of access. When a user leaves your organization or no longer needs access to Databricks workspace, admins can terminate the user in your identity provider and that user’s account will also be removed from Databricks workspace. This ensures a consistent offboarding process and prevents unauthorized users from accessing sensitive data.

func NewUsers 

func NewUsers(client *client.DatabricksClient) *UsersAPI

func (*UsersAPI) Create 

func (a *UsersAPI) Create(ctx context.Context, request User) (*User, error)
Example (AccountUsers) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

user, err := a.Users.Create(ctx, iam.User{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	UserName:    fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", user)

// cleanup

err = a.Users.DeleteById(ctx, user.Id)
if err != nil {
	panic(err)
}

Output:
Example (ClustersApiIntegration) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

otherOwner, err := w.Users.Create(ctx, iam.User{
	UserName: fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", otherOwner)

// cleanup

err = w.Users.DeleteById(ctx, otherOwner.Id)
if err != nil {
	panic(err)
}

Output:
Example (WorkspaceUsers) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

user, err := w.Users.Create(ctx, iam.User{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	UserName:    fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", user)

Output:

func (*UsersAPI) Delete 

func (a *UsersAPI) Delete(ctx context.Context, request DeleteUserRequest) error
Example (AccountUsers) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

user, err := a.Users.Create(ctx, iam.User{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	UserName:    fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", user)

err = a.Users.DeleteById(ctx, user.Id)
if err != nil {
	panic(err)
}

Output:
Example (ClustersApiIntegration) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

otherOwner, err := w.Users.Create(ctx, iam.User{
	UserName: fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", otherOwner)

err = w.Users.DeleteById(ctx, otherOwner.Id)
if err != nil {
	panic(err)
}

Output:
Example (WorkspaceUsers) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

user, err := w.Users.Create(ctx, iam.User{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	UserName:    fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", user)

err = w.Users.DeleteById(ctx, user.Id)
if err != nil {
	panic(err)
}

Output:

func (*UsersAPI) DeleteById 

func (a *UsersAPI) DeleteById(ctx context.Context, id string) error

Delete a user.

Deletes a user. Deleting a user from a Databricks workspace also removes objects associated with the user.

func (*UsersAPI) Get 

func (a *UsersAPI) Get(ctx context.Context, request GetUserRequest) (*User, error)
Example (AccountUsers) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

user, err := a.Users.Create(ctx, iam.User{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	UserName:    fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", user)

byId, err := a.Users.GetById(ctx, user.Id)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", byId)

// cleanup

err = a.Users.DeleteById(ctx, user.Id)
if err != nil {
	panic(err)
}

Output:
Example (WorkspaceUsers) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

user, err := w.Users.Create(ctx, iam.User{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	UserName:    fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", user)

fetch, err := w.Users.GetById(ctx, user.Id)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", fetch)

Output:

func (*UsersAPI) GetById 

func (a *UsersAPI) GetById(ctx context.Context, id string) (*User, error)

Get user details.

Gets information for a specific user in Databricks workspace.

func (*UsersAPI) GetByUserName 

func (a *UsersAPI) GetByUserName(ctx context.Context, name string) (*User, error)

GetByUserName calls UsersAPI.UserUserNameToIdMap and returns a single User.

Returns an error if there's more than one User with the same .UserName.

Note: All User instances are loaded into memory before returning matching by name.

This method is generated by Databricks SDK Code Generator.

func (*UsersAPI) GetPermissionLevels added in v0.19.0 

func (a *UsersAPI) GetPermissionLevels(ctx context.Context) (*GetPasswordPermissionLevelsResponse, error)

func (*UsersAPI) GetPermissions added in v0.19.0 

func (a *UsersAPI) GetPermissions(ctx context.Context) (*PasswordPermissions, error)

func (*UsersAPI) List added in v0.24.0 

func (a *UsersAPI) List(ctx context.Context, request ListUsersRequest) listing.Iterator[User]

List users.

Gets details for all the users associated with a Databricks workspace.

This method is generated by Databricks SDK Code Generator.

func (*UsersAPI) ListAll 

func (a *UsersAPI) ListAll(ctx context.Context, request ListUsersRequest) ([]User, error)

List users.

Gets details for all the users associated with a Databricks workspace.

This method is generated by Databricks SDK Code Generator.

Example (WorkspaceUsers) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

allUsers, err := w.Users.ListAll(ctx, iam.ListUsersRequest{
	Attributes: "id,userName",
	SortBy:     "userName",
	SortOrder:  iam.ListSortOrderDescending,
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", allUsers)

Output:

func (*UsersAPI) Patch 

func (a *UsersAPI) Patch(ctx context.Context, request PartialUpdate) error
Example (AccountUsers) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

user, err := a.Users.Create(ctx, iam.User{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	UserName:    fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", user)

err = a.Users.Patch(ctx, iam.PartialUpdate{
	Id:      user.Id,
	Schemas: []iam.PatchSchema{iam.PatchSchemaUrnIetfParamsScimApiMessages20PatchOp},
	Operations: []iam.Patch{iam.Patch{
		Op: iam.PatchOpAdd,
		Value: iam.User{
			Roles: []iam.ComplexValue{iam.ComplexValue{
				Value: "account_admin",
			}},
		},
	}},
})
if err != nil {
	panic(err)
}

// cleanup

err = a.Users.DeleteById(ctx, user.Id)
if err != nil {
	panic(err)
}

Output:
Example (WorkspaceUsers) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

user, err := w.Users.Create(ctx, iam.User{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	UserName:    fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", user)

err = w.Users.Patch(ctx, iam.PartialUpdate{
	Id: user.Id,
	Operations: []iam.Patch{iam.Patch{
		Op:    iam.PatchOpReplace,
		Path:  "active",
		Value: "false",
	}},
	Schemas: []iam.PatchSchema{iam.PatchSchemaUrnIetfParamsScimApiMessages20PatchOp},
})
if err != nil {
	panic(err)
}

Output:

func (*UsersAPI) SetPermissions added in v0.19.0 

func (a *UsersAPI) SetPermissions(ctx context.Context, request PasswordPermissionsRequest) (*PasswordPermissions, error)

func (*UsersAPI) Update 

func (a *UsersAPI) Update(ctx context.Context, request User) error
Example (WorkspaceUsers) 
ctx := context.Background()
w, err := databricks.NewWorkspaceClient()
if err != nil {
	panic(err)
}

user, err := w.Users.Create(ctx, iam.User{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
	UserName:    fmt.Sprintf("sdk-%x@example.com", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", user)

err = w.Users.Update(ctx, iam.User{
	Id:       user.Id,
	UserName: user.UserName,
	Active:   true,
})
if err != nil {
	panic(err)
}

Output:

func (*UsersAPI) UpdatePermissions added in v0.19.0 

func (a *UsersAPI) UpdatePermissions(ctx context.Context, request PasswordPermissionsRequest) (*PasswordPermissions, error)

func (*UsersAPI) UserUserNameToIdMap 

func (a *UsersAPI) UserUserNameToIdMap(ctx context.Context, request ListUsersRequest) (map[string]string, error)

UserUserNameToIdMap calls UsersAPI.ListAll and creates a map of results with User.UserName as key and User.Id as value.

Returns an error if there's more than one User with the same .UserName.

Note: All User instances are loaded into memory before creating a map.

This method is generated by Databricks SDK Code Generator.

type UsersInterface added in v0.29.0 

type UsersInterface interface {

	// Create a new user.
	//
	// Creates a new user in the Databricks workspace. This new user will also be
	// added to the Databricks account.
	Create(ctx context.Context, request User) (*User, error)

	// Delete a user.
	//
	// Deletes a user. Deleting a user from a Databricks workspace also removes
	// objects associated with the user.
	Delete(ctx context.Context, request DeleteUserRequest) error

	// Delete a user.
	//
	// Deletes a user. Deleting a user from a Databricks workspace also removes
	// objects associated with the user.
	DeleteById(ctx context.Context, id string) error

	// Get user details.
	//
	// Gets information for a specific user in Databricks workspace.
	Get(ctx context.Context, request GetUserRequest) (*User, error)

	// Get user details.
	//
	// Gets information for a specific user in Databricks workspace.
	GetById(ctx context.Context, id string) (*User, error)

	// Get password permission levels.
	//
	// Gets the permission levels that a user can have on an object.
	GetPermissionLevels(ctx context.Context) (*GetPasswordPermissionLevelsResponse, error)

	// Get password permissions.
	//
	// Gets the permissions of all passwords. Passwords can inherit permissions from
	// their root object.
	GetPermissions(ctx context.Context) (*PasswordPermissions, error)

	// List users.
	//
	// Gets details for all the users associated with a Databricks workspace.
	//
	// This method is generated by Databricks SDK Code Generator.
	List(ctx context.Context, request ListUsersRequest) listing.Iterator[User]

	// List users.
	//
	// Gets details for all the users associated with a Databricks workspace.
	//
	// This method is generated by Databricks SDK Code Generator.
	ListAll(ctx context.Context, request ListUsersRequest) ([]User, error)

	// UserUserNameToIdMap calls [UsersAPI.ListAll] and creates a map of results with [User].UserName as key and [User].Id as value.
	//
	// Returns an error if there's more than one [User] with the same .UserName.
	//
	// Note: All [User] instances are loaded into memory before creating a map.
	//
	// This method is generated by Databricks SDK Code Generator.
	UserUserNameToIdMap(ctx context.Context, request ListUsersRequest) (map[string]string, error)

	// GetByUserName calls [UsersAPI.UserUserNameToIdMap] and returns a single [User].
	//
	// Returns an error if there's more than one [User] with the same .UserName.
	//
	// Note: All [User] instances are loaded into memory before returning matching by name.
	//
	// This method is generated by Databricks SDK Code Generator.
	GetByUserName(ctx context.Context, name string) (*User, error)

	// Update user details.
	//
	// Partially updates a user resource by applying the supplied operations on
	// specific user attributes.
	Patch(ctx context.Context, request PartialUpdate) error

	// Set password permissions.
	//
	// Sets permissions on an object, replacing existing permissions if they exist.
	// Deletes all direct permissions if none are specified. Objects can inherit
	// permissions from their root object.
	SetPermissions(ctx context.Context, request PasswordPermissionsRequest) (*PasswordPermissions, error)

	// Replace a user.
	//
	// Replaces a user's information with the data supplied in request.
	Update(ctx context.Context, request User) error

	// Update password permissions.
	//
	// Updates the permissions on all passwords. Passwords can inherit permissions
	// from their root object.
	UpdatePermissions(ctx context.Context, request PasswordPermissionsRequest) (*PasswordPermissions, error)
}

type UsersService 

type UsersService interface {

	// Create a new user.
	//
	// Creates a new user in the Databricks workspace. This new user will also
	// be added to the Databricks account.
	Create(ctx context.Context, request User) (*User, error)

	// Delete a user.
	//
	// Deletes a user. Deleting a user from a Databricks workspace also removes
	// objects associated with the user.
	Delete(ctx context.Context, request DeleteUserRequest) error

	// Get user details.
	//
	// Gets information for a specific user in Databricks workspace.
	Get(ctx context.Context, request GetUserRequest) (*User, error)

	// Get password permission levels.
	//
	// Gets the permission levels that a user can have on an object.
	GetPermissionLevels(ctx context.Context) (*GetPasswordPermissionLevelsResponse, error)

	// Get password permissions.
	//
	// Gets the permissions of all passwords. Passwords can inherit permissions
	// from their root object.
	GetPermissions(ctx context.Context) (*PasswordPermissions, error)

	// List users.
	//
	// Gets details for all the users associated with a Databricks workspace.
	//
	// Use ListAll() to get all User instances, which will iterate over every result page.
	List(ctx context.Context, request ListUsersRequest) (*ListUsersResponse, error)

	// Update user details.
	//
	// Partially updates a user resource by applying the supplied operations on
	// specific user attributes.
	Patch(ctx context.Context, request PartialUpdate) error

	// Set password permissions.
	//
	// Sets permissions on an object, replacing existing permissions if they
	// exist. Deletes all direct permissions if none are specified. Objects can
	// inherit permissions from their root object.
	SetPermissions(ctx context.Context, request PasswordPermissionsRequest) (*PasswordPermissions, error)

	// Replace a user.
	//
	// Replaces a user's information with the data supplied in request.
	Update(ctx context.Context, request User) error

	// Update password permissions.
	//
	// Updates the permissions on all passwords. Passwords can inherit
	// permissions from their root object.
	UpdatePermissions(ctx context.Context, request PasswordPermissionsRequest) (*PasswordPermissions, error)
}

User identities recognized by Databricks and represented by email addresses.

Databricks recommends using SCIM provisioning to sync users and groups automatically from your identity provider to your Databricks workspace. SCIM streamlines onboarding a new employee or team by using your identity provider to create users and groups in Databricks workspace and give them the proper level of access. When a user leaves your organization or no longer needs access to Databricks workspace, admins can terminate the user in your identity provider and that user’s account will also be removed from Databricks workspace. This ensures a consistent offboarding process and prevents unauthorized users from accessing sensitive data.

type WorkspaceAssignmentAPI 

type WorkspaceAssignmentAPI struct {
	// contains filtered or unexported fields
}

The Workspace Permission Assignment API allows you to manage workspace permissions for principals in your account.

func NewWorkspaceAssignment 

func NewWorkspaceAssignment(client *client.DatabricksClient) *WorkspaceAssignmentAPI

func (*WorkspaceAssignmentAPI) Delete 

func (a *WorkspaceAssignmentAPI) Delete(ctx context.Context, request DeleteWorkspaceAssignmentRequest) error

func (*WorkspaceAssignmentAPI) DeleteByWorkspaceIdAndPrincipalId 

func (a *WorkspaceAssignmentAPI) DeleteByWorkspaceIdAndPrincipalId(ctx context.Context, workspaceId int64, principalId int64) error

Delete permissions assignment.

Deletes the workspace permissions assignment in a given account and workspace for the specified principal.

func (*WorkspaceAssignmentAPI) Get 

func (a *WorkspaceAssignmentAPI) Get(ctx context.Context, request GetWorkspaceAssignmentRequest) (*WorkspacePermissions, error)

func (*WorkspaceAssignmentAPI) GetByWorkspaceId 

func (a *WorkspaceAssignmentAPI) GetByWorkspaceId(ctx context.Context, workspaceId int64) (*WorkspacePermissions, error)

List workspace permissions.

Get an array of workspace permissions for the specified account and workspace.

func (*WorkspaceAssignmentAPI) List added in v0.24.0 

func (a *WorkspaceAssignmentAPI) List(ctx context.Context, request ListWorkspaceAssignmentRequest) listing.Iterator[PermissionAssignment]

Get permission assignments.

Get the permission assignments for the specified Databricks account and Databricks workspace.

This method is generated by Databricks SDK Code Generator.

func (*WorkspaceAssignmentAPI) ListAll 

func (a *WorkspaceAssignmentAPI) ListAll(ctx context.Context, request ListWorkspaceAssignmentRequest) ([]PermissionAssignment, error)

Get permission assignments.

Get the permission assignments for the specified Databricks account and Databricks workspace.

This method is generated by Databricks SDK Code Generator.

Example (WorkspaceAssignmentOnAws) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

workspaceId := func(v string) int64 {
	i, err := strconv.ParseInt(v, 10, 64)
	if err != nil {
		panic(fmt.Sprintf("`%s` is not int64: %s", v, err))
	}
	return i
}(os.Getenv("DUMMY_WORKSPACE_ID"))

all, err := a.WorkspaceAssignment.ListByWorkspaceId(ctx, workspaceId)
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", all)

Output:

func (*WorkspaceAssignmentAPI) ListByWorkspaceId 

func (a *WorkspaceAssignmentAPI) ListByWorkspaceId(ctx context.Context, workspaceId int64) (*PermissionAssignments, error)

Get permission assignments.

Get the permission assignments for the specified Databricks account and Databricks workspace.

func (*WorkspaceAssignmentAPI) Update 

func (a *WorkspaceAssignmentAPI) Update(ctx context.Context, request UpdateWorkspaceAssignments) (*PermissionAssignment, error)
Example (WorkspaceAssignmentOnAws) 
ctx := context.Background()
a, err := databricks.NewAccountClient()
if err != nil {
	panic(err)
}

spn, err := a.ServicePrincipals.Create(ctx, iam.ServicePrincipal{
	DisplayName: fmt.Sprintf("sdk-%x", time.Now().UnixNano()),
})
if err != nil {
	panic(err)
}
logger.Infof(ctx, "found %v", spn)

spnId := func(v string) int64 {
	i, err := strconv.ParseInt(v, 10, 64)
	if err != nil {
		panic(fmt.Sprintf("`%s` is not int64: %s", v, err))
	}
	return i
}(spn.Id)

workspaceId := func(v string) int64 {
	i, err := strconv.ParseInt(v, 10, 64)
	if err != nil {
		panic(fmt.Sprintf("`%s` is not int64: %s", v, err))
	}
	return i
}(os.Getenv("DUMMY_WORKSPACE_ID"))

_, err = a.WorkspaceAssignment.Update(ctx, iam.UpdateWorkspaceAssignments{
	WorkspaceId: workspaceId,
	PrincipalId: spnId,
	Permissions: []iam.WorkspacePermission{iam.WorkspacePermissionUser},
})
if err != nil {
	panic(err)
}

Output:

type WorkspaceAssignmentInterface added in v0.29.0 

type WorkspaceAssignmentInterface interface {

	// Delete permissions assignment.
	//
	// Deletes the workspace permissions assignment in a given account and workspace
	// for the specified principal.
	Delete(ctx context.Context, request DeleteWorkspaceAssignmentRequest) error

	// Delete permissions assignment.
	//
	// Deletes the workspace permissions assignment in a given account and workspace
	// for the specified principal.
	DeleteByWorkspaceIdAndPrincipalId(ctx context.Context, workspaceId int64, principalId int64) error

	// List workspace permissions.
	//
	// Get an array of workspace permissions for the specified account and
	// workspace.
	Get(ctx context.Context, request GetWorkspaceAssignmentRequest) (*WorkspacePermissions, error)

	// List workspace permissions.
	//
	// Get an array of workspace permissions for the specified account and
	// workspace.
	GetByWorkspaceId(ctx context.Context, workspaceId int64) (*WorkspacePermissions, error)

	// Get permission assignments.
	//
	// Get the permission assignments for the specified Databricks account and
	// Databricks workspace.
	//
	// This method is generated by Databricks SDK Code Generator.
	List(ctx context.Context, request ListWorkspaceAssignmentRequest) listing.Iterator[PermissionAssignment]

	// Get permission assignments.
	//
	// Get the permission assignments for the specified Databricks account and
	// Databricks workspace.
	//
	// This method is generated by Databricks SDK Code Generator.
	ListAll(ctx context.Context, request ListWorkspaceAssignmentRequest) ([]PermissionAssignment, error)

	// Get permission assignments.
	//
	// Get the permission assignments for the specified Databricks account and
	// Databricks workspace.
	ListByWorkspaceId(ctx context.Context, workspaceId int64) (*PermissionAssignments, error)

	// Create or update permissions assignment.
	//
	// Creates or updates the workspace permissions assignment in a given account
	// and workspace for the specified principal.
	Update(ctx context.Context, request UpdateWorkspaceAssignments) (*PermissionAssignment, error)
}

type WorkspaceAssignmentService 

type WorkspaceAssignmentService interface {

	// Delete permissions assignment.
	//
	// Deletes the workspace permissions assignment in a given account and
	// workspace for the specified principal.
	Delete(ctx context.Context, request DeleteWorkspaceAssignmentRequest) error

	// List workspace permissions.
	//
	// Get an array of workspace permissions for the specified account and
	// workspace.
	Get(ctx context.Context, request GetWorkspaceAssignmentRequest) (*WorkspacePermissions, error)

	// Get permission assignments.
	//
	// Get the permission assignments for the specified Databricks account and
	// Databricks workspace.
	//
	// Use ListAll() to get all PermissionAssignment instances
	List(ctx context.Context, request ListWorkspaceAssignmentRequest) (*PermissionAssignments, error)

	// Create or update permissions assignment.
	//
	// Creates or updates the workspace permissions assignment in a given
	// account and workspace for the specified principal.
	Update(ctx context.Context, request UpdateWorkspaceAssignments) (*PermissionAssignment, error)
}

The Workspace Permission Assignment API allows you to manage workspace permissions for principals in your account.

type WorkspacePermission 

type WorkspacePermission string
const WorkspacePermissionAdmin WorkspacePermission = `ADMIN`
const WorkspacePermissionUnknown WorkspacePermission = `UNKNOWN`
const WorkspacePermissionUser WorkspacePermission = `USER`

func (*WorkspacePermission) Set 

func (f *WorkspacePermission) Set(v string) error

Set raw string value and validate it against allowed values

func (*WorkspacePermission) String 

func (f *WorkspacePermission) String() string

String representation for fmt.Print

func (*WorkspacePermission) Type 

func (f *WorkspacePermission) Type() string

Type always returns WorkspacePermission to satisfy [pflag.Value] interface

type WorkspacePermissions 

type WorkspacePermissions struct {
	// Array of permissions defined for a workspace.
	Permissions []PermissionOutput `json:"permissions,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.