service_principal_secrets
Creates, updates, deletes, gets or lists a service_principal_secrets resource.
Overview
| Name | service_principal_secrets |
| Type | Resource |
| Id | databricks_account.oauth2.service_principal_secrets |
Fields
The following fields are returned by SELECT queries:
- service_principal_secrets_list
| Name | Datatype | Description |
|---|---|---|
id | string | ID of the secret |
create_time | string | |
expire_time | string | UTC time when the secret will expire. If the field is not present, the secret does not expire. |
secret_hash | string | Secret Hash |
status | string | Status of the secret |
update_time | string | UTC time when the secret was updated |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
service_principal_secrets_list | select | account_id, service_principal_id | page_size, page_token | List all secrets associated with the given service principal. This operation only returns information |
service_principal_secrets_create | insert | account_id, service_principal_id | Create a secret for the given service principal. | |
service_principal_secrets_delete | delete | account_id, service_principal_id, secret_id | Delete a secret from the given service principal. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
account_id | string | |
secret_id | string | The secret ID. |
service_principal_id | string | The service principal ID. |
page_size | integer | :param page_token: str (optional) An opaque page token which was the next_page_token in the response of the previous request to list the secrets for this service principal. Provide this token to retrieve the next page of secret entries. When providing a page_token, all other parameters provided to the request must match the previous request. To list all of the secrets for a service principal, it is necessary to continue requesting pages of entries until the response contains no next_page_token. Note that the number of entries returned must not be used to determine when the listing is complete. |
page_token | string |
SELECT examples
- service_principal_secrets_list
List all secrets associated with the given service principal. This operation only returns information
SELECT
id,
create_time,
expire_time,
secret_hash,
status,
update_time
FROM databricks_account.oauth2.service_principal_secrets
WHERE account_id = '{{ account_id }}' -- required
AND service_principal_id = '{{ service_principal_id }}' -- required
AND page_size = '{{ page_size }}'
AND page_token = '{{ page_token }}'
;
INSERT examples
- service_principal_secrets_create
- Manifest
Create a secret for the given service principal.
INSERT INTO databricks_account.oauth2.service_principal_secrets (
lifetime,
account_id,
service_principal_id
)
SELECT
'{{ lifetime }}',
'{{ account_id }}',
'{{ service_principal_id }}'
RETURNING
id,
create_time,
expire_time,
secret,
secret_hash,
status,
update_time
;
# Description fields are for documentation purposes
- name: service_principal_secrets
props:
- name: account_id
value: "{{ account_id }}"
description: Required parameter for the service_principal_secrets resource.
- name: service_principal_id
value: "{{ service_principal_id }}"
description: Required parameter for the service_principal_secrets resource.
- name: lifetime
value: "{{ lifetime }}"
description: |
The lifetime of the secret in seconds. If this parameter is not provided, the secret will have a default lifetime of 730 days (63072000s).
DELETE examples
- service_principal_secrets_delete
Delete a secret from the given service principal.
DELETE FROM databricks_account.oauth2.service_principal_secrets
WHERE account_id = '{{ account_id }}' --required
AND service_principal_id = '{{ service_principal_id }}' --required
AND secret_id = '{{ secret_id }}' --required
;