service_principal_secrets
Creates, updates, deletes, gets or lists a service_principal_secrets resource.
Overview
| Name | service_principal_secrets |
| Type | Resource |
| Id | databricks_workspace.oauth2.service_principal_secrets |
Fields
The following fields are returned by SELECT queries:
- list
| Name | Datatype | Description |
|---|---|---|
id | string | ID of the secret |
create_time | string | |
expire_time | string | UTC time when the secret will expire. If the field is not present, the secret does not expire. |
secret_hash | string | Secret Hash |
status | string | Status of the secret |
update_time | string | UTC time when the secret was updated |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
list | select | service_principal_id, deployment_name | page_size, page_token | List all secrets associated with the given service principal. This operation only returns information |
create | insert | service_principal_id, deployment_name | Create a secret for the given service principal. | |
delete | delete | service_principal_id, secret_id, deployment_name | Delete a secret from the given service principal. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
deployment_name | string | The Databricks Workspace Deployment Name (default: dbc-abcd0123-a1bc) |
secret_id | string | The secret ID. |
service_principal_id | string | The service principal ID. |
page_size | integer | |
page_token | string | An opaque page token which was the next_page_token in the response of the previous request to list the secrets for this service principal. Provide this token to retrieve the next page of secret entries. When providing a page_token, all other parameters provided to the request must match the previous request. To list all of the secrets for a service principal, it is necessary to continue requesting pages of entries until the response contains no next_page_token. Note that the number of entries returned must not be used to determine when the listing is complete. |
SELECT examples
- list
List all secrets associated with the given service principal. This operation only returns information
SELECT
id,
create_time,
expire_time,
secret_hash,
status,
update_time
FROM databricks_workspace.oauth2.service_principal_secrets
WHERE service_principal_id = '{{ service_principal_id }}' -- required
AND deployment_name = '{{ deployment_name }}' -- required
AND page_size = '{{ page_size }}'
AND page_token = '{{ page_token }}'
;
INSERT examples
- create
- Manifest
Create a secret for the given service principal.
INSERT INTO databricks_workspace.oauth2.service_principal_secrets (
lifetime,
service_principal_id,
deployment_name
)
SELECT
'{{ lifetime }}',
'{{ service_principal_id }}',
'{{ deployment_name }}'
RETURNING
id,
create_time,
expire_time,
secret,
secret_hash,
status,
update_time
;
# Description fields are for documentation purposes
- name: service_principal_secrets
props:
- name: service_principal_id
value: "{{ service_principal_id }}"
description: Required parameter for the service_principal_secrets resource.
- name: deployment_name
value: "{{ deployment_name }}"
description: Required parameter for the service_principal_secrets resource.
- name: lifetime
value: "{{ lifetime }}"
description: |
The lifetime of the secret in seconds. If this parameter is not provided, the secret will have a default lifetime of 730 days (63072000s).
DELETE examples
- delete
Delete a secret from the given service principal.
DELETE FROM databricks_workspace.oauth2.service_principal_secrets
WHERE service_principal_id = '{{ service_principal_id }}' --required
AND secret_id = '{{ secret_id }}' --required
AND deployment_name = '{{ deployment_name }}' --required
;