MetastoreDataAccess
laktory.models.resources.databricks.MetastoreDataAccess
¤
Bases: MetastoreDataAccessBase
Databricks Metastore Data Access
Examples:
import io
from laktory import models
dac_yaml = '''
name: prod-azure-mi
azure_managed_identity:
access_connector_id: /subscriptions/sub-id/resourceGroups/rg/providers/Microsoft.Databricks/accessConnectors/connector
grants:
- principal: account users
privileges:
- READ_FILES
'''
dac = models.resources.databricks.MetastoreDataAccess.model_validate_yaml(
io.StringIO(dac_yaml)
)
References
| BASE | DESCRIPTION |
|---|---|
api
|
Specifies whether to use account-level or workspace-level API. Valid values are
TYPE:
|
aws_iam_role
|
TYPE:
|
azure_managed_identity
|
TYPE:
|
azure_service_principal
|
TYPE:
|
cloudflare_api_token
|
TYPE:
|
comment
|
TYPE:
|
databricks_gcp_service_account
|
TYPE:
|
force_destroy
|
TYPE:
|
force_update
|
TYPE:
|
gcp_service_account_key
|
TYPE:
|
is_default
|
whether to set this credential as the default for the metastore. In practice, this should always be true
TYPE:
|
isolation_mode
|
TYPE:
|
metastore_id
|
TYPE:
|
name
|
TYPE:
|
owner
|
TYPE:
|
read_only
|
TYPE:
|
skip_validation
|
TYPE:
|
| LAKTORY | DESCRIPTION |
|---|---|
grant
|
Non-destructive grant for specific principal(s). Adds or updates privileges for the listed principal(s) and leaves
grants for all other principals untouched. Use when access is managed from multiple sources (Laktory, Databricks
UI, etc.). Mutually exclusive with
TYPE:
|
grants
|
Authoritative grant list for all principals. Replaces every existing grant on this Metastore Data Access -
including those set outside Laktory - with only the entries listed here. Use only when Laktory owns all access
management for this resource. Mutually exclusive with
TYPE:
|
| ATTRIBUTE | DESCRIPTION |
|---|---|
additional_core_resources |
TYPE:
|
additional_core_resources
property
¤
- metastore data access credential grants
laktory.models.resources.databricks.metastoredataaccess.MetastoreDataAccessAwsIamRole
¤
Bases: BaseModel
| PARAMETER | DESCRIPTION |
|---|---|
external_id
|
TYPE:
|
role_arn
|
TYPE:
|
unity_catalog_iam_arn
|
TYPE:
|
laktory.models.resources.databricks.metastoredataaccess.MetastoreDataAccessAzureManagedIdentity
¤
Bases: BaseModel
| PARAMETER | DESCRIPTION |
|---|---|
access_connector_id
|
TYPE:
|
credential_id
|
TYPE:
|
managed_identity_id
|
TYPE:
|
laktory.models.resources.databricks.metastoredataaccess.MetastoreDataAccessAzureServicePrincipal
¤
Bases: BaseModel
| PARAMETER | DESCRIPTION |
|---|---|
application_id
|
TYPE:
|
client_secret
|
TYPE:
|
directory_id
|
TYPE:
|
laktory.models.resources.databricks.metastoredataaccess.MetastoreDataAccessCloudflareApiToken
¤
Bases: BaseModel
| PARAMETER | DESCRIPTION |
|---|---|
access_key_id
|
TYPE:
|
account_id
|
TYPE:
|
secret_access_key
|
TYPE:
|
laktory.models.resources.databricks.metastoredataaccess.MetastoreDataAccessDatabricksGcpServiceAccount
¤
Bases: BaseModel
| PARAMETER | DESCRIPTION |
|---|---|
credential_id
|
TYPE:
|
email
|
TYPE:
|
laktory.models.resources.databricks.metastoredataaccess.MetastoreDataAccessGcpServiceAccountKey
¤
Bases: BaseModel
| PARAMETER | DESCRIPTION |
|---|---|
email
|
TYPE:
|
private_key
|
TYPE:
|
private_key_id
|
TYPE:
|