Skip to main content
Last updated on

service-principal-secrets-proxy command group

note

This information applies to Databricks CLI versions 0.205 and above. The Databricks CLI is in Public Preview.

Databricks CLI use is subject to the Databricks License and Databricks Privacy Notice, including any Usage Data provisions.

The service-principal-secrets-proxy command group within the Databricks CLI allows you to manage service principal secrets at the workspace level. To use these commands, the service principal must be first added to the current workspace. You can use the generated secrets to obtain OAuth access tokens for a service principal, which can then be used to access Databricks Accounts and Workspace APIs. See Authorize service principal access to Databricks with OAuth.

databricks service-principal-secrets-proxy create

Create a secret for the given service principal.

databricks service-principal-secrets-proxy create SERVICE_PRINCIPAL_ID [flags]

Arguments

SERVICE_PRINCIPAL_ID

    The service principal ID.

Options

--json JSON

    The inline JSON string or the @path to the JSON file with the request body.

--lifetime string

    The lifetime of the secret in seconds.

Global flags

Examples

The following example creates a secret for a service principal:

Bash
databricks service-principal-secrets-proxy create 12345678

The following example creates a secret with a specified lifetime:

Bash
databricks service-principal-secrets-proxy create 12345678 --lifetime 3600

databricks service-principal-secrets-proxy delete

Delete a secret from the given service principal.

databricks service-principal-secrets-proxy delete SERVICE_PRINCIPAL_ID SECRET_ID [flags]

Arguments

SERVICE_PRINCIPAL_ID

    The service principal ID.

SECRET_ID

    The secret ID.

Options

Global flags

Examples

The following example deletes a service principal secret:

Bash
databricks service-principal-secrets-proxy delete 12345678 secret-abc123

databricks service-principal-secrets-proxy list

List all secrets associated with the given service principal. This operation only returns information about the secrets themselves and does not include the secret values.

databricks service-principal-secrets-proxy list SERVICE_PRINCIPAL_ID [flags]

Arguments

SERVICE_PRINCIPAL_ID

    The service principal ID.

Options

--page-size int

    The maximum number of secrets to return.

--page-token string

    An opaque page token from a previous list call.

Global flags

Examples

The following example lists secrets for a service principal:

Bash
databricks service-principal-secrets-proxy list 12345678

Global flags

--debug

  Whether to enable debug logging.

-h or --help

    Display help for the Databricks CLI or the related command group or the related command.

--log-file string

    A string representing the file to write output logs to. If this flag is not specified then the default is to write output logs to stderr.

--log-format format

    The log format type, text or json. The default value is text.

--log-level string

    A string representing the log format level. If not specified then the log format level is disabled.

-o, --output type

    The command output type, text or json. The default value is text.

-p, --profile string

    The name of the profile in the ~/.databrickscfg file to use to run the command. If this flag is not specified then if it exists, the profile named DEFAULT is used.

--progress-format format

    The format to display progress logs: default, append, inplace, or json

-t, --target string

    If applicable, the bundle target to use

On this page