w.workspace_iam_v2: workspace_iam.v2

class databricks.sdk.service.iamv2.WorkspaceIamV2API

These APIs are used to manage identities and the workspace access of these identities in <Databricks>.

create_workspace_assignment_detail_proxy(workspace_assignment_detail: WorkspaceAssignmentDetail) WorkspaceAssignmentDetail

Creates a workspace assignment detail for a principal (workspace-level proxy). Entitlement grants are applied individually and non-atomically — if a failure occurs partway through, the principal will be assigned to the workspace but with only a subset of the requested entitlements. Use GetWorkspaceAssignmentDetail to confirm which entitlements were successfully granted.

Parameters:

workspace_assignment_detailWorkspaceAssignmentDetail Required. Workspace assignment detail to be created in <Databricks>.

Returns:

WorkspaceAssignmentDetail

delete_workspace_assignment_detail_proxy(principal_id: int)

Deletes a workspace assignment detail for a principal (workspace-level proxy), revoking all associated entitlements. Entitlement revocations are applied individually and non-atomically — if a failure occurs partway through, the principal remains assigned with a subset of its original entitlements, and the operation is safe to retry.

Parameters:

principal_id – int Required. ID of the principal in Databricks to delete workspace assignment for.

get_workspace_access_detail_local(principal_id: int [, view: Optional[WorkspaceAccessDetailView]]) WorkspaceAccessDetail

Returns the access details for a principal in the current workspace. Allows for checking access details for any provisioned principal (user, service principal, or group) in the current workspace. * Provisioned principal here refers to one that has been synced into Databricks from the customer’s IdP or added explicitly to Databricks via SCIM/UI. Allows for passing in a “view” parameter to control what fields are returned (BASIC by default or FULL).

Parameters:

  • principal_id – int Required. The internal ID of the principal (user/sp/group) for which the access details are being requested.

  • viewWorkspaceAccessDetailView (optional) Controls what fields are returned.

Returns:

WorkspaceAccessDetail

get_workspace_assignment_detail_proxy(principal_id: int) WorkspaceAssignmentDetail

Returns the assignment details for a principal in a workspace (workspace-level proxy).

Parameters:

principal_id – int Required. The internal ID of the principal (user/sp/group) for which the assignment details are being requested.

Returns:

WorkspaceAssignmentDetail

list_workspace_assignment_details_proxy([, page_size: Optional[int], page_token: Optional[str]]) ListWorkspaceAssignmentDetailsResponse

Lists workspace assignment details for a workspace (workspace-level proxy).

Parameters:

  • page_size – int (optional) The maximum number of workspace assignment details to return. The service may return fewer than this value.

  • page_token – str (optional) A page token, received from a previous ListWorkspaceAssignmentDetailsProxy call. Provide this to retrieve the subsequent page.

Returns:

ListWorkspaceAssignmentDetailsResponse

resolve_group_proxy(external_id: str) ResolveGroupResponse

Resolves a group with the given external ID from the customer’s IdP. If the group does not exist, it will be created in the account. If the customer is not onboarded onto Automatic Identity Management (AIM), this will return an error.

Parameters:

external_id – str Required. The external ID of the group in the customer’s IdP.

Returns:

ResolveGroupResponse

resolve_service_principal_proxy(external_id: str) ResolveServicePrincipalResponse

Resolves an SP with the given external ID from the customer’s IdP. If the SP does not exist, it will be created. If the customer is not onboarded onto Automatic Identity Management (AIM), this will return an error.

Parameters:

external_id – str Required. The external ID of the service principal in the customer’s IdP.

Returns:

ResolveServicePrincipalResponse

resolve_user_proxy(external_id: str) ResolveUserResponse

Resolves a user with the given external ID from the customer’s IdP. If the user does not exist, it will be created. If the customer is not onboarded onto Automatic Identity Management (AIM), this will return an error.

Parameters:

external_id – str Required. The external ID of the user in the customer’s IdP.

Returns:

ResolveUserResponse

update_workspace_assignment_detail_proxy(principal_id: int, workspace_assignment_detail: WorkspaceAssignmentDetail, update_mask: FieldMask) WorkspaceAssignmentDetail

Updates the entitlements of a directly assigned principal in a workspace (workspace-level proxy). Entitlement changes are applied individually and non-atomically — if a failure occurs partway through, only a subset of the requested changes may have been applied. Use GetWorkspaceAssignmentDetail to confirm the final state.

Parameters:

  • principal_id – int Required. ID of the principal in Databricks.

  • workspace_assignment_detailWorkspaceAssignmentDetail Required. Workspace assignment detail to be updated in <Databricks>.

  • update_mask – FieldMask Required. The list of fields to update.

Returns:

WorkspaceAssignmentDetail