account_rule_sets
Creates, updates, deletes, gets or lists an account_rule_sets resource.
Overview
| Name | account_rule_sets |
| Type | Resource |
| Id | databricks_account.iam.account_rule_sets |
Fields
The following fields are returned by SELECT queries:
- get_rule_set
| Name | Datatype | Description |
|---|---|---|
name | string | |
etag | string | Identifies the version of the rule set returned. Etag used for versioning. The response is at least as fresh as the eTag provided. Etag is used for optimistic concurrency control as a way to help prevent simultaneous updates of a rule set from overwriting each other. It is strongly suggested that systems make use of the etag in the read -> modify -> write pattern to perform rule set updates in order to avoid race conditions that is get an etag from a GET rule set request, and pass it with the PUT update request to identify the rule set version you are updating. |
grant_rules | array |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get_rule_set | select | account_id, name, etag | Get a rule set by its name. A rule set is always attached to a resource and contains a list of access | |
update_rule_set | replace | account_id, name, rule_set | Replace the rules of a rule set. First, use get to read the current version of the rule set before |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
account_id | string | |
etag | string | Etag used for versioning. The response is at least as fresh as the eTag provided. Etag is used for optimistic concurrency control as a way to help prevent simultaneous updates of a rule set from overwriting each other. It is strongly suggested that systems make use of the etag in the read -> modify -> write pattern to perform rule set updates in order to avoid race conditions that is get an etag from a GET rule set request, and pass it with the PUT update request to identify the rule set version you are updating. Examples | Summary :--- | :--- etag= | An empty etag can only be used in GET to indicate no freshness requirements. etag=RENUAAABhSweA4NvVmmUYdiU717H3Tgy0UJdor3gE4a+mq/oj9NjAf8ZsQ== | An etag encoded a specific version of the rule set to get or to be updated. |
name | string | The ruleset name associated with the request. Examples | Summary :--- | :--- name=accounts/<ACCOUNT_ID>/ruleSets/default | A name for a rule set on the account. name=accounts/<ACCOUNT_ID>/groups/<GROUP_ID>/ruleSets/default | A name for a rule set on the group. name=accounts/<ACCOUNT_ID>/servicePrincipals/<SERVICE_PRINCIPAL_APPLICATION_ID>/ruleSets/default | A name for a rule set on the service principal. name=accounts/<ACCOUNT_ID>/tagPolicies/<TAG_POLICY_ID>/ruleSets/default | A name for a rule set on the tag policy. |
SELECT examples
- get_rule_set
Get a rule set by its name. A rule set is always attached to a resource and contains a list of access
SELECT
name,
etag,
grant_rules
FROM databricks_account.iam.account_rule_sets
WHERE account_id = '{{ account_id }}' -- required
AND name = '{{ name }}' -- required
AND etag = '{{ etag }}' -- required
;
REPLACE examples
- update_rule_set
Replace the rules of a rule set. First, use get to read the current version of the rule set before
REPLACE databricks_account.iam.account_rule_sets
SET
name = '{{ name }}',
rule_set = '{{ rule_set }}'
WHERE
account_id = '{{ account_id }}' --required
AND name = '{{ name }}' --required
AND rule_set = '{{ rule_set }}' --required
RETURNING
name,
etag,
grant_rules;