Identity and Access Management¶
These dataclasses are used in the SDK to represent API requests and responses for services in the databricks.sdk.service.iam
module.
- class databricks.sdk.service.iam.AccessControlRequest¶
- group_name: str | None = None¶
name of the group
- permission_level: PermissionLevel | None = None¶
Permission level
- service_principal_name: str | None = None¶
application ID of a service principal
- user_name: str | None = None¶
name of the user
- as_dict() dict ¶
Serializes the AccessControlRequest into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) AccessControlRequest ¶
Deserializes the AccessControlRequest from a dictionary.
- class databricks.sdk.service.iam.AccessControlResponse¶
- all_permissions: List[Permission] | None = None¶
All permissions.
- display_name: str | None = None¶
Display name of the user or service principal.
- group_name: str | None = None¶
name of the group
- service_principal_name: str | None = None¶
Name of the service principal.
- user_name: str | None = None¶
name of the user
- as_dict() dict ¶
Serializes the AccessControlResponse into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) AccessControlResponse ¶
Deserializes the AccessControlResponse from a dictionary.
- class databricks.sdk.service.iam.ComplexValue¶
- display: str | None = None¶
- primary: bool | None = None¶
- ref: str | None = None¶
- type: str | None = None¶
- value: str | None = None¶
- as_dict() dict ¶
Serializes the ComplexValue into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) ComplexValue ¶
Deserializes the ComplexValue from a dictionary.
- class databricks.sdk.service.iam.DeleteResponse¶
- as_dict() dict ¶
Serializes the DeleteResponse into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) DeleteResponse ¶
Deserializes the DeleteResponse from a dictionary.
- class databricks.sdk.service.iam.DeleteWorkspaceAssignments¶
- as_dict() dict ¶
Serializes the DeleteWorkspaceAssignments into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) DeleteWorkspaceAssignments ¶
Deserializes the DeleteWorkspaceAssignments from a dictionary.
- class databricks.sdk.service.iam.GetAssignableRolesForResourceResponse¶
-
- as_dict() dict ¶
Serializes the GetAssignableRolesForResourceResponse into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) GetAssignableRolesForResourceResponse ¶
Deserializes the GetAssignableRolesForResourceResponse from a dictionary.
- class databricks.sdk.service.iam.GetPasswordPermissionLevelsResponse¶
- permission_levels: List[PasswordPermissionsDescription] | None = None¶
Specific permission levels
- as_dict() dict ¶
Serializes the GetPasswordPermissionLevelsResponse into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) GetPasswordPermissionLevelsResponse ¶
Deserializes the GetPasswordPermissionLevelsResponse from a dictionary.
- class databricks.sdk.service.iam.GetPermissionLevelsResponse¶
- permission_levels: List[PermissionsDescription] | None = None¶
Specific permission levels
- as_dict() dict ¶
Serializes the GetPermissionLevelsResponse into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) GetPermissionLevelsResponse ¶
Deserializes the GetPermissionLevelsResponse from a dictionary.
- class databricks.sdk.service.iam.GrantRule¶
- role: str¶
Role that is assigned to the list of principals.
- principals: List[str] | None = None¶
Principals this grant rule applies to.
- as_dict() dict ¶
Serializes the GrantRule into a dictionary suitable for use as a JSON request body.
- class databricks.sdk.service.iam.Group¶
- display_name: str | None = None¶
String that represents a human-readable group name
- entitlements: List[ComplexValue] | None = None¶
Entitlements assigned to the group. See [assigning entitlements] for a full list of supported values.
[assigning entitlements]: https://docs.databricks.com/administration-guide/users-groups/index.html#assigning-entitlements
- external_id: str | None = None¶
- groups: List[ComplexValue] | None = None¶
- id: str | None = None¶
Databricks group ID
- members: List[ComplexValue] | None = None¶
- meta: ResourceMeta | None = None¶
Container for the group identifier. Workspace local versus account.
- roles: List[ComplexValue] | None = None¶
Corresponds to AWS instance profile/arn role.
- schemas: List[GroupSchema] | None = None¶
The schema of the group.
- as_dict() dict ¶
Serializes the Group into a dictionary suitable for use as a JSON request body.
- class databricks.sdk.service.iam.GroupSchema¶
- URN_IETF_PARAMS_SCIM_SCHEMAS_CORE_2_0_GROUP = "URN_IETF_PARAMS_SCIM_SCHEMAS_CORE_2_0_GROUP"¶
- class databricks.sdk.service.iam.ListGroupsResponse¶
- items_per_page: int | None = None¶
Total results returned in the response.
- schemas: List[ListResponseSchema] | None = None¶
The schema of the service principal.
- start_index: int | None = None¶
Starting index of all the results that matched the request filters. First item is number 1.
- total_results: int | None = None¶
Total results that match the request filters.
- as_dict() dict ¶
Serializes the ListGroupsResponse into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) ListGroupsResponse ¶
Deserializes the ListGroupsResponse from a dictionary.
- class databricks.sdk.service.iam.ListResponseSchema¶
- URN_IETF_PARAMS_SCIM_API_MESSAGES_2_0_LIST_RESPONSE = "URN_IETF_PARAMS_SCIM_API_MESSAGES_2_0_LIST_RESPONSE"¶
- class databricks.sdk.service.iam.ListServicePrincipalResponse¶
- items_per_page: int | None = None¶
Total results returned in the response.
- resources: List[ServicePrincipal] | None = None¶
User objects returned in the response.
- schemas: List[ListResponseSchema] | None = None¶
The schema of the List response.
- start_index: int | None = None¶
Starting index of all the results that matched the request filters. First item is number 1.
- total_results: int | None = None¶
Total results that match the request filters.
- as_dict() dict ¶
Serializes the ListServicePrincipalResponse into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) ListServicePrincipalResponse ¶
Deserializes the ListServicePrincipalResponse from a dictionary.
- class databricks.sdk.service.iam.ListUsersResponse¶
- items_per_page: int | None = None¶
Total results returned in the response.
- schemas: List[ListResponseSchema] | None = None¶
The schema of the List response.
- start_index: int | None = None¶
Starting index of all the results that matched the request filters. First item is number 1.
- total_results: int | None = None¶
Total results that match the request filters.
- as_dict() dict ¶
Serializes the ListUsersResponse into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) ListUsersResponse ¶
Deserializes the ListUsersResponse from a dictionary.
- class databricks.sdk.service.iam.Name¶
- family_name: str | None = None¶
Family name of the Databricks user.
- given_name: str | None = None¶
Given name of the Databricks user.
- as_dict() dict ¶
Serializes the Name into a dictionary suitable for use as a JSON request body.
- class databricks.sdk.service.iam.ObjectPermissions¶
- access_control_list: List[AccessControlResponse] | None = None¶
- object_id: str | None = None¶
- object_type: str | None = None¶
- as_dict() dict ¶
Serializes the ObjectPermissions into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) ObjectPermissions ¶
Deserializes the ObjectPermissions from a dictionary.
- class databricks.sdk.service.iam.PartialUpdate¶
- id: str | None = None¶
Unique ID for a user in the Databricks workspace.
- schemas: List[PatchSchema] | None = None¶
The schema of the patch request. Must be [”urn:ietf:params:scim:api:messages:2.0:PatchOp”].
- as_dict() dict ¶
Serializes the PartialUpdate into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) PartialUpdate ¶
Deserializes the PartialUpdate from a dictionary.
- class databricks.sdk.service.iam.PasswordAccessControlRequest¶
- group_name: str | None = None¶
name of the group
- permission_level: PasswordPermissionLevel | None = None¶
Permission level
- service_principal_name: str | None = None¶
application ID of a service principal
- user_name: str | None = None¶
name of the user
- as_dict() dict ¶
Serializes the PasswordAccessControlRequest into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) PasswordAccessControlRequest ¶
Deserializes the PasswordAccessControlRequest from a dictionary.
- class databricks.sdk.service.iam.PasswordAccessControlResponse¶
- all_permissions: List[PasswordPermission] | None = None¶
All permissions.
- display_name: str | None = None¶
Display name of the user or service principal.
- group_name: str | None = None¶
name of the group
- service_principal_name: str | None = None¶
Name of the service principal.
- user_name: str | None = None¶
name of the user
- as_dict() dict ¶
Serializes the PasswordAccessControlResponse into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) PasswordAccessControlResponse ¶
Deserializes the PasswordAccessControlResponse from a dictionary.
- class databricks.sdk.service.iam.PasswordPermission¶
- inherited: bool | None = None¶
- inherited_from_object: List[str] | None = None¶
- permission_level: PasswordPermissionLevel | None = None¶
Permission level
- as_dict() dict ¶
Serializes the PasswordPermission into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) PasswordPermission ¶
Deserializes the PasswordPermission from a dictionary.
- class databricks.sdk.service.iam.PasswordPermissions¶
- access_control_list: List[PasswordAccessControlResponse] | None = None¶
- object_id: str | None = None¶
- object_type: str | None = None¶
- as_dict() dict ¶
Serializes the PasswordPermissions into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) PasswordPermissions ¶
Deserializes the PasswordPermissions from a dictionary.
- class databricks.sdk.service.iam.PasswordPermissionsDescription¶
- description: str | None = None¶
- permission_level: PasswordPermissionLevel | None = None¶
Permission level
- as_dict() dict ¶
Serializes the PasswordPermissionsDescription into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) PasswordPermissionsDescription ¶
Deserializes the PasswordPermissionsDescription from a dictionary.
- class databricks.sdk.service.iam.PasswordPermissionsRequest¶
- access_control_list: List[PasswordAccessControlRequest] | None = None¶
- as_dict() dict ¶
Serializes the PasswordPermissionsRequest into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) PasswordPermissionsRequest ¶
Deserializes the PasswordPermissionsRequest from a dictionary.
- class databricks.sdk.service.iam.Patch¶
-
- path: str | None = None¶
Selection of patch operation
- value: Any | None = None¶
Value to modify
- as_dict() dict ¶
Serializes the Patch into a dictionary suitable for use as a JSON request body.
- class databricks.sdk.service.iam.PatchOp¶
Type of patch operation.
- ADD = "ADD"¶
- REMOVE = "REMOVE"¶
- REPLACE = "REPLACE"¶
- class databricks.sdk.service.iam.PatchResponse¶
- as_dict() dict ¶
Serializes the PatchResponse into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) PatchResponse ¶
Deserializes the PatchResponse from a dictionary.
- class databricks.sdk.service.iam.PatchSchema¶
- URN_IETF_PARAMS_SCIM_API_MESSAGES_2_0_PATCH_OP = "URN_IETF_PARAMS_SCIM_API_MESSAGES_2_0_PATCH_OP"¶
- class databricks.sdk.service.iam.Permission¶
- inherited: bool | None = None¶
- inherited_from_object: List[str] | None = None¶
- permission_level: PermissionLevel | None = None¶
Permission level
- as_dict() dict ¶
Serializes the Permission into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) Permission ¶
Deserializes the Permission from a dictionary.
- class databricks.sdk.service.iam.PermissionAssignment¶
- error: str | None = None¶
Error response associated with a workspace permission assignment, if any.
- permissions: List[WorkspacePermission] | None = None¶
The permissions level of the principal.
- principal: PrincipalOutput | None = None¶
Information about the principal assigned to the workspace.
- as_dict() dict ¶
Serializes the PermissionAssignment into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) PermissionAssignment ¶
Deserializes the PermissionAssignment from a dictionary.
- class databricks.sdk.service.iam.PermissionAssignments¶
- permission_assignments: List[PermissionAssignment] | None = None¶
Array of permissions assignments defined for a workspace.
- as_dict() dict ¶
Serializes the PermissionAssignments into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) PermissionAssignments ¶
Deserializes the PermissionAssignments from a dictionary.
- class databricks.sdk.service.iam.PermissionLevel¶
Permission level
- CAN_ATTACH_TO = "CAN_ATTACH_TO"¶
- CAN_BIND = "CAN_BIND"¶
- CAN_EDIT = "CAN_EDIT"¶
- CAN_EDIT_METADATA = "CAN_EDIT_METADATA"¶
- CAN_MANAGE = "CAN_MANAGE"¶
- CAN_MANAGE_PRODUCTION_VERSIONS = "CAN_MANAGE_PRODUCTION_VERSIONS"¶
- CAN_MANAGE_RUN = "CAN_MANAGE_RUN"¶
- CAN_MANAGE_STAGING_VERSIONS = "CAN_MANAGE_STAGING_VERSIONS"¶
- CAN_QUERY = "CAN_QUERY"¶
- CAN_READ = "CAN_READ"¶
- CAN_RESTART = "CAN_RESTART"¶
- CAN_RUN = "CAN_RUN"¶
- CAN_USE = "CAN_USE"¶
- CAN_VIEW = "CAN_VIEW"¶
- CAN_VIEW_METADATA = "CAN_VIEW_METADATA"¶
- IS_OWNER = "IS_OWNER"¶
- class databricks.sdk.service.iam.PermissionMigrationRequest¶
- workspace_id: int¶
WorkspaceId of the associated workspace where the permission migration will occur. Both workspace group and account group must be in this workspace.
- from_workspace_group_name: str¶
The name of the workspace group that permissions will be migrated from.
- to_account_group_name: str¶
The name of the account group that permissions will be migrated to.
- size: int | None = None¶
The maximum number of permissions that will be migrated.
- as_dict() dict ¶
Serializes the PermissionMigrationRequest into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) PermissionMigrationRequest ¶
Deserializes the PermissionMigrationRequest from a dictionary.
- class databricks.sdk.service.iam.PermissionMigrationResponse¶
- permissions_migrated: int | None = None¶
Number of permissions migrated.
- as_dict() dict ¶
Serializes the PermissionMigrationResponse into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) PermissionMigrationResponse ¶
Deserializes the PermissionMigrationResponse from a dictionary.
- class databricks.sdk.service.iam.PermissionOutput¶
- description: str | None = None¶
The results of a permissions query.
- permission_level: WorkspacePermission | None = None¶
- as_dict() dict ¶
Serializes the PermissionOutput into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) PermissionOutput ¶
Deserializes the PermissionOutput from a dictionary.
- class databricks.sdk.service.iam.PermissionsDescription¶
- description: str | None = None¶
- permission_level: PermissionLevel | None = None¶
Permission level
- as_dict() dict ¶
Serializes the PermissionsDescription into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) PermissionsDescription ¶
Deserializes the PermissionsDescription from a dictionary.
- class databricks.sdk.service.iam.PermissionsRequest¶
- access_control_list: List[AccessControlRequest] | None = None¶
- request_object_id: str | None = None¶
The id of the request object.
- request_object_type: str | None = None¶
The type of the request object. Can be one of the following: authorization, clusters, cluster-policies, directories, experiments, files, instance-pools, jobs, notebooks, pipelines, registered-models, repos, serving-endpoints, or warehouses.
- as_dict() dict ¶
Serializes the PermissionsRequest into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) PermissionsRequest ¶
Deserializes the PermissionsRequest from a dictionary.
- class databricks.sdk.service.iam.PrincipalOutput¶
- display_name: str | None = None¶
The display name of the principal.
- group_name: str | None = None¶
The group name of the group. Present only if the principal is a group.
- principal_id: int | None = None¶
The unique, opaque id of the principal.
- service_principal_name: str | None = None¶
The name of the service principal. Present only if the principal is a service principal.
- user_name: str | None = None¶
The username of the user. Present only if the principal is a user.
- as_dict() dict ¶
Serializes the PrincipalOutput into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) PrincipalOutput ¶
Deserializes the PrincipalOutput from a dictionary.
- class databricks.sdk.service.iam.ResourceMeta¶
- resource_type: str | None = None¶
Identifier for group type. Can be local workspace group (WorkspaceGroup) or account group (Group).
- as_dict() dict ¶
Serializes the ResourceMeta into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) ResourceMeta ¶
Deserializes the ResourceMeta from a dictionary.
- class databricks.sdk.service.iam.Role¶
- name: str¶
Role to assign to a principal or a list of principals on a resource.
- as_dict() dict ¶
Serializes the Role into a dictionary suitable for use as a JSON request body.
- class databricks.sdk.service.iam.RuleSetResponse¶
- etag: str | None = None¶
Identifies the version of the rule set returned.
- name: str | None = None¶
Name of the rule set.
- as_dict() dict ¶
Serializes the RuleSetResponse into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) RuleSetResponse ¶
Deserializes the RuleSetResponse from a dictionary.
- class databricks.sdk.service.iam.RuleSetUpdateRequest¶
- name: str¶
Name of the rule set.
- etag: str¶
The expected etag of the rule set to update. The update will fail if the value does not match the value that is stored in account access control service.
- as_dict() dict ¶
Serializes the RuleSetUpdateRequest into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) RuleSetUpdateRequest ¶
Deserializes the RuleSetUpdateRequest from a dictionary.
- class databricks.sdk.service.iam.ServicePrincipal¶
- active: bool | None = None¶
If this user is active
- application_id: str | None = None¶
UUID relating to the service principal
- display_name: str | None = None¶
String that represents a concatenation of given and family names.
- entitlements: List[ComplexValue] | None = None¶
Entitlements assigned to the service principal. See [assigning entitlements] for a full list of supported values.
[assigning entitlements]: https://docs.databricks.com/administration-guide/users-groups/index.html#assigning-entitlements
- external_id: str | None = None¶
- groups: List[ComplexValue] | None = None¶
- id: str | None = None¶
Databricks service principal ID.
- roles: List[ComplexValue] | None = None¶
Corresponds to AWS instance profile/arn role.
- schemas: List[ServicePrincipalSchema] | None = None¶
The schema of the List response.
- as_dict() dict ¶
Serializes the ServicePrincipal into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) ServicePrincipal ¶
Deserializes the ServicePrincipal from a dictionary.
- class databricks.sdk.service.iam.ServicePrincipalSchema¶
- URN_IETF_PARAMS_SCIM_SCHEMAS_CORE_2_0_SERVICE_PRINCIPAL = "URN_IETF_PARAMS_SCIM_SCHEMAS_CORE_2_0_SERVICE_PRINCIPAL"¶
- class databricks.sdk.service.iam.UpdateResponse¶
- as_dict() dict ¶
Serializes the UpdateResponse into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) UpdateResponse ¶
Deserializes the UpdateResponse from a dictionary.
- class databricks.sdk.service.iam.UpdateRuleSetRequest¶
- name: str¶
Name of the rule set.
- rule_set: RuleSetUpdateRequest¶
- as_dict() dict ¶
Serializes the UpdateRuleSetRequest into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) UpdateRuleSetRequest ¶
Deserializes the UpdateRuleSetRequest from a dictionary.
- class databricks.sdk.service.iam.UpdateWorkspaceAssignments¶
- permissions: List[WorkspacePermission]¶
Array of permissions assignments to update on the workspace. Note that excluding this field will have the same effect as providing an empty list which will result in the deletion of all permissions for the principal.
- principal_id: int | None = None¶
The ID of the user, service principal, or group.
- workspace_id: int | None = None¶
The workspace ID.
- as_dict() dict ¶
Serializes the UpdateWorkspaceAssignments into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) UpdateWorkspaceAssignments ¶
Deserializes the UpdateWorkspaceAssignments from a dictionary.
- class databricks.sdk.service.iam.User¶
- active: bool | None = None¶
If this user is active
- display_name: str | None = None¶
String that represents a concatenation of given and family names. For example John Smith. This field cannot be updated through the Workspace SCIM APIs when [identity federation is enabled]. Use Account SCIM APIs to update displayName.
[identity federation is enabled]: https://docs.databricks.com/administration-guide/users-groups/best-practices.html#enable-identity-federation
- emails: List[ComplexValue] | None = None¶
All the emails associated with the Databricks user.
- entitlements: List[ComplexValue] | None = None¶
Entitlements assigned to the user. See [assigning entitlements] for a full list of supported values.
[assigning entitlements]: https://docs.databricks.com/administration-guide/users-groups/index.html#assigning-entitlements
- external_id: str | None = None¶
External ID is not currently supported. It is reserved for future use.
- groups: List[ComplexValue] | None = None¶
- id: str | None = None¶
Databricks user ID. This is automatically set by Databricks. Any value provided by the client will be ignored.
- roles: List[ComplexValue] | None = None¶
Corresponds to AWS instance profile/arn role.
- schemas: List[UserSchema] | None = None¶
The schema of the user.
- user_name: str | None = None¶
Email address of the Databricks user.
- as_dict() dict ¶
Serializes the User into a dictionary suitable for use as a JSON request body.
- class databricks.sdk.service.iam.UserSchema¶
- URN_IETF_PARAMS_SCIM_SCHEMAS_CORE_2_0_USER = "URN_IETF_PARAMS_SCIM_SCHEMAS_CORE_2_0_USER"¶
- URN_IETF_PARAMS_SCIM_SCHEMAS_EXTENSION_WORKSPACE_2_0_USER = "URN_IETF_PARAMS_SCIM_SCHEMAS_EXTENSION_WORKSPACE_2_0_USER"¶
- class databricks.sdk.service.iam.WorkspacePermission¶
- ADMIN = "ADMIN"¶
- UNKNOWN = "UNKNOWN"¶
- USER = "USER"¶
- class databricks.sdk.service.iam.WorkspacePermissions¶
- permissions: List[PermissionOutput] | None = None¶
Array of permissions defined for a workspace.
- as_dict() dict ¶
Serializes the WorkspacePermissions into a dictionary suitable for use as a JSON request body.
- classmethod from_dict(d: Dict[str, any]) WorkspacePermissions ¶
Deserializes the WorkspacePermissions from a dictionary.