Skip to main content

roles

Creates, updates, deletes, gets or lists a roles resource.

Overview

Nameroles
TypeResource
Iddatabricks_workspace.postgres.roles

Fields

The following fields are returned by SELECT queries:

NameDatatypeDescription
namestringOutput only. The full resource path of the role. Format: projects/{project_id}/branches/{branch_id}/roles/{role_id}
create_timestring (date-time)
parentstringThe Branch where this Role exists. Format: projects/{project_id}/branches/{branch_id}
specobjectThe spec contains the role configuration, including identity type, authentication method, and role attributes.
statusobjectCurrent status of the role, including its identity type, authentication method, and role attributes.
update_timestring (date-time)

Methods

The following methods are available for this resource:

NameAccessible byRequired ParamsOptional ParamsDescription
listselectproject_id, branch_id, deployment_namepage_size, page_tokenReturns a paginated list of Postgres roles in the branch.
getselectproject_id, branch_id, role_id, deployment_nameRetrieves information about the specified Postgres role, including its authentication method and
createinsertproject_id, branch_id, deployment_name, rolerole_idCreates a new Postgres role in the branch.
deletedeleteproject_id, branch_id, role_id, deployment_namereassign_owned_toDeletes the specified Postgres role.

Parameters

Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.

NameDatatypeDescription
branch_idstringThe unique identifier of the branch. Format: projects/{project_id}/branches/{branch_id}
deployment_namestringThe Databricks Workspace Deployment Name (default: dbc-abcd0123-a1bc)
project_idstringThe unique identifier of the Postgres project. Format: projects/{project_id}
role_idstringThe unique identifier of the role to delete. Format: projects/{project_id}/branches/{branch_id}/roles/{role_id}
page_sizeintegerUpper bound for items returned. Cannot be negative.
page_tokenstringPage token from a previous response. If not provided, returns the first page.
reassign_owned_tostringReassign objects. If this is set, all objects owned by the role are reassigned to the role specified in this parameter. NOTE: setting this requires spinning up a compute to succeed, since it involves running SQL queries.
role_idstringThe ID to use for the Role, which will become the final component of the role's resource name. This ID becomes the role in Postgres. This value should be 4-63 characters, and valid characters are lowercase letters, numbers, and hyphens, as defined by RFC 1123. If role_id is not specified in the request, it is generated automatically.

SELECT examples

Returns a paginated list of Postgres roles in the branch.

SELECT
name,
create_time,
parent,
spec,
status,
update_time
FROM databricks_workspace.postgres.roles
WHERE project_id = '{{ project_id }}' -- required
AND branch_id = '{{ branch_id }}' -- required
AND deployment_name = '{{ deployment_name }}' -- required
AND page_size = '{{ page_size }}'
AND page_token = '{{ page_token }}'
;

INSERT examples

Creates a new Postgres role in the branch.

INSERT INTO databricks_workspace.postgres.roles (
role,
project_id,
branch_id,
deployment_name,
role_id
)
SELECT 
'{{ role }}' /* required */,
'{{ project_id }}',
'{{ branch_id }}',
'{{ deployment_name }}',
'{{ role_id }}'
;

DELETE examples

Deletes the specified Postgres role.

DELETE FROM databricks_workspace.postgres.roles
WHERE project_id = '{{ project_id }}' --required
AND branch_id = '{{ branch_id }}' --required
AND role_id = '{{ role_id }}' --required
AND deployment_name = '{{ deployment_name }}' --required
AND reassign_owned_to = '{{ reassign_owned_to }}'
;