Identity and Access Management¶

These dataclasses are used in the SDK to represent API requests and responses for services in the databricks.sdk.service.iam module.

class databricks.sdk.service.iam.AccessControlRequest(group_name: 'Optional[str]' = None, permission_level: 'Optional[PermissionLevel]' = None, service_principal_name: 'Optional[str]' = None, user_name: 'Optional[str]' = None)¶

group_name: str | None = None¶: name of the group

permission_level: PermissionLevel | None = None¶

service_principal_name: str | None = None¶: application ID of a service principal

user_name: str | None = None¶: name of the user

as_dict() → dict¶: Serializes the AccessControlRequest into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the AccessControlRequest into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → AccessControlRequest¶: Deserializes the AccessControlRequest from a dictionary.

class databricks.sdk.service.iam.AccessControlResponse(all_permissions: 'Optional[List[Permission]]' = None, display_name: 'Optional[str]' = None, group_name: 'Optional[str]' = None, service_principal_name: 'Optional[str]' = None, user_name: 'Optional[str]' = None)¶

all_permissions: List[Permission] | None = None¶: All permissions.

display_name: str | None = None¶: Display name of the user or service principal.

group_name: str | None = None¶: name of the group

service_principal_name: str | None = None¶: Name of the service principal.

user_name: str | None = None¶: name of the user

as_dict() → dict¶: Serializes the AccessControlResponse into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the AccessControlResponse into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → AccessControlResponse¶: Deserializes the AccessControlResponse from a dictionary.

class databricks.sdk.service.iam.AccountGroup(account_id: 'Optional[str]' = None, display_name: 'Optional[str]' = None, external_id: 'Optional[str]' = None, id: 'Optional[str]' = None, members: 'Optional[List[ComplexValue]]' = None, meta: 'Optional[ResourceMeta]' = None, roles: 'Optional[List[ComplexValue]]' = None)¶

account_id: str | None = None¶: Databricks account ID

display_name: str | None = None¶: String that represents a human-readable group name

external_id: str | None = None¶: external_id should be unique for identifying groups

id: str | None = None¶: Databricks group ID

members: List[ComplexValue] | None = None¶

meta: ResourceMeta | None = None¶: Container for the group identifier. Workspace local versus account.

roles: List[ComplexValue] | None = None¶: Indicates if the group has the admin role.

as_dict() → dict¶: Serializes the AccountGroup into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the AccountGroup into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → AccountGroup¶: Deserializes the AccountGroup from a dictionary.

class databricks.sdk.service.iam.AccountServicePrincipal(account_id: 'Optional[str]' = None, active: 'Optional[bool]' = None, application_id: 'Optional[str]' = None, display_name: 'Optional[str]' = None, external_id: 'Optional[str]' = None, id: 'Optional[str]' = None, roles: 'Optional[List[ComplexValue]]' = None)¶

account_id: str | None = None¶: Databricks account ID

active: bool | None = None¶: If this user is active

application_id: str | None = None¶: UUID relating to the service principal

display_name: str | None = None¶: String that represents a concatenation of given and family names.

external_id: str | None = None¶

id: str | None = None¶: Databricks service principal ID.

roles: List[ComplexValue] | None = None¶: Indicates if the group has the admin role.

as_dict() → dict¶: Serializes the AccountServicePrincipal into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the AccountServicePrincipal into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → AccountServicePrincipal¶: Deserializes the AccountServicePrincipal from a dictionary.

class databricks.sdk.service.iam.AccountUser(account_id: 'Optional[str]' = None, active: 'Optional[bool]' = None, display_name: 'Optional[str]' = None, emails: 'Optional[List[ComplexValue]]' = None, external_id: 'Optional[str]' = None, id: 'Optional[str]' = None, name: 'Optional[Name]' = None, roles: 'Optional[List[ComplexValue]]' = None, user_name: 'Optional[str]' = None)¶

account_id: str | None = None¶: Databricks account ID

active: bool | None = None¶: If this user is active

display_name: str | None = None¶: String that represents a concatenation of given and family names. For example John Smith.

emails: List[ComplexValue] | None = None¶: All the emails associated with the Databricks user.

external_id: str | None = None¶: External ID is not currently supported. It is reserved for future use.

id: str | None = None¶: Databricks user ID.

name: Name | None = None¶

roles: List[ComplexValue] | None = None¶: Indicates if the group has the admin role.

user_name: str | None = None¶: Email address of the Databricks user.

as_dict() → dict¶: Serializes the AccountUser into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the AccountUser into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → AccountUser¶: Deserializes the AccountUser from a dictionary.

class databricks.sdk.service.iam.Actor(actor_id: int | None = None)¶

represents an identity trying to access a resource - user or a service principal group can be a principal of a permission set assignment but an actor is always a user or a service principal

actor_id: int | None = None¶

as_dict() → dict¶: Serializes the Actor into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the Actor into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → Actor¶: Deserializes the Actor from a dictionary.

class databricks.sdk.service.iam.AutoscopeState¶

State of inferred scope collection (autoscope) for an external PAT. Mirrored in databricks.identity.AutoscopeState in common/principal-context/api/proto/tokendetails.proto. Token store and token management proto can depend on this. Principal context proto should NOT depend on this proto definitions because too many services depend on the principal context proto.

AUTOSCOPE_STATE_API_NOT_COVERED = "AUTOSCOPE_STATE_API_NOT_COVERED"¶

AUTOSCOPE_STATE_BACKFILLED = "AUTOSCOPE_STATE_BACKFILLED"¶

AUTOSCOPE_STATE_COMPLETED = "AUTOSCOPE_STATE_COMPLETED"¶

AUTOSCOPE_STATE_DISABLED = "AUTOSCOPE_STATE_DISABLED"¶

AUTOSCOPE_STATE_RUNNING = "AUTOSCOPE_STATE_RUNNING"¶

AUTOSCOPE_STATE_USER_SELECTED = "AUTOSCOPE_STATE_USER_SELECTED"¶

class databricks.sdk.service.iam.CheckPolicyResponse(consistency_token: 'ConsistencyToken', is_permitted: 'Optional[bool]' = None)¶

consistency_token: ConsistencyToken¶

is_permitted: bool | None = None¶

as_dict() → dict¶: Serializes the CheckPolicyResponse into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the CheckPolicyResponse into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → CheckPolicyResponse¶: Deserializes the CheckPolicyResponse from a dictionary.

class databricks.sdk.service.iam.ComplexValue(display: 'Optional[str]' = None, primary: 'Optional[bool]' = None, ref: 'Optional[str]' = None, type: 'Optional[str]' = None, value: 'Optional[str]' = None)¶

display: str | None = None¶

primary: bool | None = None¶

ref: str | None = None¶

type: str | None = None¶

value: str | None = None¶

as_dict() → dict¶: Serializes the ComplexValue into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the ComplexValue into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → ComplexValue¶: Deserializes the ComplexValue from a dictionary.

class databricks.sdk.service.iam.ConsistencyToken(value: 'str')¶

value: str¶

as_dict() → dict¶: Serializes the ConsistencyToken into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the ConsistencyToken into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → ConsistencyToken¶: Deserializes the ConsistencyToken from a dictionary.

class databricks.sdk.service.iam.DeleteWorkspacePermissionAssignmentResponse¶

as_dict() → dict¶: Serializes the DeleteWorkspacePermissionAssignmentResponse into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the DeleteWorkspacePermissionAssignmentResponse into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → DeleteWorkspacePermissionAssignmentResponse¶: Deserializes the DeleteWorkspacePermissionAssignmentResponse from a dictionary.

class databricks.sdk.service.iam.GetAssignableRolesForResourceResponse(roles: 'Optional[List[Role]]' = None)¶

roles: List[Role] | None = None¶

as_dict() → dict¶: Serializes the GetAssignableRolesForResourceResponse into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the GetAssignableRolesForResourceResponse into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → GetAssignableRolesForResourceResponse¶: Deserializes the GetAssignableRolesForResourceResponse from a dictionary.

class databricks.sdk.service.iam.GetPasswordPermissionLevelsResponse(permission_levels: 'Optional[List[PasswordPermissionsDescription]]' = None)¶

permission_levels: List[PasswordPermissionsDescription] | None = None¶: Specific permission levels

as_dict() → dict¶: Serializes the GetPasswordPermissionLevelsResponse into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the GetPasswordPermissionLevelsResponse into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → GetPasswordPermissionLevelsResponse¶: Deserializes the GetPasswordPermissionLevelsResponse from a dictionary.

class databricks.sdk.service.iam.GetPermissionLevelsResponse(permission_levels: 'Optional[List[PermissionsDescription]]' = None)¶

permission_levels: List[PermissionsDescription] | None = None¶: Specific permission levels

as_dict() → dict¶: Serializes the GetPermissionLevelsResponse into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the GetPermissionLevelsResponse into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → GetPermissionLevelsResponse¶: Deserializes the GetPermissionLevelsResponse from a dictionary.

class databricks.sdk.service.iam.GetSortOrder¶

ASCENDING = "ASCENDING"¶

DESCENDING = "DESCENDING"¶

class databricks.sdk.service.iam.GrantRule(role: 'str', principals: 'Optional[List[str]]' = None)¶

role: str¶: Role that is assigned to the list of principals.

principals: List[str] | None = None¶: Principals this grant rule applies to. A principal can be a user (for end users), a service principal (for applications and compute workloads), or an account group. Each principal has its own identifier format: * users/<USERNAME> * groups/<GROUP_NAME> * servicePrincipals/<SERVICE_PRINCIPAL_APPLICATION_ID>

as_dict() → dict¶: Serializes the GrantRule into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the GrantRule into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → GrantRule¶: Deserializes the GrantRule from a dictionary.

class databricks.sdk.service.iam.Group(display_name: 'Optional[str]' = None, entitlements: 'Optional[List[ComplexValue]]' = None, external_id: 'Optional[str]' = None, groups: 'Optional[List[ComplexValue]]' = None, id: 'Optional[str]' = None, members: 'Optional[List[ComplexValue]]' = None, meta: 'Optional[ResourceMeta]' = None, roles: 'Optional[List[ComplexValue]]' = None, schemas: 'Optional[List[GroupSchema]]' = None)¶

display_name: str | None = None¶: String that represents a human-readable group name

entitlements: List[ComplexValue] | None = None¶

Entitlements assigned to the group. See [assigning entitlements] for a full list of supported values.

[assigning entitlements]: https://docs.databricks.com/administration-guide/users-groups/index.html#assigning-entitlements

external_id: str | None = None¶: external_id should be unique for identifying groups

groups: List[ComplexValue] | None = None¶

id: str | None = None¶: Databricks group ID

members: List[ComplexValue] | None = None¶

meta: ResourceMeta | None = None¶: Container for the group identifier. Workspace local versus account.

roles: List[ComplexValue] | None = None¶: Corresponds to AWS instance profile/arn role.

schemas: List[GroupSchema] | None = None¶: The schema of the group.

as_dict() → dict¶: Serializes the Group into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the Group into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → Group¶: Deserializes the Group from a dictionary.

class databricks.sdk.service.iam.GroupSchema¶

URN_IETF_PARAMS_SCIM_SCHEMAS_CORE_2_0_GROUP = "URN_IETF_PARAMS_SCIM_SCHEMAS_CORE_2_0_GROUP"¶

class databricks.sdk.service.iam.ListAccountGroupsResponse(items_per_page: 'Optional[int]' = None, resources: 'Optional[List[AccountGroup]]' = None, start_index: 'Optional[int]' = None, total_results: 'Optional[int]' = None)¶

items_per_page: int | None = None¶: Total results returned in the response.

resources: List[AccountGroup] | None = None¶: User objects returned in the response.

start_index: int | None = None¶: Starting index of all the results that matched the request filters. First item is number 1.

total_results: int | None = None¶: Total results that match the request filters.

as_dict() → dict¶: Serializes the ListAccountGroupsResponse into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the ListAccountGroupsResponse into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → ListAccountGroupsResponse¶: Deserializes the ListAccountGroupsResponse from a dictionary.

class databricks.sdk.service.iam.ListAccountServicePrincipalsResponse(items_per_page: 'Optional[int]' = None, resources: 'Optional[List[AccountServicePrincipal]]' = None, start_index: 'Optional[int]' = None, total_results: 'Optional[int]' = None)¶

items_per_page: int | None = None¶: Total results returned in the response.

resources: List[AccountServicePrincipal] | None = None¶: User objects returned in the response.

start_index: int | None = None¶: Starting index of all the results that matched the request filters. First item is number 1.

total_results: int | None = None¶: Total results that match the request filters.

as_dict() → dict¶: Serializes the ListAccountServicePrincipalsResponse into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the ListAccountServicePrincipalsResponse into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → ListAccountServicePrincipalsResponse¶: Deserializes the ListAccountServicePrincipalsResponse from a dictionary.

class databricks.sdk.service.iam.ListAccountUsersResponse(items_per_page: 'Optional[int]' = None, resources: 'Optional[List[AccountUser]]' = None, start_index: 'Optional[int]' = None, total_results: 'Optional[int]' = None)¶

items_per_page: int | None = None¶: Total results returned in the response.

resources: List[AccountUser] | None = None¶: User objects returned in the response.

start_index: int | None = None¶: Starting index of all the results that matched the request filters. First item is number 1.

total_results: int | None = None¶: Total results that match the request filters.

as_dict() → dict¶: Serializes the ListAccountUsersResponse into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the ListAccountUsersResponse into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → ListAccountUsersResponse¶: Deserializes the ListAccountUsersResponse from a dictionary.

class databricks.sdk.service.iam.ListGroupsResponse(items_per_page: 'Optional[int]' = None, resources: 'Optional[List[Group]]' = None, schemas: 'Optional[List[ListResponseSchema]]' = None, start_index: 'Optional[int]' = None, total_results: 'Optional[int]' = None)¶

items_per_page: int | None = None¶: Total results returned in the response.

resources: List[Group] | None = None¶: User objects returned in the response.

schemas: List[ListResponseSchema] | None = None¶: The schema of the service principal.

start_index: int | None = None¶: Starting index of all the results that matched the request filters. First item is number 1.

total_results: int | None = None¶: Total results that match the request filters.

as_dict() → dict¶: Serializes the ListGroupsResponse into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the ListGroupsResponse into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → ListGroupsResponse¶: Deserializes the ListGroupsResponse from a dictionary.

class databricks.sdk.service.iam.ListResponseSchema¶

URN_IETF_PARAMS_SCIM_API_MESSAGES_2_0_LIST_RESPONSE = "URN_IETF_PARAMS_SCIM_API_MESSAGES_2_0_LIST_RESPONSE"¶

class databricks.sdk.service.iam.ListServicePrincipalResponse(items_per_page: 'Optional[int]' = None, resources: 'Optional[List[ServicePrincipal]]' = None, schemas: 'Optional[List[ListResponseSchema]]' = None, start_index: 'Optional[int]' = None, total_results: 'Optional[int]' = None)¶

items_per_page: int | None = None¶: Total results returned in the response.

resources: List[ServicePrincipal] | None = None¶: User objects returned in the response.

schemas: List[ListResponseSchema] | None = None¶: The schema of the List response.

start_index: int | None = None¶: Starting index of all the results that matched the request filters. First item is number 1.

total_results: int | None = None¶: Total results that match the request filters.

as_dict() → dict¶: Serializes the ListServicePrincipalResponse into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the ListServicePrincipalResponse into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → ListServicePrincipalResponse¶: Deserializes the ListServicePrincipalResponse from a dictionary.

class databricks.sdk.service.iam.ListSortOrder¶

ASCENDING = "ASCENDING"¶

DESCENDING = "DESCENDING"¶

class databricks.sdk.service.iam.ListUsersResponse(items_per_page: 'Optional[int]' = None, resources: 'Optional[List[User]]' = None, schemas: 'Optional[List[ListResponseSchema]]' = None, start_index: 'Optional[int]' = None, total_results: 'Optional[int]' = None)¶

items_per_page: int | None = None¶: Total results returned in the response.

resources: List[User] | None = None¶: User objects returned in the response.

schemas: List[ListResponseSchema] | None = None¶: The schema of the List response.

start_index: int | None = None¶: Starting index of all the results that matched the request filters. First item is number 1.

total_results: int | None = None¶: Total results that match the request filters.

as_dict() → dict¶: Serializes the ListUsersResponse into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the ListUsersResponse into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → ListUsersResponse¶: Deserializes the ListUsersResponse from a dictionary.

class databricks.sdk.service.iam.MigratePermissionsResponse(permissions_migrated: 'Optional[int]' = None)¶

permissions_migrated: int | None = None¶: Number of permissions migrated.

as_dict() → dict¶: Serializes the MigratePermissionsResponse into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the MigratePermissionsResponse into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → MigratePermissionsResponse¶: Deserializes the MigratePermissionsResponse from a dictionary.

class databricks.sdk.service.iam.Name(family_name: 'Optional[str]' = None, given_name: 'Optional[str]' = None)¶

family_name: str | None = None¶: Family name of the Databricks user.

given_name: str | None = None¶: Given name of the Databricks user.

as_dict() → dict¶: Serializes the Name into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the Name into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → Name¶: Deserializes the Name from a dictionary.

class databricks.sdk.service.iam.ObjectPermissions(access_control_list: 'Optional[List[AccessControlResponse]]' = None, object_id: 'Optional[str]' = None, object_type: 'Optional[str]' = None)¶

access_control_list: List[AccessControlResponse] | None = None¶

object_id: str | None = None¶

object_type: str | None = None¶

as_dict() → dict¶: Serializes the ObjectPermissions into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the ObjectPermissions into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → ObjectPermissions¶: Deserializes the ObjectPermissions from a dictionary.

class databricks.sdk.service.iam.PasswordAccessControlRequest(group_name: 'Optional[str]' = None, permission_level: 'Optional[PasswordPermissionLevel]' = None, service_principal_name: 'Optional[str]' = None, user_name: 'Optional[str]' = None)¶

group_name: str | None = None¶: name of the group

permission_level: PasswordPermissionLevel | None = None¶: Permission level

service_principal_name: str | None = None¶: application ID of a service principal

user_name: str | None = None¶: name of the user

as_dict() → dict¶: Serializes the PasswordAccessControlRequest into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the PasswordAccessControlRequest into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → PasswordAccessControlRequest¶: Deserializes the PasswordAccessControlRequest from a dictionary.

class databricks.sdk.service.iam.PasswordAccessControlResponse(all_permissions: 'Optional[List[PasswordPermission]]' = None, display_name: 'Optional[str]' = None, group_name: 'Optional[str]' = None, service_principal_name: 'Optional[str]' = None, user_name: 'Optional[str]' = None)¶

all_permissions: List[PasswordPermission] | None = None¶: All permissions.

display_name: str | None = None¶: Display name of the user or service principal.

group_name: str | None = None¶: name of the group

service_principal_name: str | None = None¶: Name of the service principal.

user_name: str | None = None¶: name of the user

as_dict() → dict¶: Serializes the PasswordAccessControlResponse into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the PasswordAccessControlResponse into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → PasswordAccessControlResponse¶: Deserializes the PasswordAccessControlResponse from a dictionary.

class databricks.sdk.service.iam.PasswordPermission(inherited: 'Optional[bool]' = None, inherited_from_object: 'Optional[List[str]]' = None, permission_level: 'Optional[PasswordPermissionLevel]' = None)¶

inherited: bool | None = None¶

inherited_from_object: List[str] | None = None¶

permission_level: PasswordPermissionLevel | None = None¶: Permission level

as_dict() → dict¶: Serializes the PasswordPermission into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the PasswordPermission into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → PasswordPermission¶: Deserializes the PasswordPermission from a dictionary.

class databricks.sdk.service.iam.PasswordPermissionLevel¶

Permission level

CAN_USE = "CAN_USE"¶

class databricks.sdk.service.iam.PasswordPermissions(access_control_list: 'Optional[List[PasswordAccessControlResponse]]' = None, object_id: 'Optional[str]' = None, object_type: 'Optional[str]' = None)¶

access_control_list: List[PasswordAccessControlResponse] | None = None¶

object_id: str | None = None¶

object_type: str | None = None¶

as_dict() → dict¶: Serializes the PasswordPermissions into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the PasswordPermissions into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → PasswordPermissions¶: Deserializes the PasswordPermissions from a dictionary.

class databricks.sdk.service.iam.PasswordPermissionsDescription(description: 'Optional[str]' = None, permission_level: 'Optional[PasswordPermissionLevel]' = None)¶

description: str | None = None¶

permission_level: PasswordPermissionLevel | None = None¶: Permission level

as_dict() → dict¶: Serializes the PasswordPermissionsDescription into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the PasswordPermissionsDescription into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → PasswordPermissionsDescription¶: Deserializes the PasswordPermissionsDescription from a dictionary.

class databricks.sdk.service.iam.Patch(op: 'Optional[PatchOp]' = None, path: 'Optional[str]' = None, value: 'Optional[Any]' = None)¶

op: PatchOp | None = None¶: Type of patch operation.

path: str | None = None¶: Selection of patch operation

value: Any | None = None¶: Value to modify

as_dict() → dict¶: Serializes the Patch into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the Patch into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → Patch¶: Deserializes the Patch from a dictionary.

class databricks.sdk.service.iam.PatchOp¶

Type of patch operation.

ADD = "ADD"¶

REMOVE = "REMOVE"¶

REPLACE = "REPLACE"¶

class databricks.sdk.service.iam.PatchSchema¶

URN_IETF_PARAMS_SCIM_API_MESSAGES_2_0_PATCH_OP = "URN_IETF_PARAMS_SCIM_API_MESSAGES_2_0_PATCH_OP"¶

class databricks.sdk.service.iam.Permission(inherited: 'Optional[bool]' = None, inherited_from_object: 'Optional[List[str]]' = None, permission_level: 'Optional[PermissionLevel]' = None)¶

inherited: bool | None = None¶

inherited_from_object: List[str] | None = None¶

permission_level: PermissionLevel | None = None¶

as_dict() → dict¶: Serializes the Permission into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the Permission into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → Permission¶: Deserializes the Permission from a dictionary.

class databricks.sdk.service.iam.PermissionAssignment(error: str | None = None, permissions: List[WorkspacePermission] | None = None, principal: PrincipalOutput | None = None)¶

The output format for existing workspace PermissionAssignment records, which contains some info for user consumption.

error: str | None = None¶: Error response associated with a workspace permission assignment, if any.

permissions: List[WorkspacePermission] | None = None¶: The permissions level of the principal.

principal: PrincipalOutput | None = None¶: Information about the principal assigned to the workspace.

as_dict() → dict¶: Serializes the PermissionAssignment into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the PermissionAssignment into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → PermissionAssignment¶: Deserializes the PermissionAssignment from a dictionary.

class databricks.sdk.service.iam.PermissionAssignments(permission_assignments: 'Optional[List[PermissionAssignment]]' = None)¶

permission_assignments: List[PermissionAssignment] | None = None¶: Array of permissions assignments defined for a workspace.

as_dict() → dict¶: Serializes the PermissionAssignments into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the PermissionAssignments into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → PermissionAssignments¶: Deserializes the PermissionAssignments from a dictionary.

class databricks.sdk.service.iam.PermissionLevel¶

Permission level

CAN_ATTACH_TO = "CAN_ATTACH_TO"¶

CAN_BIND = "CAN_BIND"¶

CAN_CREATE = "CAN_CREATE"¶

CAN_CREATE_APP = "CAN_CREATE_APP"¶

CAN_EDIT = "CAN_EDIT"¶

CAN_EDIT_METADATA = "CAN_EDIT_METADATA"¶

CAN_MANAGE = "CAN_MANAGE"¶

CAN_MANAGE_PRODUCTION_VERSIONS = "CAN_MANAGE_PRODUCTION_VERSIONS"¶

CAN_MANAGE_RUN = "CAN_MANAGE_RUN"¶

CAN_MANAGE_STAGING_VERSIONS = "CAN_MANAGE_STAGING_VERSIONS"¶

CAN_MONITOR = "CAN_MONITOR"¶

CAN_MONITOR_ONLY = "CAN_MONITOR_ONLY"¶

CAN_QUERY = "CAN_QUERY"¶

CAN_READ = "CAN_READ"¶

CAN_RESTART = "CAN_RESTART"¶

CAN_RUN = "CAN_RUN"¶

CAN_USE = "CAN_USE"¶

CAN_VIEW = "CAN_VIEW"¶

CAN_VIEW_METADATA = "CAN_VIEW_METADATA"¶

IS_OWNER = "IS_OWNER"¶

class databricks.sdk.service.iam.PermissionOutput(description: 'Optional[str]' = None, permission_level: 'Optional[WorkspacePermission]' = None)¶

description: str | None = None¶: The results of a permissions query.

permission_level: WorkspacePermission | None = None¶

as_dict() → dict¶: Serializes the PermissionOutput into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the PermissionOutput into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → PermissionOutput¶: Deserializes the PermissionOutput from a dictionary.

class databricks.sdk.service.iam.PermissionsDescription(description: 'Optional[str]' = None, permission_level: 'Optional[PermissionLevel]' = None)¶

description: str | None = None¶

permission_level: PermissionLevel | None = None¶

as_dict() → dict¶: Serializes the PermissionsDescription into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the PermissionsDescription into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → PermissionsDescription¶: Deserializes the PermissionsDescription from a dictionary.

Information about the principal assigned to the workspace.

display_name: str | None = None¶: The display name of the principal.

group_name: str | None = None¶: The group name of the group. Present only if the principal is a group.

principal_id: int | None = None¶: The unique, opaque id of the principal.

service_principal_name: str | None = None¶: The name of the service principal. Present only if the principal is a service principal.

user_name: str | None = None¶: The username of the user. Present only if the principal is a user.

as_dict() → dict¶: Serializes the PrincipalOutput into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the PrincipalOutput into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → PrincipalOutput¶: Deserializes the PrincipalOutput from a dictionary.

class databricks.sdk.service.iam.RequestAuthzIdentity¶

Defines the identity to be used for authZ of the request on the server side. See one pager for for more information: http://go/acl/service-identity

REQUEST_AUTHZ_IDENTITY_SERVICE_IDENTITY = "REQUEST_AUTHZ_IDENTITY_SERVICE_IDENTITY"¶

REQUEST_AUTHZ_IDENTITY_USER_CONTEXT = "REQUEST_AUTHZ_IDENTITY_USER_CONTEXT"¶

class databricks.sdk.service.iam.ResourceInfo(id: 'str', legacy_acl_path: 'Optional[str]' = None, parent_resource_info: 'Optional[ResourceInfo]' = None)¶

id: str¶: Id of the current resource.

legacy_acl_path: str | None = None¶: The legacy acl path of the current resource.

parent_resource_info: ResourceInfo | None = None¶: Parent resource info for the current resource. The parent may have another parent.

as_dict() → dict¶: Serializes the ResourceInfo into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the ResourceInfo into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → ResourceInfo¶: Deserializes the ResourceInfo from a dictionary.

class databricks.sdk.service.iam.ResourceMeta(resource_type: 'Optional[str]' = None)¶

resource_type: str | None = None¶: Identifier for group type. Can be local workspace group (WorkspaceGroup) or account group (Group).

as_dict() → dict¶: Serializes the ResourceMeta into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the ResourceMeta into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → ResourceMeta¶: Deserializes the ResourceMeta from a dictionary.

class databricks.sdk.service.iam.Role(name: 'str')¶

name: str¶: Role to assign to a principal or a list of principals on a resource.

as_dict() → dict¶: Serializes the Role into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the Role into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → Role¶: Deserializes the Role from a dictionary.

class databricks.sdk.service.iam.RuleSetResponse(name: 'str', etag: 'str', grant_rules: 'Optional[List[GrantRule]]' = None)¶

name: str¶: Name of the rule set.

etag: str¶: Identifies the version of the rule set returned. Etag used for versioning. The response is at least as fresh as the eTag provided. Etag is used for optimistic concurrency control as a way to help prevent simultaneous updates of a rule set from overwriting each other. It is strongly suggested that systems make use of the etag in the read -> modify -> write pattern to perform rule set updates in order to avoid race conditions that is get an etag from a GET rule set request, and pass it with the PUT update request to identify the rule set version you are updating.

grant_rules: List[GrantRule] | None = None¶

as_dict() → dict¶: Serializes the RuleSetResponse into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the RuleSetResponse into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → RuleSetResponse¶: Deserializes the RuleSetResponse from a dictionary.

class databricks.sdk.service.iam.RuleSetUpdateRequest(name: 'str', etag: 'str', grant_rules: 'Optional[List[GrantRule]]' = None)¶

name: str¶: Name of the rule set.

etag: str¶: Identifies the version of the rule set returned. Etag used for versioning. The response is at least as fresh as the eTag provided. Etag is used for optimistic concurrency control as a way to help prevent simultaneous updates of a rule set from overwriting each other. It is strongly suggested that systems make use of the etag in the read -> modify -> write pattern to perform rule set updates in order to avoid race conditions that is get an etag from a GET rule set request, and pass it with the PUT update request to identify the rule set version you are updating.

grant_rules: List[GrantRule] | None = None¶

as_dict() → dict¶: Serializes the RuleSetUpdateRequest into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the RuleSetUpdateRequest into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → RuleSetUpdateRequest¶: Deserializes the RuleSetUpdateRequest from a dictionary.

class databricks.sdk.service.iam.ServicePrincipal(active: 'Optional[bool]' = None, application_id: 'Optional[str]' = None, display_name: 'Optional[str]' = None, entitlements: 'Optional[List[ComplexValue]]' = None, external_id: 'Optional[str]' = None, groups: 'Optional[List[ComplexValue]]' = None, id: 'Optional[str]' = None, roles: 'Optional[List[ComplexValue]]' = None, schemas: 'Optional[List[ServicePrincipalSchema]]' = None)¶

active: bool | None = None¶: If this user is active

application_id: str | None = None¶: UUID relating to the service principal

display_name: str | None = None¶: String that represents a concatenation of given and family names.

entitlements: List[ComplexValue] | None = None¶

Entitlements assigned to the service principal. See [assigning entitlements] for a full list of supported values.

[assigning entitlements]: https://docs.databricks.com/administration-guide/users-groups/index.html#assigning-entitlements

external_id: str | None = None¶

groups: List[ComplexValue] | None = None¶

id: str | None = None¶: Databricks service principal ID.

roles: List[ComplexValue] | None = None¶: Corresponds to AWS instance profile/arn role.

schemas: List[ServicePrincipalSchema] | None = None¶: The schema of the List response.

as_dict() → dict¶: Serializes the ServicePrincipal into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the ServicePrincipal into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → ServicePrincipal¶: Deserializes the ServicePrincipal from a dictionary.

class databricks.sdk.service.iam.ServicePrincipalSchema¶

URN_IETF_PARAMS_SCIM_SCHEMAS_CORE_2_0_SERVICE_PRINCIPAL = "URN_IETF_PARAMS_SCIM_SCHEMAS_CORE_2_0_SERVICE_PRINCIPAL"¶

class databricks.sdk.service.iam.User(active: 'Optional[bool]' = None, display_name: 'Optional[str]' = None, emails: 'Optional[List[ComplexValue]]' = None, entitlements: 'Optional[List[ComplexValue]]' = None, external_id: 'Optional[str]' = None, groups: 'Optional[List[ComplexValue]]' = None, id: 'Optional[str]' = None, name: 'Optional[Name]' = None, roles: 'Optional[List[ComplexValue]]' = None, schemas: 'Optional[List[UserSchema]]' = None, user_name: 'Optional[str]' = None)¶

active: bool | None = None¶: If this user is active

display_name: str | None = None¶

String that represents a concatenation of given and family names. For example John Smith. This field cannot be updated through the Workspace SCIM APIs when [identity federation is enabled]. Use Account SCIM APIs to update displayName.

[identity federation is enabled]: https://docs.databricks.com/administration-guide/users-groups/best-practices.html#enable-identity-federation

emails: List[ComplexValue] | None = None¶: All the emails associated with the Databricks user.

entitlements: List[ComplexValue] | None = None¶

Entitlements assigned to the user. See [assigning entitlements] for a full list of supported values.

[assigning entitlements]: https://docs.databricks.com/administration-guide/users-groups/index.html#assigning-entitlements

external_id: str | None = None¶: External ID is not currently supported. It is reserved for future use.

groups: List[ComplexValue] | None = None¶

id: str | None = None¶: Databricks user ID.

name: Name | None = None¶

roles: List[ComplexValue] | None = None¶: Corresponds to AWS instance profile/arn role.

schemas: List[UserSchema] | None = None¶: The schema of the user.

user_name: str | None = None¶: Email address of the Databricks user.

as_dict() → dict¶: Serializes the User into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the User into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → User¶: Deserializes the User from a dictionary.

class databricks.sdk.service.iam.UserSchema¶

URN_IETF_PARAMS_SCIM_SCHEMAS_CORE_2_0_USER = "URN_IETF_PARAMS_SCIM_SCHEMAS_CORE_2_0_USER"¶

URN_IETF_PARAMS_SCIM_SCHEMAS_EXTENSION_WORKSPACE_2_0_USER = "URN_IETF_PARAMS_SCIM_SCHEMAS_EXTENSION_WORKSPACE_2_0_USER"¶

class databricks.sdk.service.iam.WorkspacePermission¶

ADMIN = "ADMIN"¶

UNKNOWN = "UNKNOWN"¶

USER = "USER"¶

class databricks.sdk.service.iam.WorkspacePermissions(permissions: 'Optional[List[PermissionOutput]]' = None)¶

permissions: List[PermissionOutput] | None = None¶: Array of permissions defined for a workspace.

as_dict() → dict¶: Serializes the WorkspacePermissions into a dictionary suitable for use as a JSON request body.

as_shallow_dict() → dict¶: Serializes the WorkspacePermissions into a shallow dictionary of its immediate attributes.

classmethod from_dict(d: Dict[str, Any]) → WorkspacePermissions¶: Deserializes the WorkspacePermissions from a dictionary.

Navigation

Related Topics

Identity and Access Management¶