a.iam_v2: account_iam.v2

class databricks.sdk.service.iamv2.AccountIamV2API

These APIs are used to manage identities and the workspace access of these identities in <Databricks>.

create_workspace_assignment_detail(workspace_id: int, workspace_assignment_detail: WorkspaceAssignmentDetail) WorkspaceAssignmentDetail

Creates a workspace assignment detail for a principal. Entitlement grants are applied individually and non-atomically — if a failure occurs partway through, the principal will be assigned to the workspace but with only a subset of the requested entitlements. Use GetWorkspaceAssignmentDetail to confirm which entitlements were successfully granted.

Parameters:

  • workspace_id – int Required. The workspace ID for which the workspace assignment detail is being created.

  • workspace_assignment_detailWorkspaceAssignmentDetail Required. Workspace assignment detail to be created in <Databricks>.

Returns:

WorkspaceAssignmentDetail

delete_workspace_assignment_detail(workspace_id: int, principal_id: int)

Deletes a workspace assignment detail for a principal, revoking all associated entitlements. Entitlement revocations are applied individually and non-atomically — if a failure occurs partway through, the principal remains assigned with a subset of its original entitlements, and the operation is safe to retry.

Parameters:

  • workspace_id – int The workspace ID where the principal has access.

  • principal_id – int Required. ID of the principal in Databricks to delete workspace assignment for.

get_workspace_access_detail(workspace_id: int, principal_id: int [, view: Optional[WorkspaceAccessDetailView]]) WorkspaceAccessDetail

Returns the access details for a principal in a workspace. Allows for checking access details for any provisioned principal (user, service principal, or group) in a workspace. * Provisioned principal here refers to one that has been synced into Databricks from the customer’s IdP or added explicitly to Databricks via SCIM/UI. Allows for passing in a “view” parameter to control what fields are returned (BASIC by default or FULL).

Parameters:

  • workspace_id – int Required. The workspace ID for which the access details are being requested.

  • principal_id – int Required. The internal ID of the principal (user/sp/group) for which the access details are being requested.

  • viewWorkspaceAccessDetailView (optional) Controls what fields are returned.

Returns:

WorkspaceAccessDetail

get_workspace_assignment_detail(workspace_id: int, principal_id: int) WorkspaceAssignmentDetail

Returns the assignment details for a principal in a workspace.

Parameters:

  • workspace_id – int Required. The workspace ID for which the assignment details are being requested.

  • principal_id – int Required. The internal ID of the principal (user/sp/group) for which the assignment details are being requested.

Returns:

WorkspaceAssignmentDetail

list_workspace_assignment_details(workspace_id: int [, page_size: Optional[int], page_token: Optional[str]]) ListWorkspaceAssignmentDetailsResponse

Lists workspace assignment details for a workspace.

Parameters:

  • workspace_id – int Required. The workspace ID for which the workspace assignment details are being fetched.

  • page_size – int (optional) The maximum number of workspace assignment details to return. The service may return fewer than this value.

  • page_token – str (optional) A page token, received from a previous ListWorkspaceAssignmentDetails call. Provide this to retrieve the subsequent page.

Returns:

ListWorkspaceAssignmentDetailsResponse

resolve_group(external_id: str) ResolveGroupResponse

Resolves a group with the given external ID from the customer’s IdP. If the group does not exist, it will be created in the account. If the customer is not onboarded onto Automatic Identity Management (AIM), this will return an error.

Parameters:

external_id – str Required. The external ID of the group in the customer’s IdP.

Returns:

ResolveGroupResponse

resolve_service_principal(external_id: str) ResolveServicePrincipalResponse

Resolves an SP with the given external ID from the customer’s IdP. If the SP does not exist, it will be created. If the customer is not onboarded onto Automatic Identity Management (AIM), this will return an error.

Parameters:

external_id – str Required. The external ID of the service principal in the customer’s IdP.

Returns:

ResolveServicePrincipalResponse

resolve_user(external_id: str) ResolveUserResponse

Resolves a user with the given external ID from the customer’s IdP. If the user does not exist, it will be created. If the customer is not onboarded onto Automatic Identity Management (AIM), this will return an error.

Parameters:

external_id – str Required. The external ID of the user in the customer’s IdP.

Returns:

ResolveUserResponse

update_workspace_assignment_detail(workspace_id: int, principal_id: int, workspace_assignment_detail: WorkspaceAssignmentDetail, update_mask: FieldMask) WorkspaceAssignmentDetail

Updates the entitlements of a directly assigned principal in a workspace. Entitlement changes are applied individually and non-atomically — if a failure occurs partway through, only a subset of the requested changes may have been applied. Use GetWorkspaceAssignmentDetail to confirm the final state.

Parameters:

  • workspace_id – int Required. The workspace ID for which the workspace assignment detail is being updated.

  • principal_id – int Required. ID of the principal in Databricks.

  • workspace_assignment_detailWorkspaceAssignmentDetail Required. Workspace assignment detail to be updated in <Databricks>.

  • update_mask – FieldMask Required. The list of fields to update.

Returns:

WorkspaceAssignmentDetail