vw_account_storage_credentials

Creates, updates, deletes, gets or lists a vw_account_storage_credentials resource.

Overview

Name	`vw_account_storage_credentials`
Type	View
Id	`databricks_account.catalog.vw_account_storage_credentials`

Fields

The following fields are returned by this view:

Name	Datatype	Description
`account_id`	`string`	Databricks account ID used to scope the query.
`metastore_id`	`string`	Metastore ID used to scope the query.
`id`	`string`	Unique identifier for the storage credential.
`name`	`string`	Name of the storage credential.
`full_name`	`string`	Fully qualified name of the storage credential.
`owner`	`string`	Username or group that owns the storage credential.
`read_only`	`boolean`	Whether the storage credential is restricted to read-only access.
`used_for_managed_storage`	`boolean`	Whether this credential is used for managed storage in the metastore.
`isolation_mode`	`string`	Isolation mode controlling which workspaces can use this credential.
`created_at`	`integer`	Unix timestamp (ms) when the credential was created.
`created_by`	`string`	Identity that created the storage credential.
`updated_at`	`integer`	Unix timestamp (ms) when the credential was last updated.
`updated_by`	`string`	Identity that last updated the storage credential.
`comment`	`string`	Optional free-text comment describing the storage credential.
`aws_role_arn`	`string`	ARN of the AWS IAM role used for credential (AWS only).
`aws_external_id`	`string`	External ID used when assuming the AWS IAM role (AWS only).
`aws_unity_catalog_iam_arn`	`string`	ARN of the Unity Catalog IAM role for the AWS credential (AWS only).
`azure_access_connector_id`	`string`	Resource ID of the Azure Databricks Access Connector (Azure managed identity only).
`azure_credential_id`	`string`	Credential ID for the Azure managed identity (Azure managed identity only).
`azure_managed_identity_id`	`string`	ID of the Azure managed identity (Azure managed identity only).
`azure_directory_id`	`string`	Azure Active Directory tenant ID for the service principal (Azure service principal only).
`azure_application_id`	`string`	Application (client) ID of the Azure service principal (Azure service principal only).
`cloudflare_access_key_id`	`string`	Access key ID for the Cloudflare API token credential (Cloudflare only).
`cloudflare_account_id`	`string`	Cloudflare account ID associated with the API token credential (Cloudflare only).
`gcp_credential_id`	`string`	Credential ID for the Databricks GCP service account (GCP only).
`gcp_service_account_email`	`string`	Email address of the Databricks-managed GCP service account (GCP only).
`cloud_type`	`string`	Derived cloud provider type - one of AWS, AZURE_MANAGED_IDENTITY, AZURE_SERVICE_PRINCIPAL, CLOUDFLARE, GCP, or UNKNOWN.

Required Parameters

The following parameters are required by this view:

Name	Datatype	Description
`account_id`	`string`	Databricks account ID used to scope the query.
`metastore_id`	`string`	Metastore ID used to scope the query.

`SELECT` Examples

SELECT
  account_id,
  metastore_id,
  id,
  name,
  full_name,
  owner,
  read_only,
  used_for_managed_storage,
  isolation_mode,
  created_at,
  created_by,
  updated_at,
  updated_by,
  comment,
  aws_role_arn,
  aws_external_id,
  aws_unity_catalog_iam_arn,
  azure_access_connector_id,
  azure_credential_id,
  azure_managed_identity_id,
  azure_directory_id,
  azure_application_id,
  cloudflare_access_key_id,
  cloudflare_account_id,
  gcp_credential_id,
  gcp_service_account_email,
  cloud_type
FROM databricks_account.catalog.vw_account_storage_credentials
WHERE account_id = '{{ account_id }}'
  AND metastore_id = '{{ metastore_id }}';

SQL Definition

Sqlite3
Postgres

SELECT
  sc.account_id,
  sc.metastore_id,
  sc.id,
  sc.name,
  sc.full_name,
  sc.owner,
  sc.read_only,
  sc.used_for_managed_storage,
  sc.isolation_mode,
  sc.created_at,
  sc.created_by,
  sc.updated_at,
  sc.updated_by,
  sc.comment,
  JSON_EXTRACT(sc.aws_iam_role, '$.role_arn') AS aws_role_arn,
  JSON_EXTRACT(sc.aws_iam_role, '$.external_id') AS aws_external_id,
  JSON_EXTRACT(sc.aws_iam_role, '$.unity_catalog_iam_arn') AS aws_unity_catalog_iam_arn,
  JSON_EXTRACT(sc.azure_managed_identity, '$.access_connector_id') AS azure_access_connector_id,
  JSON_EXTRACT(sc.azure_managed_identity, '$.credential_id') AS azure_credential_id,
  JSON_EXTRACT(sc.azure_managed_identity, '$.managed_identity_id') AS azure_managed_identity_id,
  JSON_EXTRACT(sc.azure_service_principal, '$.directory_id') AS azure_directory_id,
  JSON_EXTRACT(sc.azure_service_principal, '$.application_id') AS azure_application_id,
  JSON_EXTRACT(sc.cloudflare_api_token, '$.access_key_id') AS cloudflare_access_key_id,
  JSON_EXTRACT(sc.cloudflare_api_token, '$.account_id') AS cloudflare_account_id,
  JSON_EXTRACT(sc.databricks_gcp_service_account, '$.credential_id') AS gcp_credential_id,
  JSON_EXTRACT(sc.databricks_gcp_service_account, '$.email') AS gcp_service_account_email,
  CASE
    WHEN sc.aws_iam_role IS NOT NULL THEN 'AWS'
    WHEN sc.azure_managed_identity IS NOT NULL THEN 'AZURE_MANAGED_IDENTITY'
    WHEN sc.azure_service_principal IS NOT NULL THEN 'AZURE_SERVICE_PRINCIPAL'
    WHEN sc.cloudflare_api_token IS NOT NULL THEN 'CLOUDFLARE'
    WHEN sc.databricks_gcp_service_account IS NOT NULL THEN 'GCP'
    ELSE 'UNKNOWN'
  END AS cloud_type
FROM databricks_account.catalog.account_storage_credentials sc
WHERE account_id = '{{ account_id }}'
AND metastore_id = '{{ metastore_id }}'

SELECT
  sc.account_id,
  sc.metastore_id,
  sc.id,
  sc.name,
  sc.full_name,
  sc.owner,
  sc.read_only,
  sc.used_for_managed_storage,
  sc.isolation_mode,
  sc.created_at,
  sc.created_by,
  sc.updated_at,
  sc.updated_by,
  sc.comment,
  sc.aws_iam_role->>'role_arn' AS aws_role_arn,
  sc.aws_iam_role->>'external_id' AS aws_external_id,
  sc.aws_iam_role->>'unity_catalog_iam_arn' AS aws_unity_catalog_iam_arn,
  sc.azure_managed_identity->>'access_connector_id' AS azure_access_connector_id,
  sc.azure_managed_identity->>'credential_id' AS azure_credential_id,
  sc.azure_managed_identity->>'managed_identity_id' AS azure_managed_identity_id,
  sc.azure_service_principal->>'directory_id' AS azure_directory_id,
  sc.azure_service_principal->>'application_id' AS azure_application_id,
  sc.cloudflare_api_token->>'access_key_id' AS cloudflare_access_key_id,
  sc.cloudflare_api_token->>'account_id' AS cloudflare_account_id,
  sc.databricks_gcp_service_account->>'credential_id' AS gcp_credential_id,
  sc.databricks_gcp_service_account->>'email' AS gcp_service_account_email,
  CASE
    WHEN sc.aws_iam_role IS NOT NULL THEN 'AWS'
    WHEN sc.azure_managed_identity IS NOT NULL THEN 'AZURE_MANAGED_IDENTITY'
    WHEN sc.azure_service_principal IS NOT NULL THEN 'AZURE_SERVICE_PRINCIPAL'
    WHEN sc.cloudflare_api_token IS NOT NULL THEN 'CLOUDFLARE'
    WHEN sc.databricks_gcp_service_account IS NOT NULL THEN 'GCP'
    ELSE 'UNKNOWN'
  END AS cloud_type
FROM databricks_account.catalog.account_storage_credentials sc
WHERE account_id = '{{ account_id }}'
AND metastore_id = '{{ metastore_id }}'

Overview​

Fields​

Required Parameters​

SELECT Examples​

SQL Definition​

Overview

Fields

Required Parameters

`SELECT` Examples

SQL Definition