account service-principal-secrets command group
This information applies to Databricks CLI versions 0.205 and above. The Databricks CLI is in Public Preview.
Databricks CLI use is subject to the Databricks License and Databricks Privacy Notice, including any Usage Data provisions.
The account service-principal-secrets command group within the Databricks CLI contains commands to manage service principal secrets. You can use the generated secrets to obtain OAuth access tokens for a service principal, which can then be used to access Databricks Accounts and Workspace APIs. In addition, the generated secrets can be used to configure the Databricks Terraform Provider to authenticate with the service principal.
databricks account service-principal-secrets create
Create a secret for the given service principal.
databricks account service-principal-secrets create SERVICE_PRINCIPAL_ID [flags]
Arguments
SERVICE_PRINCIPAL_ID
The service principal ID.
Options
--lifetime string
The lifetime of the secret in seconds.
--json JSON
The inline JSON string or the @path to the JSON file with the request body
Examples
The following example creates a service principal secret:
databricks account service-principal-secrets create 12345
The following example creates a service principal secret with a specific lifetime:
databricks account service-principal-secrets create 12345 --lifetime "86400"
The following example creates a service principal secret using JSON:
databricks account service-principal-secrets create 12345 --json '{"lifetime": "86400"}'
The following example creates a service principal secret using a JSON file:
databricks account service-principal-secrets create 12345 --json @secret.json
databricks account service-principal-secrets delete
Delete a secret from the given service principal.
databricks account service-principal-secrets delete SERVICE_PRINCIPAL_ID SECRET_ID [flags]
Arguments
SERVICE_PRINCIPAL_ID
The service principal ID.
SECRET_ID
The secret ID.
Options
Examples
The following example deletes a service principal secret:
databricks account service-principal-secrets delete 12345 secret-abc123
databricks account service-principal-secrets list
List all secrets associated with the given service principal. This operation only returns information about the secrets themselves and does not include the secret values.
databricks account service-principal-secrets list SERVICE_PRINCIPAL_ID [flags]
Arguments
SERVICE_PRINCIPAL_ID
The service principal ID.
Options
--page-size int
Number of results to return per page.
--page-token string
An opaque page token which was the next_page_token in the response of the previous request to list the secrets for this service principal.
Examples
The following example lists all service principal secrets:
databricks account service-principal-secrets list 12345
The following example lists service principal secrets with pagination:
databricks account service-principal-secrets list 12345 --page-size 10
The following example lists the next page of service principal secrets:
databricks account service-principal-secrets list 12345 --page-token "next_page_token"
Global flags
--debug
Whether to enable debug logging.
-h or --help
Display help for the Databricks CLI or the related command group or the related command.
--log-file string
A string representing the file to write output logs to. If this flag is not specified then the default is to write output logs to stderr.
--log-format format
The log format type, text or json. The default value is text.
--log-level string
A string representing the log format level. If not specified then the log format level is disabled.
-o, --output type
The command output type, text or json. The default value is text.
-p, --profile string
The name of the profile in the ~/.databrickscfg file to use to run the command. If this flag is not specified then if it exists, the profile named DEFAULT is used.
--progress-format format
The format to display progress logs: default, append, inplace, or json
-t, --target string
If applicable, the bundle target to use