access_control
Creates, updates, deletes, gets or lists an access_control resource.
Overview
| Name | access_control |
| Type | Resource |
| Id | databricks_workspace.iam.access_control |
Fields
The following fields are returned by SELECT queries:
- check
| Name | Datatype | Description |
|---|---|---|
consistency_token | object | |
is_permitted | boolean |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
check | select | actor, permission, resource, consistency_token, authz_identity, deployment_name | resource_info | Check access policy to a resource. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
actor | object | :param permission: str |
authz_identity | string | |
consistency_token | object | :param authz_identity: :class:RequestAuthzIdentity |
deployment_name | string | The Databricks Workspace Deployment Name (default: dbc-abcd0123-a1bc) |
permission | string | |
resource | string | Ex: (servicePrincipal/use, accounts/<account-id>/servicePrincipals/<sp-id>) Ex: (servicePrincipal.ruleSet/update, accounts/<account-id>/servicePrincipals/<sp-id>/ruleSets/default) |
resource_info | object | :returns: :class:CheckPolicyResponse |
SELECT examples
- check
Check access policy to a resource.
SELECT
consistency_token,
is_permitted
FROM databricks_workspace.iam.access_control
WHERE actor = '{{ actor }}' -- required
AND permission = '{{ permission }}' -- required
AND resource = '{{ resource }}' -- required
AND consistency_token = '{{ consistency_token }}' -- required
AND authz_identity = '{{ authz_identity }}' -- required
AND deployment_name = '{{ deployment_name }}' -- required
AND resource_info = '{{ resource_info }}'
;