Autenticação de credenciais do Google Cloud

A autenticação de credenciais do Google Cloud usa credenciais de account de serviço do Google Cloud para autenticar a account de serviço do Google Cloud de destino.

Para se preparar para usar a autenticação de credenciais do Google Cloud, consulte Configurar e usar a autenticação de credenciais do Google Cloud.

Para configurar a autenticação de credenciais do Google Cloud com Databricks, o senhor deve definir os seguintes campos associados variável de ambiente, .databrickscfg, Terraform ou Config:

• O host Databricks.

  • Para operações de conta, especifique https://accounts.gcp.databricks.com.
  • Para workspace operações, especifique o URLworkspace, por exemplo, https://1234567890123456.7.gcp.databricks.com.

• Para account operações, o Databricks account ID.

• As credenciais do Google Cloud, especificadas como o caminho local para a parte privada key do par Google-gerenciar key para o serviço Google Cloud account, ou o conteúdo dessa parte privada key no formato JSON.

Para executar a autenticação de credenciais do Google Cloud com a Databricks, integre o seguinte em seu código, com base na ferramenta ou SDK participante:

Environment

To use environment variables for a specific Databricks authentication type with a tool or SDK, see Authorizing access to Databricks resources or the tool’s or SDK’s documentation. See also Environment variables and fields for client unified authentication and the Default methods for client unified authentication.

For account-level operations, set the following environment variables:

• DATABRICKS_HOST, set to the value of your Databricks account console URL, https://accounts.gcp.databricks.com.
• DATABRICKS_ACCOUNT_ID
• GOOGLE_CREDENTIALS

For workspace-level operations, set the following environment variables:

• DATABRICKS_HOST, set to the value of your Databricks workspace URL, for example https://1234567890123456.7.gcp.databricks.com.
• GOOGLE_CREDENTIALS

Profile

Create or identify a Databricks configuration profile with the following fields in your .databrickscfg file. If you create the profile, replace the placeholders with the appropriate values. To use the profile with a tool or SDK, see Authorizing access to Databricks resources or the tool’s or SDK’s documentation. See also Environment variables and fields for client unified authentication and the Default methods for client unified authentication.

For account-level operations, set the following values in your .databrickscfg file. In this case, the Databricks account console URL is https://accounts.gcp.databricks.com:

[<some-unique-configuration-profile-name>]
host               = <account-console-url>
account_id         = <account-id>
google_credentials = <path-to-google-service-account-credentials-file>

For workspace-level operations, set the following values in your .databrickscfg file. In this case, the host is the Databricks workspace URL, for example https://1234567890123456.7.gcp.databricks.com:

[<some-unique-configuration-profile-name>]
host               = <workspace-url>
google_credentials = <path-to-google-service-account-credentials-file>

CLI

For the Databricks CLI, do one of the following:

• Set the environment variables as specified in this article’s “Environment” section.
• Set the values in your .databrickscfg file as specified in this article’s “Profile” section.

Environment variables always take precedence over values in your .databrickscfg file.

See also Google Cloud credentials authentication.

Connect

nota

Google Cloud credentials authentication is supported on the following Databricks Connect versions:

• For Python, Databricks Connect for Databricks Runtime 13.3 LTS and above. The Databricks SDK for Python 0.14.0 or above must also be installed.

• For Scala, Databricks Connect for Databricks Runtime 13.3 LTS and above. The Databricks SDK for Java 0.14.0 or above must also be installed.

For Databricks Connect, you can do one of the following:

• Set the values in your .databrickscfg file for Databricks workspace-level operations as specified in this article’s “Profile” section. Also set the cluster_id environment variable in your profile to your workspace instance URL, for example https://1234567890123456.7.gcp.databricks.com.
• Set the environment variables for Databricks workspace-level operations as specified in this article’s “Environment” section. Also set the DATABRICKS_CLUSTER_ID environment variable to your workspace instance URL, for example https://1234567890123456.7.gcp.databricks.com.

Values in your .databrickscfg file always take precedence over environment variables.

To initialize the Databricks Connect client with these environment variables or values in your .databrickscfg file, see Compute configuration for Databricks Connect.

VS Code

For the Databricks extension for Visual Studio Code, do the following:

1. Set the values in your .databrickscfg file for Databricks workspace-level operations as specified in this article’s “Profile” section.
2. In the Configuration pane of the Databricks extension for Visual Studio Code, click Configure Databricks.
3. In the Command Palette, for Databricks Host, enter your workspace URL, for example https://1234567890123456.7.gcp.databricks.com, and then press Enter.
4. In the Command Palette, select your target profile’s name in the list for your URL.

For more details, see Set up authorization for the Databricks extension for Visual Studio Code.

Terraform

For account-level operations, for default authentication:

provider "databricks" {
  alias = "accounts"
}

For direct configuration (replace the retrieve placeholders with your own implementation to retrieve the values from the console or some other configuration store, such as HashiCorp Vault. See also Vault Provider). In this case, the Databricks account console URL is https://accounts.gcp.databricks.com:

provider "databricks" {
  alias              = "accounts"
  host               = <retrieve-account-console-url>
  account_id         = <retrieve-account-id>
  google_credentials = <retrieve-google-credentials>
}

For workspace-level operations, for default authentication:

provider "databricks" {
  alias = "workspace"
}

For direct configuration (replace the retrieve placeholders with your own implementation to retrieve the values from the console or some other configuration store, such as HashiCorp Vault. See also Vault Provider). In this case, the host is the Databricks workspace URL, for example https://1234567890123456.7.gcp.databricks.com:

provider "databricks" {
  alias              = "workspace"
  host               = <retrieve-workspace-url>
  google_credentials = <retrieve-google-credentials>
}

For more information about authenticating with the Databricks Terraform provider, see Authentication.

Python

For account-level operations, use default authentication:

Python

from databricks.sdk import AccountClient

a = AccountClient()
# ...

For direct configuration, replace the retrieve placeholders with your implementation to retrieve the values from the console or some other configuration store, such as Google Cloud Secret Manager. In this case, the Databricks account console URL is https://accounts.gcp.databricks.com:

Python

from databricks.sdk import AccountClient

a = AccountClient(
  host               = retrieve_account_console_url(),
  account_id         = retrieve_account_id(),
  google_credentials = retrieve_google_credentials()
)
# ...

For workspace-level operations, use default authentication:

Python

from databricks.sdk import WorkspaceClient

w = WorkspaceClient()
# ...

For direct configuration, replace the retrieve placeholders with your implementation to retrieve the values from the console or some other configuration store, such as Google Cloud Secret Manager. In this case, the host is the Databricks workspace URL, for example https://1234567890123456.7.gcp.databricks.com:

Python

from databricks.sdk import WorkspaceClient

w = WorkspaceClient(
  host               = retrieve_workspace_url(),
  google_credentials = retrieve_google_credentials()
)
# ...

For more information about authenticating with Databricks Python tools and SDKs that implement Databricks client unified authentication, see:

• Set up the Databricks Connect client for Python
• Set up authorization for the Databricks extension for Visual Studio Code
• Authenticate the Databricks SDK for Python with your Databricks account or workspace

Java

For account-level operations, use default authentication:

Java

import com.databricks.sdk.AccountClient;
// ...
AccountClient a = new AccountClient();
// ...

For direct configuration, replace the retrieve placeholders with your implementation to retrieve the values from the console or some other configuration store, such as Google Cloud Secret Manager. In this case, the Databricks account console URL is https://accounts.gcp.databricks.com:

Java

import com.databricks.sdk.AccountClient;
import com.databricks.sdk.core.DatabricksConfig;
// ...
DatabricksConfig cfg = new DatabricksConfig()
  .setHost(retrieveAccountConsoleUrl())
  .setAccountId(retrieveAccountId())
  .setGoogleCredentials(retrieveGoogleCredentials());
AccountClient a = new AccountClient(cfg);
// ...

For workspace-level operations, for default authentication:

Java

import com.databricks.sdk.WorkspaceClient;
// ...
WorkspaceClient w = new WorkspaceClient();
// ...

For direct configuration, replace the retrieve placeholders with your implementation to retrieve the values from the console or some other configuration store, such as Google Cloud Secret Manager. In this case, the host is the Databricks workspace URL, for example https://1234567890123456.7.gcp.databricks.com:

Java

import com.databricks.sdk.WorkspaceClient;
import com.databricks.sdk.core.DatabricksConfig;
// ...
DatabricksConfig cfg = new DatabricksConfig()
  .setHost(retrieveWorkspaceUrl())
  .setGoogleCredentials(retrieveGoogleCredentials());
WorkspaceClient w = new WorkspaceClient(cfg);
// ...

For more information about authenticating with Databricks’ Python tools and SDKs that implement Databricks client unified authentication, see:

• Set up the Databricks Connect client for Scala
• Authenticate the Databricks SDK for Java with your Databricks account or workspace

Go

For account-level operations, for default authentication:

Go

import (
  "github.com/databricks/databricks-sdk-go"
)
// ...
a := databricks.Must(databricks.NewAccountClient())
// ...

For direct configuration (replace the retrieve placeholders with your own implementation to retrieve the values from the console or some other configuration store, such as Google Cloud Secret Manager). In this case, the Databricks account console URL is https://accounts.gcp.databricks.com:

Go

import (
  "github.com/databricks/databricks-sdk-go"
)
// ...
a := databricks.Must(databricks.NewAccountClient(&databricks.Config{
  Host:              retrieveAccountConsoleUrl(),
  AccountId:         retrieveAccountId(),
  GoogleCredentials: retrieveGoogleCredentials(),
}))
// ...

For workspace-level operations, for default authentication:

Go

import (
  "github.com/databricks/databricks-sdk-go"
)
// ...
w := databricks.Must(databricks.NewWorkspaceClient())
// ...

For direct configuration (replace the retrieve placeholders with your own implementation to retrieve the values from the console or some other configuration store, such as Google Cloud Secret Manager). In this case, the host is the Databricks workspace URL, for example https://1234567890123456.7.gcp.databricks.com:

Go

import (
  "github.com/databricks/databricks-sdk-go"
)
// ...
w := databricks.Must(databricks.NewWorkspaceClient(&databricks.Config{
  Host:              retrieveWorkspaceUrl(),
  GoogleCredentials: retrieveGoogleCredentials(),
}))
// ...

For more information about authenticating with Databricks tools and SDKs that use Go and that implement Databricks client unified authentication, see Authenticate the Databricks SDK for Go with your Databricks account or workspace.