StorageCredential

`laktory.models.resources.databricks.StorageCredential` ¤

Bases: StorageCredentialBase

Databricks Storage Credential

Examples:

import io

from laktory import models

cred_yaml = '''
name: prod-azure-mi
azure_managed_identity:
  access_connector_id: /subscriptions/sub-id/resourceGroups/rg/providers/Microsoft.Databricks/accessConnectors/connector
grants:
- principal: account users
  privileges:
  - READ_FILES
'''
cred = models.resources.databricks.StorageCredential.model_validate_yaml(
    io.StringIO(cred_yaml)
)

References

Databricks Storage Credential

BASE	DESCRIPTION
`api`	Specifies whether to use account-level or workspace-level API. Valid values are `account` and `workspace`. When not set, the API level is inferred from the provider host. TYPE: `str \| None \| VariableType` DEFAULT: `None`
`aws_iam_role`	TYPE: `StorageCredentialAwsIamRole \| None \| VariableType` DEFAULT: `None`
`azure_managed_identity`	TYPE: `StorageCredentialAzureManagedIdentity \| None \| VariableType` DEFAULT: `None`
`azure_service_principal`	TYPE: `StorageCredentialAzureServicePrincipal \| None \| VariableType` DEFAULT: `None`
`cloudflare_api_token`	TYPE: `StorageCredentialCloudflareApiToken \| None \| VariableType` DEFAULT: `None`
`comment`	TYPE: `str \| None \| VariableType` DEFAULT: `None`
`databricks_gcp_service_account`	TYPE: `StorageCredentialDatabricksGcpServiceAccount \| None \| VariableType` DEFAULT: `None`
`force_destroy`	TYPE: `bool \| None \| VariableType` DEFAULT: `None`
`force_update`	TYPE: `bool \| None \| VariableType` DEFAULT: `None`
`gcp_service_account_key`	TYPE: `StorageCredentialGcpServiceAccountKey \| None \| VariableType` DEFAULT: `None`
`isolation_mode`	TYPE: `str \| None \| VariableType` DEFAULT: `None`
`metastore_id`	TYPE: `str \| None \| VariableType` DEFAULT: `None`
`name`	TYPE: `str \| VariableType`
`owner`	TYPE: `str \| None \| VariableType` DEFAULT: `None`
`read_only`	TYPE: `bool \| None \| VariableType` DEFAULT: `None`
`skip_validation`	TYPE: `bool \| None \| VariableType` DEFAULT: `None`

LAKTORY	DESCRIPTION
`grant`	Non-destructive grant for specific principal(s). Adds or updates privileges for the listed principal(s) and leaves grants for all other principals untouched. Use when access is managed from multiple sources (Laktory, Databricks UI, etc.). Mutually exclusive with `grants`. TYPE: `StorageCredentialGrant \| list[StorageCredentialGrant] \| VariableType` DEFAULT: `None`
`grants`	Authoritative grant list for all principals. Replaces every existing grant on this Storage Credential - including those set outside Laktory - with only the entries listed here. Use only when Laktory owns all access management for this resource. Mutually exclusive with `grant`. TYPE: `list[StorageCredentialGrant \| VariableType] \| VariableType` DEFAULT: `None`

ATTRIBUTE	DESCRIPTION
`additional_core_resources`	storage credential grants TYPE: `list`

`additional_core_resources` `property` ¤

storage credential grants

`laktory.models.resources.databricks.storagecredential.AwsIamRole` ¤

Bases: BaseModel

PARAMETER	DESCRIPTION
`external_id`	TYPE: `str \| VariableType` DEFAULT: `None`
`role_arn`	TYPE: `str \| VariableType` DEFAULT: `None`
`unity_catalog_iam_arn`	TYPE: `str \| VariableType` DEFAULT: `None`

`laktory.models.resources.databricks.storagecredential.AzureManagedIdentity` ¤

Bases: BaseModel

PARAMETER	DESCRIPTION
`access_connector_id`	TYPE: `str \| VariableType` DEFAULT: `None`
`credential_id`	TYPE: `str \| VariableType` DEFAULT: `None`
`managed_identity_id`	TYPE: `str \| VariableType` DEFAULT: `None`

`laktory.models.resources.databricks.storagecredential.AzureServicePrincipal` ¤

Bases: BaseModel

PARAMETER	DESCRIPTION
`application_id`	TYPE: `str \| VariableType` DEFAULT: `None`
`client_secret`	TYPE: `str \| VariableType` DEFAULT: `None`
`directory_id`	TYPE: `str \| VariableType` DEFAULT: `None`

`laktory.models.resources.databricks.storagecredential.CloudflareApiToken` ¤

Bases: BaseModel

PARAMETER	DESCRIPTION
`access_key_id`	R2 API token access key ID TYPE: `str \| VariableType` DEFAULT: `None`
`account_id`	R2 account ID TYPE: `str \| VariableType` DEFAULT: `None`
`secret_access_key`	R2 API token secret access key TYPE: `str \| VariableType` DEFAULT: `None`

`laktory.models.resources.databricks.storagecredential.DatabricksGcpServiceAccount` ¤

Bases: BaseModel

PARAMETER	DESCRIPTION
`credential_id`	TYPE: `str \| VariableType` DEFAULT: `None`
`email`	TYPE: `str \| VariableType` DEFAULT: `None`

`laktory.models.resources.databricks.storagecredential.GcpServiceAccountKey` ¤

Bases: BaseModel

PARAMETER	DESCRIPTION
`email`	TYPE: `str \| VariableType` DEFAULT: `None`
`private_key`	TYPE: `str \| VariableType` DEFAULT: `None`
`private_key_id`	TYPE: `str \| VariableType` DEFAULT: `None`

`laktory.models.resources.databricks.storagecredential.StorageCredentialAwsIamRole` ¤

Bases: BaseModel

PARAMETER	DESCRIPTION
`external_id`	TYPE: `str \| None \| VariableType` DEFAULT: `None`
`role_arn`	TYPE: `str \| VariableType`
`unity_catalog_iam_arn`	TYPE: `str \| None \| VariableType` DEFAULT: `None`

`laktory.models.resources.databricks.storagecredential.StorageCredentialAzureManagedIdentity` ¤

Bases: BaseModel

PARAMETER	DESCRIPTION
`access_connector_id`	TYPE: `str \| VariableType`
`credential_id`	TYPE: `str \| None \| VariableType` DEFAULT: `None`
`managed_identity_id`	TYPE: `str \| None \| VariableType` DEFAULT: `None`

`laktory.models.resources.databricks.storagecredential.StorageCredentialAzureServicePrincipal` ¤

Bases: BaseModel

PARAMETER	DESCRIPTION
`application_id`	TYPE: `str \| VariableType`
`client_secret`	TYPE: `str \| VariableType`
`directory_id`	TYPE: `str \| VariableType`

`laktory.models.resources.databricks.storagecredential.StorageCredentialCloudflareApiToken` ¤

Bases: BaseModel

PARAMETER	DESCRIPTION
`access_key_id`	TYPE: `str \| VariableType`
`account_id`	TYPE: `str \| VariableType`
`secret_access_key`	TYPE: `str \| VariableType`

`laktory.models.resources.databricks.storagecredential.StorageCredentialDatabricksGcpServiceAccount` ¤

Bases: BaseModel

PARAMETER	DESCRIPTION
`credential_id`	TYPE: `str \| None \| VariableType` DEFAULT: `None`
`email`	TYPE: `str \| None \| VariableType` DEFAULT: `None`

`laktory.models.resources.databricks.storagecredential.StorageCredentialGcpServiceAccountKey` ¤

Bases: BaseModel

PARAMETER	DESCRIPTION
`email`	TYPE: `str \| VariableType`
`private_key`	TYPE: `str \| VariableType`
`private_key_id`	TYPE: `str \| VariableType`

`laktory.models.resources.databricks.storagecredential.StorageCredentialLookup` ¤

Bases: ResourceLookup

PARAMETER	DESCRIPTION
`name`	Name of the storage credential TYPE: `str \| VariableType`

StorageCredential

laktory.models.resources.databricks.StorageCredential ¤

additional_core_resources property ¤

laktory.models.resources.databricks.storagecredential.AwsIamRole ¤

laktory.models.resources.databricks.storagecredential.AzureManagedIdentity ¤

laktory.models.resources.databricks.storagecredential.AzureServicePrincipal ¤

laktory.models.resources.databricks.storagecredential.CloudflareApiToken ¤

laktory.models.resources.databricks.storagecredential.DatabricksGcpServiceAccount ¤

laktory.models.resources.databricks.storagecredential.GcpServiceAccountKey ¤

laktory.models.resources.databricks.storagecredential.StorageCredentialAwsIamRole ¤

laktory.models.resources.databricks.storagecredential.StorageCredentialAzureManagedIdentity ¤

laktory.models.resources.databricks.storagecredential.StorageCredentialAzureServicePrincipal ¤

laktory.models.resources.databricks.storagecredential.StorageCredentialCloudflareApiToken ¤

laktory.models.resources.databricks.storagecredential.StorageCredentialDatabricksGcpServiceAccount ¤

laktory.models.resources.databricks.storagecredential.StorageCredentialGcpServiceAccountKey ¤

laktory.models.resources.databricks.storagecredential.StorageCredentialLookup ¤

`laktory.models.resources.databricks.StorageCredential` ¤

`additional_core_resources` `property` ¤

`laktory.models.resources.databricks.storagecredential.AwsIamRole` ¤

`laktory.models.resources.databricks.storagecredential.AzureManagedIdentity` ¤

`laktory.models.resources.databricks.storagecredential.AzureServicePrincipal` ¤

`laktory.models.resources.databricks.storagecredential.CloudflareApiToken` ¤

`laktory.models.resources.databricks.storagecredential.DatabricksGcpServiceAccount` ¤

`laktory.models.resources.databricks.storagecredential.GcpServiceAccountKey` ¤

`laktory.models.resources.databricks.storagecredential.StorageCredentialAwsIamRole` ¤

`laktory.models.resources.databricks.storagecredential.StorageCredentialAzureManagedIdentity` ¤

`laktory.models.resources.databricks.storagecredential.StorageCredentialAzureServicePrincipal` ¤

`laktory.models.resources.databricks.storagecredential.StorageCredentialCloudflareApiToken` ¤

`laktory.models.resources.databricks.storagecredential.StorageCredentialDatabricksGcpServiceAccount` ¤

`laktory.models.resources.databricks.storagecredential.StorageCredentialGcpServiceAccountKey` ¤

`laktory.models.resources.databricks.storagecredential.StorageCredentialLookup` ¤