assignable_roles
Creates, updates, deletes, gets or lists an assignable_roles resource.
Overview
| Name | assignable_roles |
| Type | Resource |
| Id | databricks_workspace.iam.assignable_roles |
Fields
The following fields are returned by SELECT queries:
- get
| Name | Datatype | Description |
|---|---|---|
roles | array |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get | select | resource, deployment_name | Gets all the roles that can be granted on an account level resource. A role is grantable if the rule |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
deployment_name | string | The Databricks Workspace Deployment Name (default: dbc-abcd0123-a1bc) |
resource | string | The resource name for which assignable roles will be listed. Examples | Summary :--- | :--- resource=accounts/<ACCOUNT_ID> | A resource name for the account. resource=accounts/<ACCOUNT_ID>/groups/<GROUP_ID> | A resource name for the group. resource=accounts/<ACCOUNT_ID>/servicePrincipals/<SP_ID> | A resource name for the service principal. resource=accounts/<ACCOUNT_ID>/tagPolicies/<TAG_POLICY_ID> | A resource name for the tag policy. |
SELECT examples
- get
Gets all the roles that can be granted on an account level resource. A role is grantable if the rule
SELECT
roles
FROM databricks_workspace.iam.assignable_roles
WHERE resource = '{{ resource }}' -- required
AND deployment_name = '{{ deployment_name }}' -- required
;