Skip to main content

credentials

Operations on a credentials resource.

Overview

Namecredentials
TypeResource
Iddatabricks_workspace.unitycatalog.credentials

Fields

NameDatatype
aws_temp_credentialsobject
expiration_timeinteger

Methods

NameAccessible byRequired ParamsDescription
generatetemporaryservicecredentialSELECTdeployment_nameReturns a set of temporary credentials generated using the specified service credential. The caller must be a metastore admin or have the metastore privilege
getcredentialSELECTname_arg, deployment_nameGets a service or storage credential from the metastore. The caller must be a metastore admin, the owner of the credential, or have any permission on the credential.
listcredentialsSELECTdeployment_nameGets an array of credentials (as
createcredentialINSERTdeployment_nameCreates a new credential. The type of credential to be created is determined by the
deletecredentialDELETEname_arg, deployment_nameDeletes a service or storage credential from the metastore. The caller must be an owner of the credential.
updatecredentialUPDATEname_arg, deployment_nameUpdates a service or storage credential on the metastore.

SELECT examples

SELECT
aws_temp_credentials,
expiration_time
FROM databricks_workspace.unitycatalog.credentials
WHERE deployment_name = '{{ deployment_name }}';

INSERT example

Use the following StackQL query and manifest file to create a new credentials resource.

/*+ create */
INSERT INTO databricks_workspace.unitycatalog.credentials (
deployment_name,
data__name,
data__aws_iam_role,
data__comment,
data__read_only,
data__purpose,
data__skip_validation
)
SELECT
'{{ deployment_name }}',
'{{ name }}',
'{{ aws_iam_role }}',
'{{ comment }}',
'{{ read_only }}',
'{{ purpose }}',
'{{ skip_validation }}'
;

UPDATE example

Updates a credentials resource.

/*+ update */
-- replace field1, field2, etc. with the fields you want to update
UPDATE databricks_workspace.unitycatalog.credentials
SET field1 = '{{ value1 }}',
field2 = '{{ value2 }}', ...
WHERE name_arg = '{{ name_arg }}' AND
deployment_name = '{{ deployment_name }}';

DELETE example

Deletes a credentials resource.

/*+ delete */
DELETE FROM databricks_workspace.unitycatalog.credentials
WHERE name_arg = '{{ name_arg }}' AND
deployment_name = '{{ deployment_name }}';