@databricks/sdk-uc-credentials 0.0.0-dev → 0.1.0-dev.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,1469 @@
1
+ // Code generated from API definition by Databricks SDK Generator. DO NOT EDIT.
2
+ import { z } from 'zod';
3
+ export var IsolationMode;
4
+ (function (IsolationMode) {
5
+ IsolationMode["ISOLATION_MODE_UNSPECIFIED"] = "ISOLATION_MODE_UNSPECIFIED";
6
+ IsolationMode["ISOLATION_MODE_OPEN"] = "ISOLATION_MODE_OPEN";
7
+ IsolationMode["ISOLATION_MODE_ISOLATED"] = "ISOLATION_MODE_ISOLATED";
8
+ })(IsolationMode || (IsolationMode = {}));
9
+ export var PathOperation;
10
+ (function (PathOperation) {
11
+ PathOperation["PATH_READ"] = "PATH_READ";
12
+ PathOperation["PATH_READ_WRITE"] = "PATH_READ_WRITE";
13
+ PathOperation["PATH_CREATE_TABLE"] = "PATH_CREATE_TABLE";
14
+ })(PathOperation || (PathOperation = {}));
15
+ export var TableOperation;
16
+ (function (TableOperation) {
17
+ TableOperation["READ"] = "READ";
18
+ TableOperation["READ_WRITE"] = "READ_WRITE";
19
+ })(TableOperation || (TableOperation = {}));
20
+ export var VolumeOperation;
21
+ (function (VolumeOperation) {
22
+ VolumeOperation["READ_VOLUME"] = "READ_VOLUME";
23
+ VolumeOperation["WRITE_VOLUME"] = "WRITE_VOLUME";
24
+ })(VolumeOperation || (VolumeOperation = {}));
25
+ /** A enum represents the result of the file operation */
26
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested enum name.
27
+ export var ValidateCredentialRequest_Result;
28
+ (function (ValidateCredentialRequest_Result) {
29
+ ValidateCredentialRequest_Result["PASS"] = "PASS";
30
+ ValidateCredentialRequest_Result["FAIL"] = "FAIL";
31
+ ValidateCredentialRequest_Result["SKIP"] = "SKIP";
32
+ })(ValidateCredentialRequest_Result || (ValidateCredentialRequest_Result = {}));
33
+ /**
34
+ * A enum represents the file operation performed on the external location
35
+ * with the storage credential
36
+ */
37
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested enum name.
38
+ export var ValidateStorageCredentialRequest_FileOperation;
39
+ (function (ValidateStorageCredentialRequest_FileOperation) {
40
+ ValidateStorageCredentialRequest_FileOperation["LIST"] = "LIST";
41
+ ValidateStorageCredentialRequest_FileOperation["READ"] = "READ";
42
+ ValidateStorageCredentialRequest_FileOperation["WRITE"] = "WRITE";
43
+ ValidateStorageCredentialRequest_FileOperation["DELETE"] = "DELETE";
44
+ ValidateStorageCredentialRequest_FileOperation["PATH_EXISTS"] = "PATH_EXISTS";
45
+ })(ValidateStorageCredentialRequest_FileOperation || (ValidateStorageCredentialRequest_FileOperation = {}));
46
+ /** A enum represents the result of the file operation */
47
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested enum name.
48
+ export var ValidateStorageCredentialRequest_Result;
49
+ (function (ValidateStorageCredentialRequest_Result) {
50
+ ValidateStorageCredentialRequest_Result["PASS"] = "PASS";
51
+ ValidateStorageCredentialRequest_Result["FAIL"] = "FAIL";
52
+ ValidateStorageCredentialRequest_Result["SKIP"] = "SKIP";
53
+ })(ValidateStorageCredentialRequest_Result || (ValidateStorageCredentialRequest_Result = {}));
54
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
55
+ export const unmarshalAccountsCreateStorageCredentialRequest_ResponseSchema = z
56
+ .object({
57
+ credential_info: z
58
+ .lazy(() => unmarshalStorageCredentialInfoSchema)
59
+ .optional(),
60
+ })
61
+ .transform(d => ({
62
+ credentialInfo: d.credential_info,
63
+ }));
64
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
65
+ export const unmarshalAccountsDeleteStorageCredentialRequest_ResponseSchema = z.object({});
66
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
67
+ export const unmarshalAccountsGetStorageCredentialRequest_ResponseSchema = z
68
+ .object({
69
+ credential_info: z
70
+ .lazy(() => unmarshalStorageCredentialInfoSchema)
71
+ .optional(),
72
+ })
73
+ .transform(d => ({
74
+ credentialInfo: d.credential_info,
75
+ }));
76
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
77
+ export const unmarshalAccountsListStorageCredentialsRequest_ResponseSchema = z
78
+ .object({
79
+ storage_credentials: z
80
+ .array(z.lazy(() => unmarshalStorageCredentialInfoSchema))
81
+ .optional(),
82
+ })
83
+ .transform(d => ({
84
+ storageCredentials: d.storage_credentials,
85
+ }));
86
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
87
+ export const unmarshalAccountsUpdateStorageCredentialRequest_ResponseSchema = z
88
+ .object({
89
+ credential_info: z
90
+ .lazy(() => unmarshalStorageCredentialInfoSchema)
91
+ .optional(),
92
+ })
93
+ .transform(d => ({
94
+ credentialInfo: d.credential_info,
95
+ }));
96
+ export const unmarshalAwsCredentialsSchema = z
97
+ .object({
98
+ sts_role: z.lazy(() => unmarshalAwsCredentials_StsRoleSchema).optional(),
99
+ })
100
+ .transform(d => ({
101
+ creds: d.sts_role !== undefined
102
+ ? { $case: 'stsRole', stsRole: d.sts_role }
103
+ : undefined,
104
+ }));
105
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
106
+ export const unmarshalAwsCredentials_StsRoleSchema = z
107
+ .object({
108
+ role_arn: z.string().optional(),
109
+ })
110
+ .transform(d => ({
111
+ roleArn: d.role_arn,
112
+ }));
113
+ export const unmarshalAwsIamRoleSchema = z
114
+ .object({
115
+ role_arn: z.string().optional(),
116
+ unity_catalog_iam_arn: z.string().optional(),
117
+ external_id: z.string().optional(),
118
+ })
119
+ .transform(d => ({
120
+ roleArn: d.role_arn,
121
+ unityCatalogIamArn: d.unity_catalog_iam_arn,
122
+ externalId: d.external_id,
123
+ }));
124
+ export const unmarshalAzureActiveDirectoryTokenSchema = z
125
+ .object({
126
+ aad_token: z.string().optional(),
127
+ })
128
+ .transform(d => ({
129
+ aadToken: d.aad_token,
130
+ }));
131
+ export const unmarshalAzureManagedIdentitySchema = z
132
+ .object({
133
+ access_connector_id: z.string().optional(),
134
+ managed_identity_id: z.string().optional(),
135
+ credential_id: z.string().optional(),
136
+ })
137
+ .transform(d => ({
138
+ accessConnectorId: d.access_connector_id,
139
+ managedIdentityId: d.managed_identity_id,
140
+ credentialId: d.credential_id,
141
+ }));
142
+ export const unmarshalAzureServicePrincipalSchema = z
143
+ .object({
144
+ directory_id: z.string().optional(),
145
+ application_id: z.string().optional(),
146
+ client_secret: z.string().optional(),
147
+ })
148
+ .transform(d => ({
149
+ directoryId: d.directory_id,
150
+ applicationId: d.application_id,
151
+ clientSecret: d.client_secret,
152
+ }));
153
+ export const unmarshalAzureUserDelegationSasSchema = z
154
+ .object({
155
+ sas_token: z.string().optional(),
156
+ })
157
+ .transform(d => ({
158
+ sasToken: d.sas_token,
159
+ }));
160
+ export const unmarshalCloudflareApiTokenSchema = z
161
+ .object({
162
+ access_key_id: z.string().optional(),
163
+ secret_access_key: z.string().optional(),
164
+ account_id: z.string().optional(),
165
+ })
166
+ .transform(d => ({
167
+ accessKeyId: d.access_key_id,
168
+ secretAccessKey: d.secret_access_key,
169
+ accountId: d.account_id,
170
+ }));
171
+ export const unmarshalCredentialInfoSchema = z
172
+ .object({
173
+ name: z.string().optional(),
174
+ aws_iam_role: z.lazy(() => unmarshalAwsIamRoleSchema).optional(),
175
+ azure_service_principal: z
176
+ .lazy(() => unmarshalAzureServicePrincipalSchema)
177
+ .optional(),
178
+ gcp_service_account_key: z
179
+ .lazy(() => unmarshalGcpServiceAccountKeySchema)
180
+ .optional(),
181
+ azure_managed_identity: z
182
+ .lazy(() => unmarshalAzureManagedIdentitySchema)
183
+ .optional(),
184
+ databricks_gcp_service_account: z
185
+ .lazy(() => unmarshalDatabricksGcpServiceAccountSchema)
186
+ .optional(),
187
+ cloudflare_api_token: z
188
+ .lazy(() => unmarshalCloudflareApiTokenSchema)
189
+ .optional(),
190
+ comment: z.string().optional(),
191
+ read_only: z.boolean().optional(),
192
+ owner: z.string().optional(),
193
+ id: z.string().optional(),
194
+ metastore_id: z.string().optional(),
195
+ created_at: z
196
+ .union([z.number(), z.bigint()])
197
+ .transform(v => BigInt(v))
198
+ .optional(),
199
+ created_by: z.string().optional(),
200
+ updated_at: z
201
+ .union([z.number(), z.bigint()])
202
+ .transform(v => BigInt(v))
203
+ .optional(),
204
+ updated_by: z.string().optional(),
205
+ used_for_managed_storage: z.boolean().optional(),
206
+ full_name: z.string().optional(),
207
+ isolation_mode: z.enum(IsolationMode).optional(),
208
+ })
209
+ .transform(d => ({
210
+ name: d.name,
211
+ credential: d.aws_iam_role !== undefined
212
+ ? { $case: 'awsIamRole', awsIamRole: d.aws_iam_role }
213
+ : d.azure_service_principal !== undefined
214
+ ? {
215
+ $case: 'azureServicePrincipal',
216
+ azureServicePrincipal: d.azure_service_principal,
217
+ }
218
+ : d.gcp_service_account_key !== undefined
219
+ ? {
220
+ $case: 'gcpServiceAccountKey',
221
+ gcpServiceAccountKey: d.gcp_service_account_key,
222
+ }
223
+ : d.azure_managed_identity !== undefined
224
+ ? {
225
+ $case: 'azureManagedIdentity',
226
+ azureManagedIdentity: d.azure_managed_identity,
227
+ }
228
+ : d.databricks_gcp_service_account !== undefined
229
+ ? {
230
+ $case: 'databricksGcpServiceAccount',
231
+ databricksGcpServiceAccount: d.databricks_gcp_service_account,
232
+ }
233
+ : d.cloudflare_api_token !== undefined
234
+ ? {
235
+ $case: 'cloudflareApiToken',
236
+ cloudflareApiToken: d.cloudflare_api_token,
237
+ }
238
+ : undefined,
239
+ comment: d.comment,
240
+ readOnly: d.read_only,
241
+ owner: d.owner,
242
+ id: d.id,
243
+ metastoreId: d.metastore_id,
244
+ createdAt: d.created_at,
245
+ createdBy: d.created_by,
246
+ updatedAt: d.updated_at,
247
+ updatedBy: d.updated_by,
248
+ usedForManagedStorage: d.used_for_managed_storage,
249
+ fullName: d.full_name,
250
+ isolationMode: d.isolation_mode,
251
+ }));
252
+ export const unmarshalCredentialsSchema = z
253
+ .object({
254
+ credentials_id: z.string().optional(),
255
+ account_id: z.string().optional(),
256
+ aws_credentials: z.lazy(() => unmarshalAwsCredentialsSchema).optional(),
257
+ credentials_name: z.string().optional(),
258
+ creation_time: z
259
+ .union([z.number(), z.bigint()])
260
+ .transform(v => BigInt(v))
261
+ .optional(),
262
+ })
263
+ .transform(d => ({
264
+ credentialsId: d.credentials_id,
265
+ accountId: d.account_id,
266
+ cloudCredentials: d.aws_credentials !== undefined
267
+ ? { $case: 'awsCredentials', awsCredentials: d.aws_credentials }
268
+ : undefined,
269
+ credentialsName: d.credentials_name,
270
+ creationTime: d.creation_time,
271
+ }));
272
+ export const unmarshalDatabricksGcpServiceAccountSchema = z
273
+ .object({
274
+ email: z.string().optional(),
275
+ private_key_id: z.string().optional(),
276
+ credential_id: z.string().optional(),
277
+ })
278
+ .transform(d => ({
279
+ email: d.email,
280
+ privateKeyId: d.private_key_id,
281
+ credentialId: d.credential_id,
282
+ }));
283
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
284
+ export const unmarshalDeleteCredentialRequest_ResponseSchema = z.object({});
285
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
286
+ export const unmarshalDeleteStorageCredentialRequest_ResponseSchema = z.object({});
287
+ export const unmarshalGcpOauthTokenSchema = z
288
+ .object({
289
+ oauth_token: z.string().optional(),
290
+ })
291
+ .transform(d => ({
292
+ oauthToken: d.oauth_token,
293
+ }));
294
+ export const unmarshalGcpServiceAccountKeySchema = z
295
+ .object({
296
+ email: z.string().optional(),
297
+ private_key_id: z.string().optional(),
298
+ private_key: z.string().optional(),
299
+ })
300
+ .transform(d => ({
301
+ email: d.email,
302
+ privateKeyId: d.private_key_id,
303
+ privateKey: d.private_key,
304
+ }));
305
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
306
+ export const unmarshalGenerateTemporaryPathCredentialRequest_ResponseSchema = z
307
+ .object({
308
+ aws_temp_credentials: z
309
+ .lazy(() => unmarshalTemporaryAwsCredentialsSchema)
310
+ .optional(),
311
+ azure_user_delegation_sas: z
312
+ .lazy(() => unmarshalAzureUserDelegationSasSchema)
313
+ .optional(),
314
+ gcp_oauth_token: z.lazy(() => unmarshalGcpOauthTokenSchema).optional(),
315
+ azure_aad: z
316
+ .lazy(() => unmarshalAzureActiveDirectoryTokenSchema)
317
+ .optional(),
318
+ r2_temp_credentials: z
319
+ .lazy(() => unmarshalR2CredentialsSchema)
320
+ .optional(),
321
+ expiration_time: z
322
+ .union([z.number(), z.bigint()])
323
+ .transform(v => BigInt(v))
324
+ .optional(),
325
+ url: z.string().optional(),
326
+ })
327
+ .transform(d => ({
328
+ credentials: d.aws_temp_credentials !== undefined
329
+ ? {
330
+ $case: 'awsTempCredentials',
331
+ awsTempCredentials: d.aws_temp_credentials,
332
+ }
333
+ : d.azure_user_delegation_sas !== undefined
334
+ ? {
335
+ $case: 'azureUserDelegationSas',
336
+ azureUserDelegationSas: d.azure_user_delegation_sas,
337
+ }
338
+ : d.gcp_oauth_token !== undefined
339
+ ? {
340
+ $case: 'gcpOauthToken',
341
+ gcpOauthToken: d.gcp_oauth_token,
342
+ }
343
+ : d.azure_aad !== undefined
344
+ ? { $case: 'azureAad', azureAad: d.azure_aad }
345
+ : d.r2_temp_credentials !== undefined
346
+ ? {
347
+ $case: 'r2TempCredentials',
348
+ r2TempCredentials: d.r2_temp_credentials,
349
+ }
350
+ : undefined,
351
+ expirationTime: d.expiration_time,
352
+ url: d.url,
353
+ }));
354
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
355
+ export const unmarshalGenerateTemporaryTableCredentialRequest_ResponseSchema = z
356
+ .object({
357
+ aws_temp_credentials: z
358
+ .lazy(() => unmarshalTemporaryAwsCredentialsSchema)
359
+ .optional(),
360
+ azure_user_delegation_sas: z
361
+ .lazy(() => unmarshalAzureUserDelegationSasSchema)
362
+ .optional(),
363
+ gcp_oauth_token: z.lazy(() => unmarshalGcpOauthTokenSchema).optional(),
364
+ azure_aad: z
365
+ .lazy(() => unmarshalAzureActiveDirectoryTokenSchema)
366
+ .optional(),
367
+ r2_temp_credentials: z
368
+ .lazy(() => unmarshalR2CredentialsSchema)
369
+ .optional(),
370
+ expiration_time: z
371
+ .union([z.number(), z.bigint()])
372
+ .transform(v => BigInt(v))
373
+ .optional(),
374
+ url: z.string().optional(),
375
+ })
376
+ .transform(d => ({
377
+ credentials: d.aws_temp_credentials !== undefined
378
+ ? {
379
+ $case: 'awsTempCredentials',
380
+ awsTempCredentials: d.aws_temp_credentials,
381
+ }
382
+ : d.azure_user_delegation_sas !== undefined
383
+ ? {
384
+ $case: 'azureUserDelegationSas',
385
+ azureUserDelegationSas: d.azure_user_delegation_sas,
386
+ }
387
+ : d.gcp_oauth_token !== undefined
388
+ ? {
389
+ $case: 'gcpOauthToken',
390
+ gcpOauthToken: d.gcp_oauth_token,
391
+ }
392
+ : d.azure_aad !== undefined
393
+ ? { $case: 'azureAad', azureAad: d.azure_aad }
394
+ : d.r2_temp_credentials !== undefined
395
+ ? {
396
+ $case: 'r2TempCredentials',
397
+ r2TempCredentials: d.r2_temp_credentials,
398
+ }
399
+ : undefined,
400
+ expirationTime: d.expiration_time,
401
+ url: d.url,
402
+ }));
403
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
404
+ export const unmarshalGenerateTemporaryVolumeCredentialRequest_ResponseSchema = z
405
+ .object({
406
+ aws_temp_credentials: z
407
+ .lazy(() => unmarshalTemporaryAwsCredentialsSchema)
408
+ .optional(),
409
+ azure_user_delegation_sas: z
410
+ .lazy(() => unmarshalAzureUserDelegationSasSchema)
411
+ .optional(),
412
+ gcp_oauth_token: z.lazy(() => unmarshalGcpOauthTokenSchema).optional(),
413
+ azure_aad: z
414
+ .lazy(() => unmarshalAzureActiveDirectoryTokenSchema)
415
+ .optional(),
416
+ r2_temp_credentials: z
417
+ .lazy(() => unmarshalR2CredentialsSchema)
418
+ .optional(),
419
+ expiration_time: z
420
+ .union([z.number(), z.bigint()])
421
+ .transform(v => BigInt(v))
422
+ .optional(),
423
+ url: z.string().optional(),
424
+ })
425
+ .transform(d => ({
426
+ credentials: d.aws_temp_credentials !== undefined
427
+ ? {
428
+ $case: 'awsTempCredentials',
429
+ awsTempCredentials: d.aws_temp_credentials,
430
+ }
431
+ : d.azure_user_delegation_sas !== undefined
432
+ ? {
433
+ $case: 'azureUserDelegationSas',
434
+ azureUserDelegationSas: d.azure_user_delegation_sas,
435
+ }
436
+ : d.gcp_oauth_token !== undefined
437
+ ? {
438
+ $case: 'gcpOauthToken',
439
+ gcpOauthToken: d.gcp_oauth_token,
440
+ }
441
+ : d.azure_aad !== undefined
442
+ ? { $case: 'azureAad', azureAad: d.azure_aad }
443
+ : d.r2_temp_credentials !== undefined
444
+ ? {
445
+ $case: 'r2TempCredentials',
446
+ r2TempCredentials: d.r2_temp_credentials,
447
+ }
448
+ : undefined,
449
+ expirationTime: d.expiration_time,
450
+ url: d.url,
451
+ }));
452
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
453
+ export const unmarshalListCredentialsRequest_ResponseSchema = z
454
+ .object({
455
+ credentials: z
456
+ .array(z.lazy(() => unmarshalCredentialInfoSchema))
457
+ .optional(),
458
+ next_page_token: z.string().optional(),
459
+ })
460
+ .transform(d => ({
461
+ credentials: d.credentials,
462
+ nextPageToken: d.next_page_token,
463
+ }));
464
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
465
+ export const unmarshalListStorageCredentialsRequest_ResponseSchema = z
466
+ .object({
467
+ storage_credentials: z
468
+ .array(z.lazy(() => unmarshalStorageCredentialInfoSchema))
469
+ .optional(),
470
+ next_page_token: z.string().optional(),
471
+ })
472
+ .transform(d => ({
473
+ storageCredentials: d.storage_credentials,
474
+ nextPageToken: d.next_page_token,
475
+ }));
476
+ export const unmarshalR2CredentialsSchema = z
477
+ .object({
478
+ access_key_id: z.string().optional(),
479
+ secret_access_key: z.string().optional(),
480
+ session_token: z.string().optional(),
481
+ })
482
+ .transform(d => ({
483
+ accessKeyId: d.access_key_id,
484
+ secretAccessKey: d.secret_access_key,
485
+ sessionToken: d.session_token,
486
+ }));
487
+ export const unmarshalStorageCredentialInfoSchema = z
488
+ .object({
489
+ name: z.string().optional(),
490
+ aws_iam_role: z.lazy(() => unmarshalAwsIamRoleSchema).optional(),
491
+ azure_service_principal: z
492
+ .lazy(() => unmarshalAzureServicePrincipalSchema)
493
+ .optional(),
494
+ gcp_service_account_key: z
495
+ .lazy(() => unmarshalGcpServiceAccountKeySchema)
496
+ .optional(),
497
+ azure_managed_identity: z
498
+ .lazy(() => unmarshalAzureManagedIdentitySchema)
499
+ .optional(),
500
+ databricks_gcp_service_account: z
501
+ .lazy(() => unmarshalDatabricksGcpServiceAccountSchema)
502
+ .optional(),
503
+ cloudflare_api_token: z
504
+ .lazy(() => unmarshalCloudflareApiTokenSchema)
505
+ .optional(),
506
+ comment: z.string().optional(),
507
+ read_only: z.boolean().optional(),
508
+ owner: z.string().optional(),
509
+ id: z.string().optional(),
510
+ metastore_id: z.string().optional(),
511
+ created_at: z
512
+ .union([z.number(), z.bigint()])
513
+ .transform(v => BigInt(v))
514
+ .optional(),
515
+ created_by: z.string().optional(),
516
+ updated_at: z
517
+ .union([z.number(), z.bigint()])
518
+ .transform(v => BigInt(v))
519
+ .optional(),
520
+ updated_by: z.string().optional(),
521
+ used_for_managed_storage: z.boolean().optional(),
522
+ full_name: z.string().optional(),
523
+ isolation_mode: z.enum(IsolationMode).optional(),
524
+ })
525
+ .transform(d => ({
526
+ name: d.name,
527
+ credential: d.aws_iam_role !== undefined
528
+ ? { $case: 'awsIamRole', awsIamRole: d.aws_iam_role }
529
+ : d.azure_service_principal !== undefined
530
+ ? {
531
+ $case: 'azureServicePrincipal',
532
+ azureServicePrincipal: d.azure_service_principal,
533
+ }
534
+ : d.gcp_service_account_key !== undefined
535
+ ? {
536
+ $case: 'gcpServiceAccountKey',
537
+ gcpServiceAccountKey: d.gcp_service_account_key,
538
+ }
539
+ : d.azure_managed_identity !== undefined
540
+ ? {
541
+ $case: 'azureManagedIdentity',
542
+ azureManagedIdentity: d.azure_managed_identity,
543
+ }
544
+ : d.databricks_gcp_service_account !== undefined
545
+ ? {
546
+ $case: 'databricksGcpServiceAccount',
547
+ databricksGcpServiceAccount: d.databricks_gcp_service_account,
548
+ }
549
+ : d.cloudflare_api_token !== undefined
550
+ ? {
551
+ $case: 'cloudflareApiToken',
552
+ cloudflareApiToken: d.cloudflare_api_token,
553
+ }
554
+ : undefined,
555
+ comment: d.comment,
556
+ readOnly: d.read_only,
557
+ owner: d.owner,
558
+ id: d.id,
559
+ metastoreId: d.metastore_id,
560
+ createdAt: d.created_at,
561
+ createdBy: d.created_by,
562
+ updatedAt: d.updated_at,
563
+ updatedBy: d.updated_by,
564
+ usedForManagedStorage: d.used_for_managed_storage,
565
+ fullName: d.full_name,
566
+ isolationMode: d.isolation_mode,
567
+ }));
568
+ export const unmarshalTemporaryAwsCredentialsSchema = z
569
+ .object({
570
+ access_key_id: z.string().optional(),
571
+ secret_access_key: z.string().optional(),
572
+ session_token: z.string().optional(),
573
+ access_point: z.string().optional(),
574
+ })
575
+ .transform(d => ({
576
+ accessKeyId: d.access_key_id,
577
+ secretAccessKey: d.secret_access_key,
578
+ sessionToken: d.session_token,
579
+ accessPoint: d.access_point,
580
+ }));
581
+ export const unmarshalTemporaryCredentialsSchema = z
582
+ .object({
583
+ aws_temp_credentials: z
584
+ .lazy(() => unmarshalTemporaryAwsCredentialsSchema)
585
+ .optional(),
586
+ azure_user_delegation_sas: z
587
+ .lazy(() => unmarshalAzureUserDelegationSasSchema)
588
+ .optional(),
589
+ gcp_oauth_token: z.lazy(() => unmarshalGcpOauthTokenSchema).optional(),
590
+ azure_aad: z
591
+ .lazy(() => unmarshalAzureActiveDirectoryTokenSchema)
592
+ .optional(),
593
+ r2_temp_credentials: z
594
+ .lazy(() => unmarshalR2CredentialsSchema)
595
+ .optional(),
596
+ expiration_time: z
597
+ .union([z.number(), z.bigint()])
598
+ .transform(v => BigInt(v))
599
+ .optional(),
600
+ url: z.string().optional(),
601
+ })
602
+ .transform(d => ({
603
+ credentials: d.aws_temp_credentials !== undefined
604
+ ? {
605
+ $case: 'awsTempCredentials',
606
+ awsTempCredentials: d.aws_temp_credentials,
607
+ }
608
+ : d.azure_user_delegation_sas !== undefined
609
+ ? {
610
+ $case: 'azureUserDelegationSas',
611
+ azureUserDelegationSas: d.azure_user_delegation_sas,
612
+ }
613
+ : d.gcp_oauth_token !== undefined
614
+ ? {
615
+ $case: 'gcpOauthToken',
616
+ gcpOauthToken: d.gcp_oauth_token,
617
+ }
618
+ : d.azure_aad !== undefined
619
+ ? { $case: 'azureAad', azureAad: d.azure_aad }
620
+ : d.r2_temp_credentials !== undefined
621
+ ? {
622
+ $case: 'r2TempCredentials',
623
+ r2TempCredentials: d.r2_temp_credentials,
624
+ }
625
+ : undefined,
626
+ expirationTime: d.expiration_time,
627
+ url: d.url,
628
+ }));
629
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
630
+ export const unmarshalValidateCredentialRequest_ResponseSchema = z
631
+ .object({
632
+ results: z
633
+ .array(z.lazy(() => unmarshalValidateCredentialRequest_ValidationResultSchema))
634
+ .optional(),
635
+ isDir: z.boolean().optional(),
636
+ })
637
+ .transform(d => ({
638
+ results: d.results,
639
+ isDir: d.isDir,
640
+ }));
641
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
642
+ export const unmarshalValidateCredentialRequest_ValidationResultSchema = z
643
+ .object({
644
+ result: z.enum(ValidateCredentialRequest_Result).optional(),
645
+ message: z.string().optional(),
646
+ })
647
+ .transform(d => ({
648
+ result: d.result,
649
+ message: d.message,
650
+ }));
651
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
652
+ export const unmarshalValidateStorageCredentialRequest_ResponseSchema = z
653
+ .object({
654
+ isDir: z.boolean().optional(),
655
+ results: z
656
+ .array(z.lazy(() => unmarshalValidateStorageCredentialRequest_ValidationResultSchema))
657
+ .optional(),
658
+ })
659
+ .transform(d => ({
660
+ isDir: d.isDir,
661
+ results: d.results,
662
+ }));
663
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
664
+ export const unmarshalValidateStorageCredentialRequest_ValidationResultSchema = z
665
+ .object({
666
+ operation: z
667
+ .enum(ValidateStorageCredentialRequest_FileOperation)
668
+ .optional(),
669
+ result: z.enum(ValidateStorageCredentialRequest_Result).optional(),
670
+ message: z.string().optional(),
671
+ })
672
+ .transform(d => ({
673
+ operation: d.operation,
674
+ result: d.result,
675
+ message: d.message,
676
+ }));
677
+ export const marshalAccountsCreateStorageCredentialRequestSchema = z
678
+ .object({
679
+ accountId: z.string().optional(),
680
+ metastoreId: z.string().optional(),
681
+ credentialInfo: z
682
+ .lazy(() => marshalCreateAccountsStorageCredentialSchema)
683
+ .optional(),
684
+ skipValidation: z.boolean().optional(),
685
+ })
686
+ .transform(d => ({
687
+ account_id: d.accountId,
688
+ metastore_id: d.metastoreId,
689
+ credential_info: d.credentialInfo,
690
+ skip_validation: d.skipValidation,
691
+ }));
692
+ export const marshalAccountsUpdateStorageCredentialRequestSchema = z
693
+ .object({
694
+ accountId: z.string().optional(),
695
+ metastoreId: z.string().optional(),
696
+ nameArg: z.string().optional(),
697
+ credentialInfo: z
698
+ .lazy(() => marshalUpdateAccountsStorageCredentialSchema)
699
+ .optional(),
700
+ skipValidation: z.boolean().optional(),
701
+ })
702
+ .transform(d => ({
703
+ account_id: d.accountId,
704
+ metastore_id: d.metastoreId,
705
+ name_arg: d.nameArg,
706
+ credential_info: d.credentialInfo,
707
+ skip_validation: d.skipValidation,
708
+ }));
709
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
710
+ export const marshalAwsCredentials_StsRoleSchema = z
711
+ .object({
712
+ roleArn: z.string().optional(),
713
+ })
714
+ .transform(d => ({
715
+ role_arn: d.roleArn,
716
+ }));
717
+ export const marshalAwsIamRoleSchema = z
718
+ .object({
719
+ roleArn: z.string().optional(),
720
+ unityCatalogIamArn: z.string().optional(),
721
+ externalId: z.string().optional(),
722
+ })
723
+ .transform(d => ({
724
+ role_arn: d.roleArn,
725
+ unity_catalog_iam_arn: d.unityCatalogIamArn,
726
+ external_id: d.externalId,
727
+ }));
728
+ export const marshalAzureManagedIdentitySchema = z
729
+ .object({
730
+ accessConnectorId: z.string().optional(),
731
+ managedIdentityId: z.string().optional(),
732
+ credentialId: z.string().optional(),
733
+ })
734
+ .transform(d => ({
735
+ access_connector_id: d.accessConnectorId,
736
+ managed_identity_id: d.managedIdentityId,
737
+ credential_id: d.credentialId,
738
+ }));
739
+ export const marshalAzureServicePrincipalSchema = z
740
+ .object({
741
+ directoryId: z.string().optional(),
742
+ applicationId: z.string().optional(),
743
+ clientSecret: z.string().optional(),
744
+ })
745
+ .transform(d => ({
746
+ directory_id: d.directoryId,
747
+ application_id: d.applicationId,
748
+ client_secret: d.clientSecret,
749
+ }));
750
+ export const marshalCloudflareApiTokenSchema = z
751
+ .object({
752
+ accessKeyId: z.string().optional(),
753
+ secretAccessKey: z.string().optional(),
754
+ accountId: z.string().optional(),
755
+ })
756
+ .transform(d => ({
757
+ access_key_id: d.accessKeyId,
758
+ secret_access_key: d.secretAccessKey,
759
+ account_id: d.accountId,
760
+ }));
761
+ export const marshalCreateAccountsStorageCredentialSchema = z
762
+ .object({
763
+ name: z.string().optional(),
764
+ credential: z
765
+ .discriminatedUnion('$case', [
766
+ z.object({
767
+ $case: z.literal('awsIamRole'),
768
+ awsIamRole: z.lazy(() => marshalAwsIamRoleSchema),
769
+ }),
770
+ z.object({
771
+ $case: z.literal('azureServicePrincipal'),
772
+ azureServicePrincipal: z.lazy(() => marshalAzureServicePrincipalSchema),
773
+ }),
774
+ z.object({
775
+ $case: z.literal('gcpServiceAccountKey'),
776
+ gcpServiceAccountKey: z.lazy(() => marshalGcpServiceAccountKeySchema),
777
+ }),
778
+ z.object({
779
+ $case: z.literal('azureManagedIdentity'),
780
+ azureManagedIdentity: z.lazy(() => marshalAzureManagedIdentitySchema),
781
+ }),
782
+ z.object({
783
+ $case: z.literal('databricksGcpServiceAccount'),
784
+ databricksGcpServiceAccount: z.lazy(() => marshalDatabricksGcpServiceAccountSchema),
785
+ }),
786
+ z.object({
787
+ $case: z.literal('cloudflareApiToken'),
788
+ cloudflareApiToken: z.lazy(() => marshalCloudflareApiTokenSchema),
789
+ }),
790
+ ])
791
+ .optional(),
792
+ comment: z.string().optional(),
793
+ readOnly: z.boolean().optional(),
794
+ owner: z.string().optional(),
795
+ id: z.string().optional(),
796
+ metastoreId: z.string().optional(),
797
+ createdAt: z.bigint().optional(),
798
+ createdBy: z.string().optional(),
799
+ updatedAt: z.bigint().optional(),
800
+ updatedBy: z.string().optional(),
801
+ usedForManagedStorage: z.boolean().optional(),
802
+ fullName: z.string().optional(),
803
+ isolationMode: z.enum(IsolationMode).optional(),
804
+ })
805
+ .transform(d => ({
806
+ name: d.name,
807
+ ...(d.credential?.$case === 'awsIamRole' && {
808
+ aws_iam_role: d.credential.awsIamRole,
809
+ }),
810
+ ...(d.credential?.$case === 'azureServicePrincipal' && {
811
+ azure_service_principal: d.credential.azureServicePrincipal,
812
+ }),
813
+ ...(d.credential?.$case === 'gcpServiceAccountKey' && {
814
+ gcp_service_account_key: d.credential.gcpServiceAccountKey,
815
+ }),
816
+ ...(d.credential?.$case === 'azureManagedIdentity' && {
817
+ azure_managed_identity: d.credential.azureManagedIdentity,
818
+ }),
819
+ ...(d.credential?.$case === 'databricksGcpServiceAccount' && {
820
+ databricks_gcp_service_account: d.credential.databricksGcpServiceAccount,
821
+ }),
822
+ ...(d.credential?.$case === 'cloudflareApiToken' && {
823
+ cloudflare_api_token: d.credential.cloudflareApiToken,
824
+ }),
825
+ comment: d.comment,
826
+ read_only: d.readOnly,
827
+ owner: d.owner,
828
+ id: d.id,
829
+ metastore_id: d.metastoreId,
830
+ created_at: d.createdAt,
831
+ created_by: d.createdBy,
832
+ updated_at: d.updatedAt,
833
+ updated_by: d.updatedBy,
834
+ used_for_managed_storage: d.usedForManagedStorage,
835
+ full_name: d.fullName,
836
+ isolation_mode: d.isolationMode,
837
+ }));
838
+ export const marshalCreateCredentialAwsCredentialsSchema = z
839
+ .object({
840
+ creds: z
841
+ .discriminatedUnion('$case', [
842
+ z.object({
843
+ $case: z.literal('stsRole'),
844
+ stsRole: z.lazy(() => marshalAwsCredentials_StsRoleSchema),
845
+ }),
846
+ ])
847
+ .optional(),
848
+ })
849
+ .transform(d => ({
850
+ ...(d.creds?.$case === 'stsRole' && { sts_role: d.creds.stsRole }),
851
+ }));
852
+ export const marshalCreateCredentialRequestSchema = z
853
+ .object({
854
+ skipValidation: z.boolean().optional(),
855
+ name: z.string().optional(),
856
+ credential: z
857
+ .discriminatedUnion('$case', [
858
+ z.object({
859
+ $case: z.literal('awsIamRole'),
860
+ awsIamRole: z.lazy(() => marshalAwsIamRoleSchema),
861
+ }),
862
+ z.object({
863
+ $case: z.literal('azureServicePrincipal'),
864
+ azureServicePrincipal: z.lazy(() => marshalAzureServicePrincipalSchema),
865
+ }),
866
+ z.object({
867
+ $case: z.literal('gcpServiceAccountKey'),
868
+ gcpServiceAccountKey: z.lazy(() => marshalGcpServiceAccountKeySchema),
869
+ }),
870
+ z.object({
871
+ $case: z.literal('azureManagedIdentity'),
872
+ azureManagedIdentity: z.lazy(() => marshalAzureManagedIdentitySchema),
873
+ }),
874
+ z.object({
875
+ $case: z.literal('databricksGcpServiceAccount'),
876
+ databricksGcpServiceAccount: z.lazy(() => marshalDatabricksGcpServiceAccountSchema),
877
+ }),
878
+ z.object({
879
+ $case: z.literal('cloudflareApiToken'),
880
+ cloudflareApiToken: z.lazy(() => marshalCloudflareApiTokenSchema),
881
+ }),
882
+ ])
883
+ .optional(),
884
+ comment: z.string().optional(),
885
+ readOnly: z.boolean().optional(),
886
+ owner: z.string().optional(),
887
+ id: z.string().optional(),
888
+ metastoreId: z.string().optional(),
889
+ createdAt: z.bigint().optional(),
890
+ createdBy: z.string().optional(),
891
+ updatedAt: z.bigint().optional(),
892
+ updatedBy: z.string().optional(),
893
+ usedForManagedStorage: z.boolean().optional(),
894
+ fullName: z.string().optional(),
895
+ isolationMode: z.enum(IsolationMode).optional(),
896
+ })
897
+ .transform(d => ({
898
+ skip_validation: d.skipValidation,
899
+ name: d.name,
900
+ ...(d.credential?.$case === 'awsIamRole' && {
901
+ aws_iam_role: d.credential.awsIamRole,
902
+ }),
903
+ ...(d.credential?.$case === 'azureServicePrincipal' && {
904
+ azure_service_principal: d.credential.azureServicePrincipal,
905
+ }),
906
+ ...(d.credential?.$case === 'gcpServiceAccountKey' && {
907
+ gcp_service_account_key: d.credential.gcpServiceAccountKey,
908
+ }),
909
+ ...(d.credential?.$case === 'azureManagedIdentity' && {
910
+ azure_managed_identity: d.credential.azureManagedIdentity,
911
+ }),
912
+ ...(d.credential?.$case === 'databricksGcpServiceAccount' && {
913
+ databricks_gcp_service_account: d.credential.databricksGcpServiceAccount,
914
+ }),
915
+ ...(d.credential?.$case === 'cloudflareApiToken' && {
916
+ cloudflare_api_token: d.credential.cloudflareApiToken,
917
+ }),
918
+ comment: d.comment,
919
+ read_only: d.readOnly,
920
+ owner: d.owner,
921
+ id: d.id,
922
+ metastore_id: d.metastoreId,
923
+ created_at: d.createdAt,
924
+ created_by: d.createdBy,
925
+ updated_at: d.updatedAt,
926
+ updated_by: d.updatedBy,
927
+ used_for_managed_storage: d.usedForManagedStorage,
928
+ full_name: d.fullName,
929
+ isolation_mode: d.isolationMode,
930
+ }));
931
+ export const marshalCreateCredentialsRequestSchema = z
932
+ .object({
933
+ accountId: z.string().optional(),
934
+ credentialsName: z.string().optional(),
935
+ cloudCredentials: z
936
+ .discriminatedUnion('$case', [
937
+ z.object({
938
+ $case: z.literal('awsCredentials'),
939
+ awsCredentials: z.lazy(() => marshalCreateCredentialAwsCredentialsSchema),
940
+ }),
941
+ ])
942
+ .optional(),
943
+ })
944
+ .transform(d => ({
945
+ account_id: d.accountId,
946
+ credentials_name: d.credentialsName,
947
+ ...(d.cloudCredentials?.$case === 'awsCredentials' && {
948
+ aws_credentials: d.cloudCredentials.awsCredentials,
949
+ }),
950
+ }));
951
+ export const marshalCreateStorageCredentialRequestSchema = z
952
+ .object({
953
+ skipValidation: z.boolean().optional(),
954
+ name: z.string().optional(),
955
+ credential: z
956
+ .discriminatedUnion('$case', [
957
+ z.object({
958
+ $case: z.literal('awsIamRole'),
959
+ awsIamRole: z.lazy(() => marshalAwsIamRoleSchema),
960
+ }),
961
+ z.object({
962
+ $case: z.literal('azureServicePrincipal'),
963
+ azureServicePrincipal: z.lazy(() => marshalAzureServicePrincipalSchema),
964
+ }),
965
+ z.object({
966
+ $case: z.literal('gcpServiceAccountKey'),
967
+ gcpServiceAccountKey: z.lazy(() => marshalGcpServiceAccountKeySchema),
968
+ }),
969
+ z.object({
970
+ $case: z.literal('azureManagedIdentity'),
971
+ azureManagedIdentity: z.lazy(() => marshalAzureManagedIdentitySchema),
972
+ }),
973
+ z.object({
974
+ $case: z.literal('databricksGcpServiceAccount'),
975
+ databricksGcpServiceAccount: z.lazy(() => marshalDatabricksGcpServiceAccountSchema),
976
+ }),
977
+ z.object({
978
+ $case: z.literal('cloudflareApiToken'),
979
+ cloudflareApiToken: z.lazy(() => marshalCloudflareApiTokenSchema),
980
+ }),
981
+ ])
982
+ .optional(),
983
+ comment: z.string().optional(),
984
+ readOnly: z.boolean().optional(),
985
+ owner: z.string().optional(),
986
+ id: z.string().optional(),
987
+ metastoreId: z.string().optional(),
988
+ createdAt: z.bigint().optional(),
989
+ createdBy: z.string().optional(),
990
+ updatedAt: z.bigint().optional(),
991
+ updatedBy: z.string().optional(),
992
+ usedForManagedStorage: z.boolean().optional(),
993
+ fullName: z.string().optional(),
994
+ isolationMode: z.enum(IsolationMode).optional(),
995
+ })
996
+ .transform(d => ({
997
+ skip_validation: d.skipValidation,
998
+ name: d.name,
999
+ ...(d.credential?.$case === 'awsIamRole' && {
1000
+ aws_iam_role: d.credential.awsIamRole,
1001
+ }),
1002
+ ...(d.credential?.$case === 'azureServicePrincipal' && {
1003
+ azure_service_principal: d.credential.azureServicePrincipal,
1004
+ }),
1005
+ ...(d.credential?.$case === 'gcpServiceAccountKey' && {
1006
+ gcp_service_account_key: d.credential.gcpServiceAccountKey,
1007
+ }),
1008
+ ...(d.credential?.$case === 'azureManagedIdentity' && {
1009
+ azure_managed_identity: d.credential.azureManagedIdentity,
1010
+ }),
1011
+ ...(d.credential?.$case === 'databricksGcpServiceAccount' && {
1012
+ databricks_gcp_service_account: d.credential.databricksGcpServiceAccount,
1013
+ }),
1014
+ ...(d.credential?.$case === 'cloudflareApiToken' && {
1015
+ cloudflare_api_token: d.credential.cloudflareApiToken,
1016
+ }),
1017
+ comment: d.comment,
1018
+ read_only: d.readOnly,
1019
+ owner: d.owner,
1020
+ id: d.id,
1021
+ metastore_id: d.metastoreId,
1022
+ created_at: d.createdAt,
1023
+ created_by: d.createdBy,
1024
+ updated_at: d.updatedAt,
1025
+ updated_by: d.updatedBy,
1026
+ used_for_managed_storage: d.usedForManagedStorage,
1027
+ full_name: d.fullName,
1028
+ isolation_mode: d.isolationMode,
1029
+ }));
1030
+ export const marshalDatabricksGcpServiceAccountSchema = z
1031
+ .object({
1032
+ email: z.string().optional(),
1033
+ privateKeyId: z.string().optional(),
1034
+ credentialId: z.string().optional(),
1035
+ })
1036
+ .transform(d => ({
1037
+ email: d.email,
1038
+ private_key_id: d.privateKeyId,
1039
+ credential_id: d.credentialId,
1040
+ }));
1041
+ export const marshalGcpServiceAccountKeySchema = z
1042
+ .object({
1043
+ email: z.string().optional(),
1044
+ privateKeyId: z.string().optional(),
1045
+ privateKey: z.string().optional(),
1046
+ })
1047
+ .transform(d => ({
1048
+ email: d.email,
1049
+ private_key_id: d.privateKeyId,
1050
+ private_key: d.privateKey,
1051
+ }));
1052
+ export const marshalGenerateTemporaryPathCredentialRequestSchema = z
1053
+ .object({
1054
+ url: z.string().optional(),
1055
+ operation: z.enum(PathOperation).optional(),
1056
+ dryRun: z.boolean().optional(),
1057
+ })
1058
+ .transform(d => ({
1059
+ url: d.url,
1060
+ operation: d.operation,
1061
+ dry_run: d.dryRun,
1062
+ }));
1063
+ export const marshalGenerateTemporaryServiceCredentialRequestSchema = z
1064
+ .object({
1065
+ credentialName: z.string().optional(),
1066
+ options: z
1067
+ .discriminatedUnion('$case', [
1068
+ z.object({
1069
+ $case: z.literal('azureOptions'),
1070
+ azureOptions: z.lazy(() => marshalGenerateTemporaryServiceCredentialRequest_AzureOptionsSchema),
1071
+ }),
1072
+ z.object({
1073
+ $case: z.literal('gcpOptions'),
1074
+ gcpOptions: z.lazy(() => marshalGenerateTemporaryServiceCredentialRequest_GcpOptionsSchema),
1075
+ }),
1076
+ ])
1077
+ .optional(),
1078
+ })
1079
+ .transform(d => ({
1080
+ credential_name: d.credentialName,
1081
+ ...(d.options?.$case === 'azureOptions' && {
1082
+ azure_options: d.options.azureOptions,
1083
+ }),
1084
+ ...(d.options?.$case === 'gcpOptions' && {
1085
+ gcp_options: d.options.gcpOptions,
1086
+ }),
1087
+ }));
1088
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
1089
+ export const marshalGenerateTemporaryServiceCredentialRequest_AzureOptionsSchema = z
1090
+ .object({
1091
+ resources: z.array(z.string()).optional(),
1092
+ })
1093
+ .transform(d => ({
1094
+ resources: d.resources,
1095
+ }));
1096
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
1097
+ export const marshalGenerateTemporaryServiceCredentialRequest_GcpOptionsSchema = z
1098
+ .object({
1099
+ scopes: z.array(z.string()).optional(),
1100
+ })
1101
+ .transform(d => ({
1102
+ scopes: d.scopes,
1103
+ }));
1104
+ export const marshalGenerateTemporaryTableCredentialRequestSchema = z
1105
+ .object({
1106
+ tableId: z.string().optional(),
1107
+ operation: z.enum(TableOperation).optional(),
1108
+ })
1109
+ .transform(d => ({
1110
+ table_id: d.tableId,
1111
+ operation: d.operation,
1112
+ }));
1113
+ export const marshalGenerateTemporaryVolumeCredentialRequestSchema = z
1114
+ .object({
1115
+ volumeId: z.string().optional(),
1116
+ operation: z.enum(VolumeOperation).optional(),
1117
+ })
1118
+ .transform(d => ({
1119
+ volume_id: d.volumeId,
1120
+ operation: d.operation,
1121
+ }));
1122
+ export const marshalUpdateAccountsStorageCredentialSchema = z
1123
+ .object({
1124
+ name: z.string().optional(),
1125
+ credential: z
1126
+ .discriminatedUnion('$case', [
1127
+ z.object({
1128
+ $case: z.literal('awsIamRole'),
1129
+ awsIamRole: z.lazy(() => marshalAwsIamRoleSchema),
1130
+ }),
1131
+ z.object({
1132
+ $case: z.literal('azureServicePrincipal'),
1133
+ azureServicePrincipal: z.lazy(() => marshalAzureServicePrincipalSchema),
1134
+ }),
1135
+ z.object({
1136
+ $case: z.literal('gcpServiceAccountKey'),
1137
+ gcpServiceAccountKey: z.lazy(() => marshalGcpServiceAccountKeySchema),
1138
+ }),
1139
+ z.object({
1140
+ $case: z.literal('azureManagedIdentity'),
1141
+ azureManagedIdentity: z.lazy(() => marshalAzureManagedIdentitySchema),
1142
+ }),
1143
+ z.object({
1144
+ $case: z.literal('databricksGcpServiceAccount'),
1145
+ databricksGcpServiceAccount: z.lazy(() => marshalDatabricksGcpServiceAccountSchema),
1146
+ }),
1147
+ z.object({
1148
+ $case: z.literal('cloudflareApiToken'),
1149
+ cloudflareApiToken: z.lazy(() => marshalCloudflareApiTokenSchema),
1150
+ }),
1151
+ ])
1152
+ .optional(),
1153
+ comment: z.string().optional(),
1154
+ readOnly: z.boolean().optional(),
1155
+ owner: z.string().optional(),
1156
+ id: z.string().optional(),
1157
+ metastoreId: z.string().optional(),
1158
+ createdAt: z.bigint().optional(),
1159
+ createdBy: z.string().optional(),
1160
+ updatedAt: z.bigint().optional(),
1161
+ updatedBy: z.string().optional(),
1162
+ usedForManagedStorage: z.boolean().optional(),
1163
+ fullName: z.string().optional(),
1164
+ isolationMode: z.enum(IsolationMode).optional(),
1165
+ })
1166
+ .transform(d => ({
1167
+ name: d.name,
1168
+ ...(d.credential?.$case === 'awsIamRole' && {
1169
+ aws_iam_role: d.credential.awsIamRole,
1170
+ }),
1171
+ ...(d.credential?.$case === 'azureServicePrincipal' && {
1172
+ azure_service_principal: d.credential.azureServicePrincipal,
1173
+ }),
1174
+ ...(d.credential?.$case === 'gcpServiceAccountKey' && {
1175
+ gcp_service_account_key: d.credential.gcpServiceAccountKey,
1176
+ }),
1177
+ ...(d.credential?.$case === 'azureManagedIdentity' && {
1178
+ azure_managed_identity: d.credential.azureManagedIdentity,
1179
+ }),
1180
+ ...(d.credential?.$case === 'databricksGcpServiceAccount' && {
1181
+ databricks_gcp_service_account: d.credential.databricksGcpServiceAccount,
1182
+ }),
1183
+ ...(d.credential?.$case === 'cloudflareApiToken' && {
1184
+ cloudflare_api_token: d.credential.cloudflareApiToken,
1185
+ }),
1186
+ comment: d.comment,
1187
+ read_only: d.readOnly,
1188
+ owner: d.owner,
1189
+ id: d.id,
1190
+ metastore_id: d.metastoreId,
1191
+ created_at: d.createdAt,
1192
+ created_by: d.createdBy,
1193
+ updated_at: d.updatedAt,
1194
+ updated_by: d.updatedBy,
1195
+ used_for_managed_storage: d.usedForManagedStorage,
1196
+ full_name: d.fullName,
1197
+ isolation_mode: d.isolationMode,
1198
+ }));
1199
+ export const marshalUpdateCredentialRequestSchema = z
1200
+ .object({
1201
+ nameArg: z.string().optional(),
1202
+ newName: z.string().optional(),
1203
+ skipValidation: z.boolean().optional(),
1204
+ force: z.boolean().optional(),
1205
+ name: z.string().optional(),
1206
+ credential: z
1207
+ .discriminatedUnion('$case', [
1208
+ z.object({
1209
+ $case: z.literal('awsIamRole'),
1210
+ awsIamRole: z.lazy(() => marshalAwsIamRoleSchema),
1211
+ }),
1212
+ z.object({
1213
+ $case: z.literal('azureServicePrincipal'),
1214
+ azureServicePrincipal: z.lazy(() => marshalAzureServicePrincipalSchema),
1215
+ }),
1216
+ z.object({
1217
+ $case: z.literal('gcpServiceAccountKey'),
1218
+ gcpServiceAccountKey: z.lazy(() => marshalGcpServiceAccountKeySchema),
1219
+ }),
1220
+ z.object({
1221
+ $case: z.literal('azureManagedIdentity'),
1222
+ azureManagedIdentity: z.lazy(() => marshalAzureManagedIdentitySchema),
1223
+ }),
1224
+ z.object({
1225
+ $case: z.literal('databricksGcpServiceAccount'),
1226
+ databricksGcpServiceAccount: z.lazy(() => marshalDatabricksGcpServiceAccountSchema),
1227
+ }),
1228
+ z.object({
1229
+ $case: z.literal('cloudflareApiToken'),
1230
+ cloudflareApiToken: z.lazy(() => marshalCloudflareApiTokenSchema),
1231
+ }),
1232
+ ])
1233
+ .optional(),
1234
+ comment: z.string().optional(),
1235
+ readOnly: z.boolean().optional(),
1236
+ owner: z.string().optional(),
1237
+ id: z.string().optional(),
1238
+ metastoreId: z.string().optional(),
1239
+ createdAt: z.bigint().optional(),
1240
+ createdBy: z.string().optional(),
1241
+ updatedAt: z.bigint().optional(),
1242
+ updatedBy: z.string().optional(),
1243
+ usedForManagedStorage: z.boolean().optional(),
1244
+ fullName: z.string().optional(),
1245
+ isolationMode: z.enum(IsolationMode).optional(),
1246
+ })
1247
+ .transform(d => ({
1248
+ name_arg: d.nameArg,
1249
+ new_name: d.newName,
1250
+ skip_validation: d.skipValidation,
1251
+ force: d.force,
1252
+ name: d.name,
1253
+ ...(d.credential?.$case === 'awsIamRole' && {
1254
+ aws_iam_role: d.credential.awsIamRole,
1255
+ }),
1256
+ ...(d.credential?.$case === 'azureServicePrincipal' && {
1257
+ azure_service_principal: d.credential.azureServicePrincipal,
1258
+ }),
1259
+ ...(d.credential?.$case === 'gcpServiceAccountKey' && {
1260
+ gcp_service_account_key: d.credential.gcpServiceAccountKey,
1261
+ }),
1262
+ ...(d.credential?.$case === 'azureManagedIdentity' && {
1263
+ azure_managed_identity: d.credential.azureManagedIdentity,
1264
+ }),
1265
+ ...(d.credential?.$case === 'databricksGcpServiceAccount' && {
1266
+ databricks_gcp_service_account: d.credential.databricksGcpServiceAccount,
1267
+ }),
1268
+ ...(d.credential?.$case === 'cloudflareApiToken' && {
1269
+ cloudflare_api_token: d.credential.cloudflareApiToken,
1270
+ }),
1271
+ comment: d.comment,
1272
+ read_only: d.readOnly,
1273
+ owner: d.owner,
1274
+ id: d.id,
1275
+ metastore_id: d.metastoreId,
1276
+ created_at: d.createdAt,
1277
+ created_by: d.createdBy,
1278
+ updated_at: d.updatedAt,
1279
+ updated_by: d.updatedBy,
1280
+ used_for_managed_storage: d.usedForManagedStorage,
1281
+ full_name: d.fullName,
1282
+ isolation_mode: d.isolationMode,
1283
+ }));
1284
+ export const marshalUpdateStorageCredentialRequestSchema = z
1285
+ .object({
1286
+ nameArg: z.string().optional(),
1287
+ newName: z.string().optional(),
1288
+ skipValidation: z.boolean().optional(),
1289
+ force: z.boolean().optional(),
1290
+ name: z.string().optional(),
1291
+ credential: z
1292
+ .discriminatedUnion('$case', [
1293
+ z.object({
1294
+ $case: z.literal('awsIamRole'),
1295
+ awsIamRole: z.lazy(() => marshalAwsIamRoleSchema),
1296
+ }),
1297
+ z.object({
1298
+ $case: z.literal('azureServicePrincipal'),
1299
+ azureServicePrincipal: z.lazy(() => marshalAzureServicePrincipalSchema),
1300
+ }),
1301
+ z.object({
1302
+ $case: z.literal('gcpServiceAccountKey'),
1303
+ gcpServiceAccountKey: z.lazy(() => marshalGcpServiceAccountKeySchema),
1304
+ }),
1305
+ z.object({
1306
+ $case: z.literal('azureManagedIdentity'),
1307
+ azureManagedIdentity: z.lazy(() => marshalAzureManagedIdentitySchema),
1308
+ }),
1309
+ z.object({
1310
+ $case: z.literal('databricksGcpServiceAccount'),
1311
+ databricksGcpServiceAccount: z.lazy(() => marshalDatabricksGcpServiceAccountSchema),
1312
+ }),
1313
+ z.object({
1314
+ $case: z.literal('cloudflareApiToken'),
1315
+ cloudflareApiToken: z.lazy(() => marshalCloudflareApiTokenSchema),
1316
+ }),
1317
+ ])
1318
+ .optional(),
1319
+ comment: z.string().optional(),
1320
+ readOnly: z.boolean().optional(),
1321
+ owner: z.string().optional(),
1322
+ id: z.string().optional(),
1323
+ metastoreId: z.string().optional(),
1324
+ createdAt: z.bigint().optional(),
1325
+ createdBy: z.string().optional(),
1326
+ updatedAt: z.bigint().optional(),
1327
+ updatedBy: z.string().optional(),
1328
+ usedForManagedStorage: z.boolean().optional(),
1329
+ fullName: z.string().optional(),
1330
+ isolationMode: z.enum(IsolationMode).optional(),
1331
+ })
1332
+ .transform(d => ({
1333
+ name_arg: d.nameArg,
1334
+ new_name: d.newName,
1335
+ skip_validation: d.skipValidation,
1336
+ force: d.force,
1337
+ name: d.name,
1338
+ ...(d.credential?.$case === 'awsIamRole' && {
1339
+ aws_iam_role: d.credential.awsIamRole,
1340
+ }),
1341
+ ...(d.credential?.$case === 'azureServicePrincipal' && {
1342
+ azure_service_principal: d.credential.azureServicePrincipal,
1343
+ }),
1344
+ ...(d.credential?.$case === 'gcpServiceAccountKey' && {
1345
+ gcp_service_account_key: d.credential.gcpServiceAccountKey,
1346
+ }),
1347
+ ...(d.credential?.$case === 'azureManagedIdentity' && {
1348
+ azure_managed_identity: d.credential.azureManagedIdentity,
1349
+ }),
1350
+ ...(d.credential?.$case === 'databricksGcpServiceAccount' && {
1351
+ databricks_gcp_service_account: d.credential.databricksGcpServiceAccount,
1352
+ }),
1353
+ ...(d.credential?.$case === 'cloudflareApiToken' && {
1354
+ cloudflare_api_token: d.credential.cloudflareApiToken,
1355
+ }),
1356
+ comment: d.comment,
1357
+ read_only: d.readOnly,
1358
+ owner: d.owner,
1359
+ id: d.id,
1360
+ metastore_id: d.metastoreId,
1361
+ created_at: d.createdAt,
1362
+ created_by: d.createdBy,
1363
+ updated_at: d.updatedAt,
1364
+ updated_by: d.updatedBy,
1365
+ used_for_managed_storage: d.usedForManagedStorage,
1366
+ full_name: d.fullName,
1367
+ isolation_mode: d.isolationMode,
1368
+ }));
1369
+ export const marshalValidateCredentialRequestSchema = z
1370
+ .object({
1371
+ credential: z
1372
+ .discriminatedUnion('$case', [
1373
+ z.object({
1374
+ $case: z.literal('credentialName'),
1375
+ credentialName: z.string(),
1376
+ }),
1377
+ z.object({
1378
+ $case: z.literal('awsIamRole'),
1379
+ awsIamRole: z.lazy(() => marshalAwsIamRoleSchema),
1380
+ }),
1381
+ z.object({
1382
+ $case: z.literal('azureManagedIdentity'),
1383
+ azureManagedIdentity: z.lazy(() => marshalAzureManagedIdentitySchema),
1384
+ }),
1385
+ z.object({
1386
+ $case: z.literal('databricksGcpServiceAccount'),
1387
+ databricksGcpServiceAccount: z.lazy(() => marshalDatabricksGcpServiceAccountSchema),
1388
+ }),
1389
+ ])
1390
+ .optional(),
1391
+ externalLocationName: z.string().optional(),
1392
+ url: z.string().optional(),
1393
+ readOnly: z.boolean().optional(),
1394
+ })
1395
+ .transform(d => ({
1396
+ ...(d.credential?.$case === 'credentialName' && {
1397
+ credential_name: d.credential.credentialName,
1398
+ }),
1399
+ ...(d.credential?.$case === 'awsIamRole' && {
1400
+ aws_iam_role: d.credential.awsIamRole,
1401
+ }),
1402
+ ...(d.credential?.$case === 'azureManagedIdentity' && {
1403
+ azure_managed_identity: d.credential.azureManagedIdentity,
1404
+ }),
1405
+ ...(d.credential?.$case === 'databricksGcpServiceAccount' && {
1406
+ databricks_gcp_service_account: d.credential.databricksGcpServiceAccount,
1407
+ }),
1408
+ external_location_name: d.externalLocationName,
1409
+ url: d.url,
1410
+ read_only: d.readOnly,
1411
+ }));
1412
+ export const marshalValidateStorageCredentialRequestSchema = z
1413
+ .object({
1414
+ credential: z
1415
+ .discriminatedUnion('$case', [
1416
+ z.object({
1417
+ $case: z.literal('storageCredentialName'),
1418
+ storageCredentialName: z.string(),
1419
+ }),
1420
+ z.object({
1421
+ $case: z.literal('awsIamRole'),
1422
+ awsIamRole: z.lazy(() => marshalAwsIamRoleSchema),
1423
+ }),
1424
+ z.object({
1425
+ $case: z.literal('azureServicePrincipal'),
1426
+ azureServicePrincipal: z.lazy(() => marshalAzureServicePrincipalSchema),
1427
+ }),
1428
+ z.object({
1429
+ $case: z.literal('azureManagedIdentity'),
1430
+ azureManagedIdentity: z.lazy(() => marshalAzureManagedIdentitySchema),
1431
+ }),
1432
+ z.object({
1433
+ $case: z.literal('databricksGcpServiceAccount'),
1434
+ databricksGcpServiceAccount: z.lazy(() => marshalDatabricksGcpServiceAccountSchema),
1435
+ }),
1436
+ z.object({
1437
+ $case: z.literal('cloudflareApiToken'),
1438
+ cloudflareApiToken: z.lazy(() => marshalCloudflareApiTokenSchema),
1439
+ }),
1440
+ ])
1441
+ .optional(),
1442
+ externalLocationName: z.string().optional(),
1443
+ url: z.string().optional(),
1444
+ readOnly: z.boolean().optional(),
1445
+ })
1446
+ .transform(d => ({
1447
+ ...(d.credential?.$case === 'storageCredentialName' && {
1448
+ storage_credential_name: d.credential.storageCredentialName,
1449
+ }),
1450
+ ...(d.credential?.$case === 'awsIamRole' && {
1451
+ aws_iam_role: d.credential.awsIamRole,
1452
+ }),
1453
+ ...(d.credential?.$case === 'azureServicePrincipal' && {
1454
+ azure_service_principal: d.credential.azureServicePrincipal,
1455
+ }),
1456
+ ...(d.credential?.$case === 'azureManagedIdentity' && {
1457
+ azure_managed_identity: d.credential.azureManagedIdentity,
1458
+ }),
1459
+ ...(d.credential?.$case === 'databricksGcpServiceAccount' && {
1460
+ databricks_gcp_service_account: d.credential.databricksGcpServiceAccount,
1461
+ }),
1462
+ ...(d.credential?.$case === 'cloudflareApiToken' && {
1463
+ cloudflare_api_token: d.credential.cloudflareApiToken,
1464
+ }),
1465
+ external_location_name: d.externalLocationName,
1466
+ url: d.url,
1467
+ read_only: d.readOnly,
1468
+ }));
1469
+ //# sourceMappingURL=model.js.map