Skip to main content

secrets

Operations on a secrets resource.

Overview

Namesecrets
TypeResource
Iddatabricks_workspace.secrets.secrets

Fields

NameDatatype
keystring
last_updated_timestampstring

Methods

NameAccessible byRequired ParamsDescription
getsecretSELECTkey, scope, deployment_nameGets the bytes representation of a secret value for the specified scope and key.
listsecretsSELECTscope, deployment_nameLists the secret keys that are stored at this scope. This is a metadata-only operation; secret data cannot be retrieved using this API. Users need the READ permission to make this call.
deletesecretDELETEdeployment_nameDeletes the secret stored in this secret scope. You must have
putsecretREPLACEdeployment_nameInserts a secret under the provided scope with the given name. If a secret already exists with the same name, this command overwrites the existing secret's value. The server encrypts the secret using the secret scope's encryption settings before storing it.

SELECT examples

SELECT
key,
last_updated_timestamp
FROM databricks_workspace.secrets.secrets
WHERE scope = '{{ scope }}' AND
deployment_name = '{{ deployment_name }}';

REPLACE example

Replaces a secrets resource.

/*+ update */
-- replace field1, field2, etc. with the fields you want to update
REPLACE databricks_workspace.secrets.secrets
SET field1 = '{ value1 }',
field2 = '{ value2 }', ...
WHERE deployment_name = '{{ deployment_name }}';

DELETE example

Deletes a secrets resource.

/*+ delete */
DELETE FROM databricks_workspace.secrets.secrets
WHERE deployment_name = '{{ deployment_name }}';