@databricks/sdk-uc-credentials 0.0.0-dev → 0.1.0-dev.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +203 -0
- package/dist/v1/client.d.ts +174 -0
- package/dist/v1/client.d.ts.map +1 -0
- package/dist/v1/client.js +811 -0
- package/dist/v1/client.js.map +1 -0
- package/dist/v1/index.d.ts +4 -0
- package/dist/v1/index.d.ts.map +1 -0
- package/dist/v1/index.js +4 -0
- package/dist/v1/index.js.map +1 -0
- package/dist/v1/model.d.ts +1274 -0
- package/dist/v1/model.d.ts.map +1 -0
- package/dist/v1/model.js +1469 -0
- package/dist/v1/model.js.map +1 -0
- package/dist/v1/transport.d.ts +5 -0
- package/dist/v1/transport.d.ts.map +1 -0
- package/dist/v1/transport.js +57 -0
- package/dist/v1/transport.js.map +1 -0
- package/dist/v1/utils.d.ts +21 -0
- package/dist/v1/utils.d.ts.map +1 -0
- package/dist/v1/utils.js +113 -0
- package/dist/v1/utils.js.map +1 -0
- package/package.json +38 -4
- package/src/v1/client.ts +1081 -0
- package/src/v1/index.ts +80 -0
- package/src/v1/model.ts +2904 -0
- package/src/v1/transport.ts +73 -0
- package/src/v1/utils.ts +156 -0
- package/README.md +0 -1
- package/index.js +0 -1
package/src/v1/client.ts
ADDED
|
@@ -0,0 +1,1081 @@
|
|
|
1
|
+
// Code generated from API definition by Databricks SDK Generator. DO NOT EDIT.
|
|
2
|
+
|
|
3
|
+
import {VERSION as AUTH_VERSION} from '@databricks/sdk-auth';
|
|
4
|
+
import {createDefault} from '@databricks/sdk-core/clientinfo';
|
|
5
|
+
import type {Logger} from '@databricks/sdk-core/logger';
|
|
6
|
+
import {NoOpLogger} from '@databricks/sdk-core/logger';
|
|
7
|
+
import type {CallOptions} from '@databricks/sdk-options/call';
|
|
8
|
+
import type {ClientOptions} from '@databricks/sdk-options/client';
|
|
9
|
+
import type {HttpClient} from '@databricks/sdk-core/http';
|
|
10
|
+
import {newHttpClient} from './transport';
|
|
11
|
+
import {
|
|
12
|
+
buildHttpRequest,
|
|
13
|
+
executeCall,
|
|
14
|
+
executeHttpCall,
|
|
15
|
+
marshalRequest,
|
|
16
|
+
parseResponse,
|
|
17
|
+
} from './utils';
|
|
18
|
+
import pkgJson from '../../package.json' with {type: 'json'};
|
|
19
|
+
import {z} from 'zod';
|
|
20
|
+
import type {
|
|
21
|
+
AccountsCreateStorageCredentialRequest,
|
|
22
|
+
AccountsCreateStorageCredentialRequest_Response,
|
|
23
|
+
AccountsDeleteStorageCredentialRequest,
|
|
24
|
+
AccountsDeleteStorageCredentialRequest_Response,
|
|
25
|
+
AccountsGetStorageCredentialRequest,
|
|
26
|
+
AccountsGetStorageCredentialRequest_Response,
|
|
27
|
+
AccountsListStorageCredentialsRequest,
|
|
28
|
+
AccountsListStorageCredentialsRequest_Response,
|
|
29
|
+
AccountsUpdateStorageCredentialRequest,
|
|
30
|
+
AccountsUpdateStorageCredentialRequest_Response,
|
|
31
|
+
CreateCredentialRequest,
|
|
32
|
+
CreateCredentialsRequest,
|
|
33
|
+
CreateStorageCredentialRequest,
|
|
34
|
+
CredentialInfo,
|
|
35
|
+
Credentials,
|
|
36
|
+
DeleteCredentialRequest,
|
|
37
|
+
DeleteCredentialRequest_Response,
|
|
38
|
+
DeleteCredentialsRequest,
|
|
39
|
+
DeleteStorageCredentialRequest,
|
|
40
|
+
DeleteStorageCredentialRequest_Response,
|
|
41
|
+
GenerateTemporaryPathCredentialRequest,
|
|
42
|
+
GenerateTemporaryPathCredentialRequest_Response,
|
|
43
|
+
GenerateTemporaryServiceCredentialRequest,
|
|
44
|
+
GenerateTemporaryTableCredentialRequest,
|
|
45
|
+
GenerateTemporaryTableCredentialRequest_Response,
|
|
46
|
+
GenerateTemporaryVolumeCredentialRequest,
|
|
47
|
+
GenerateTemporaryVolumeCredentialRequest_Response,
|
|
48
|
+
GetCredentialRequest,
|
|
49
|
+
GetCredentialsRequest,
|
|
50
|
+
GetStorageCredentialRequest,
|
|
51
|
+
ListCredentialsPublicRequest,
|
|
52
|
+
ListCredentialsRequest,
|
|
53
|
+
ListCredentialsRequest_Response,
|
|
54
|
+
ListCredentialsResponse,
|
|
55
|
+
ListStorageCredentialsRequest,
|
|
56
|
+
ListStorageCredentialsRequest_Response,
|
|
57
|
+
StorageCredentialInfo,
|
|
58
|
+
TemporaryCredentials,
|
|
59
|
+
UpdateCredentialRequest,
|
|
60
|
+
UpdateStorageCredentialRequest,
|
|
61
|
+
ValidateCredentialRequest,
|
|
62
|
+
ValidateCredentialRequest_Response,
|
|
63
|
+
ValidateStorageCredentialRequest,
|
|
64
|
+
ValidateStorageCredentialRequest_Response,
|
|
65
|
+
} from './model';
|
|
66
|
+
import {
|
|
67
|
+
marshalAccountsCreateStorageCredentialRequestSchema,
|
|
68
|
+
marshalAccountsUpdateStorageCredentialRequestSchema,
|
|
69
|
+
marshalCreateCredentialRequestSchema,
|
|
70
|
+
marshalCreateCredentialsRequestSchema,
|
|
71
|
+
marshalCreateStorageCredentialRequestSchema,
|
|
72
|
+
marshalGenerateTemporaryPathCredentialRequestSchema,
|
|
73
|
+
marshalGenerateTemporaryServiceCredentialRequestSchema,
|
|
74
|
+
marshalGenerateTemporaryTableCredentialRequestSchema,
|
|
75
|
+
marshalGenerateTemporaryVolumeCredentialRequestSchema,
|
|
76
|
+
marshalUpdateCredentialRequestSchema,
|
|
77
|
+
marshalUpdateStorageCredentialRequestSchema,
|
|
78
|
+
marshalValidateCredentialRequestSchema,
|
|
79
|
+
marshalValidateStorageCredentialRequestSchema,
|
|
80
|
+
unmarshalAccountsCreateStorageCredentialRequest_ResponseSchema,
|
|
81
|
+
unmarshalAccountsDeleteStorageCredentialRequest_ResponseSchema,
|
|
82
|
+
unmarshalAccountsGetStorageCredentialRequest_ResponseSchema,
|
|
83
|
+
unmarshalAccountsListStorageCredentialsRequest_ResponseSchema,
|
|
84
|
+
unmarshalAccountsUpdateStorageCredentialRequest_ResponseSchema,
|
|
85
|
+
unmarshalCredentialsSchema,
|
|
86
|
+
unmarshalDeleteCredentialRequest_ResponseSchema,
|
|
87
|
+
unmarshalDeleteStorageCredentialRequest_ResponseSchema,
|
|
88
|
+
unmarshalGenerateTemporaryPathCredentialRequest_ResponseSchema,
|
|
89
|
+
unmarshalGenerateTemporaryTableCredentialRequest_ResponseSchema,
|
|
90
|
+
unmarshalGenerateTemporaryVolumeCredentialRequest_ResponseSchema,
|
|
91
|
+
unmarshalListCredentialsRequest_ResponseSchema,
|
|
92
|
+
unmarshalListStorageCredentialsRequest_ResponseSchema,
|
|
93
|
+
unmarshalStorageCredentialInfoSchema,
|
|
94
|
+
unmarshalTemporaryCredentialsSchema,
|
|
95
|
+
unmarshalValidateCredentialRequest_ResponseSchema,
|
|
96
|
+
unmarshalValidateStorageCredentialRequest_ResponseSchema,
|
|
97
|
+
} from './model';
|
|
98
|
+
|
|
99
|
+
// Package identity segment for this client to be used in the User-Agent header.
|
|
100
|
+
const PACKAGE_SEGMENT = {
|
|
101
|
+
key: 'sdk-js-' + pkgJson.name.replace(/^@[^/]+\/sdk-/, ''),
|
|
102
|
+
value: pkgJson.version,
|
|
103
|
+
};
|
|
104
|
+
|
|
105
|
+
export class CredentialsClient {
|
|
106
|
+
private readonly host: string;
|
|
107
|
+
// Fallback for endpoints whose path contains {account_id}. If the request
|
|
108
|
+
// already carries an accountId, that value wins.
|
|
109
|
+
private readonly accountId: string | undefined;
|
|
110
|
+
// Workspace ID used to route workspace-level calls on unified hosts (SPOG).
|
|
111
|
+
// When set, workspace-level methods send X-Databricks-Org-Id on every
|
|
112
|
+
// request.
|
|
113
|
+
private readonly workspaceId: string | undefined;
|
|
114
|
+
private readonly httpClient: HttpClient;
|
|
115
|
+
private readonly logger: Logger;
|
|
116
|
+
// User-Agent header value. Composed once at construction from
|
|
117
|
+
// createDefault() merged with this package's identity and the active
|
|
118
|
+
// credential's name.
|
|
119
|
+
private readonly userAgent: string;
|
|
120
|
+
|
|
121
|
+
constructor(options: ClientOptions) {
|
|
122
|
+
if (options.host === undefined) {
|
|
123
|
+
throw new Error('Host is required.');
|
|
124
|
+
}
|
|
125
|
+
this.host = options.host.replace(/\/$/, '');
|
|
126
|
+
this.accountId = options.accountId;
|
|
127
|
+
this.workspaceId = options.workspaceId;
|
|
128
|
+
this.logger = options.logger ?? new NoOpLogger();
|
|
129
|
+
const info = createDefault()
|
|
130
|
+
.with(PACKAGE_SEGMENT)
|
|
131
|
+
.with({key: 'sdk-js-auth', value: AUTH_VERSION})
|
|
132
|
+
.with({key: 'auth', value: options.credentials?.name() ?? 'default'});
|
|
133
|
+
this.userAgent = info.toString();
|
|
134
|
+
this.httpClient = newHttpClient(options);
|
|
135
|
+
}
|
|
136
|
+
|
|
137
|
+
/**
|
|
138
|
+
* Creates a new storage credential. The request object is specific to the cloud:
|
|
139
|
+
* - **AwsIamRole** for AWS credentials
|
|
140
|
+
* - **AzureServicePrincipal** for Azure credentials
|
|
141
|
+
* - **GcpServiceAccountKey** for GCP credentials
|
|
142
|
+
*
|
|
143
|
+
* The caller must be a metastore admin and have the `CREATE_STORAGE_CREDENTIAL` privilege on the metastore.
|
|
144
|
+
*/
|
|
145
|
+
async createAccountsStorageCredential(
|
|
146
|
+
req: AccountsCreateStorageCredentialRequest,
|
|
147
|
+
options?: CallOptions
|
|
148
|
+
): Promise<AccountsCreateStorageCredentialRequest_Response> {
|
|
149
|
+
const url = `${this.host}/api/2.0/accounts/${req.accountId ?? this.accountId ?? ''}/metastores/${req.metastoreId ?? ''}/storage-credentials`;
|
|
150
|
+
const body = marshalRequest(
|
|
151
|
+
req,
|
|
152
|
+
marshalAccountsCreateStorageCredentialRequestSchema
|
|
153
|
+
);
|
|
154
|
+
let resp: AccountsCreateStorageCredentialRequest_Response | undefined;
|
|
155
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
156
|
+
const headers = new Headers({'Content-Type': 'application/json'});
|
|
157
|
+
headers.set('User-Agent', this.userAgent);
|
|
158
|
+
const httpReq = buildHttpRequest('POST', url, headers, callSignal, body);
|
|
159
|
+
const respBody = await executeHttpCall({
|
|
160
|
+
request: httpReq,
|
|
161
|
+
httpClient: this.httpClient,
|
|
162
|
+
logger: this.logger,
|
|
163
|
+
});
|
|
164
|
+
resp = parseResponse(
|
|
165
|
+
respBody,
|
|
166
|
+
unmarshalAccountsCreateStorageCredentialRequest_ResponseSchema
|
|
167
|
+
);
|
|
168
|
+
};
|
|
169
|
+
await executeCall(call, options);
|
|
170
|
+
if (resp === undefined) {
|
|
171
|
+
throw new Error('operation completed without a result.');
|
|
172
|
+
}
|
|
173
|
+
return resp;
|
|
174
|
+
}
|
|
175
|
+
|
|
176
|
+
/** Deletes a storage credential from the metastore. The caller must be an owner of the storage credential. */
|
|
177
|
+
async deleteAccountsStorageCredential(
|
|
178
|
+
req: AccountsDeleteStorageCredentialRequest,
|
|
179
|
+
options?: CallOptions
|
|
180
|
+
): Promise<AccountsDeleteStorageCredentialRequest_Response> {
|
|
181
|
+
const url = `${this.host}/api/2.0/accounts/${req.accountId ?? this.accountId ?? ''}/metastores/${req.metastoreId ?? ''}/storage-credentials/${req.nameArg ?? ''}`;
|
|
182
|
+
const params = new URLSearchParams();
|
|
183
|
+
if (req.force !== undefined) {
|
|
184
|
+
params.append('force', String(req.force));
|
|
185
|
+
}
|
|
186
|
+
const query = params.toString();
|
|
187
|
+
const fullUrl = query !== '' ? `${url}?${query}` : url;
|
|
188
|
+
let resp: AccountsDeleteStorageCredentialRequest_Response | undefined;
|
|
189
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
190
|
+
const headers = new Headers();
|
|
191
|
+
headers.set('User-Agent', this.userAgent);
|
|
192
|
+
const httpReq = buildHttpRequest('DELETE', fullUrl, headers, callSignal);
|
|
193
|
+
const respBody = await executeHttpCall({
|
|
194
|
+
request: httpReq,
|
|
195
|
+
httpClient: this.httpClient,
|
|
196
|
+
logger: this.logger,
|
|
197
|
+
});
|
|
198
|
+
resp = parseResponse(
|
|
199
|
+
respBody,
|
|
200
|
+
unmarshalAccountsDeleteStorageCredentialRequest_ResponseSchema
|
|
201
|
+
);
|
|
202
|
+
};
|
|
203
|
+
await executeCall(call, options);
|
|
204
|
+
if (resp === undefined) {
|
|
205
|
+
throw new Error('operation completed without a result.');
|
|
206
|
+
}
|
|
207
|
+
return resp;
|
|
208
|
+
}
|
|
209
|
+
|
|
210
|
+
/**
|
|
211
|
+
* Gets a storage credential from the metastore. The caller must be a metastore admin, the owner of the
|
|
212
|
+
* storage credential, or have a level of privilege on the storage credential.
|
|
213
|
+
*/
|
|
214
|
+
async getAccountsStorageCredential(
|
|
215
|
+
req: AccountsGetStorageCredentialRequest,
|
|
216
|
+
options?: CallOptions
|
|
217
|
+
): Promise<AccountsGetStorageCredentialRequest_Response> {
|
|
218
|
+
const url = `${this.host}/api/2.0/accounts/${req.accountId ?? this.accountId ?? ''}/metastores/${req.metastoreId ?? ''}/storage-credentials/${req.nameArg ?? ''}`;
|
|
219
|
+
let resp: AccountsGetStorageCredentialRequest_Response | undefined;
|
|
220
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
221
|
+
const headers = new Headers();
|
|
222
|
+
headers.set('User-Agent', this.userAgent);
|
|
223
|
+
const httpReq = buildHttpRequest('GET', url, headers, callSignal);
|
|
224
|
+
const respBody = await executeHttpCall({
|
|
225
|
+
request: httpReq,
|
|
226
|
+
httpClient: this.httpClient,
|
|
227
|
+
logger: this.logger,
|
|
228
|
+
});
|
|
229
|
+
resp = parseResponse(
|
|
230
|
+
respBody,
|
|
231
|
+
unmarshalAccountsGetStorageCredentialRequest_ResponseSchema
|
|
232
|
+
);
|
|
233
|
+
};
|
|
234
|
+
await executeCall(call, options);
|
|
235
|
+
if (resp === undefined) {
|
|
236
|
+
throw new Error('operation completed without a result.');
|
|
237
|
+
}
|
|
238
|
+
return resp;
|
|
239
|
+
}
|
|
240
|
+
|
|
241
|
+
/** Gets a list of all storage credentials that have been assigned to given metastore. */
|
|
242
|
+
async listAccountsStorageCredentials(
|
|
243
|
+
req: AccountsListStorageCredentialsRequest,
|
|
244
|
+
options?: CallOptions
|
|
245
|
+
): Promise<AccountsListStorageCredentialsRequest_Response> {
|
|
246
|
+
const url = `${this.host}/api/2.0/accounts/${req.accountId ?? this.accountId ?? ''}/metastores/${req.metastoreId ?? ''}/storage-credentials`;
|
|
247
|
+
let resp: AccountsListStorageCredentialsRequest_Response | undefined;
|
|
248
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
249
|
+
const headers = new Headers();
|
|
250
|
+
headers.set('User-Agent', this.userAgent);
|
|
251
|
+
const httpReq = buildHttpRequest('GET', url, headers, callSignal);
|
|
252
|
+
const respBody = await executeHttpCall({
|
|
253
|
+
request: httpReq,
|
|
254
|
+
httpClient: this.httpClient,
|
|
255
|
+
logger: this.logger,
|
|
256
|
+
});
|
|
257
|
+
resp = parseResponse(
|
|
258
|
+
respBody,
|
|
259
|
+
unmarshalAccountsListStorageCredentialsRequest_ResponseSchema
|
|
260
|
+
);
|
|
261
|
+
};
|
|
262
|
+
await executeCall(call, options);
|
|
263
|
+
if (resp === undefined) {
|
|
264
|
+
throw new Error('operation completed without a result.');
|
|
265
|
+
}
|
|
266
|
+
return resp;
|
|
267
|
+
}
|
|
268
|
+
|
|
269
|
+
/**
|
|
270
|
+
* Updates a storage credential on the metastore. The caller must be the owner of the storage credential.
|
|
271
|
+
* If the caller is a metastore admin, only the **owner** credential can be changed.
|
|
272
|
+
*/
|
|
273
|
+
async updateAccountsStorageCredential(
|
|
274
|
+
req: AccountsUpdateStorageCredentialRequest,
|
|
275
|
+
options?: CallOptions
|
|
276
|
+
): Promise<AccountsUpdateStorageCredentialRequest_Response> {
|
|
277
|
+
const url = `${this.host}/api/2.0/accounts/${req.accountId ?? this.accountId ?? ''}/metastores/${req.metastoreId ?? ''}/storage-credentials/${req.nameArg ?? ''}`;
|
|
278
|
+
const body = marshalRequest(
|
|
279
|
+
req,
|
|
280
|
+
marshalAccountsUpdateStorageCredentialRequestSchema
|
|
281
|
+
);
|
|
282
|
+
let resp: AccountsUpdateStorageCredentialRequest_Response | undefined;
|
|
283
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
284
|
+
const headers = new Headers({'Content-Type': 'application/json'});
|
|
285
|
+
headers.set('User-Agent', this.userAgent);
|
|
286
|
+
const httpReq = buildHttpRequest('PUT', url, headers, callSignal, body);
|
|
287
|
+
const respBody = await executeHttpCall({
|
|
288
|
+
request: httpReq,
|
|
289
|
+
httpClient: this.httpClient,
|
|
290
|
+
logger: this.logger,
|
|
291
|
+
});
|
|
292
|
+
resp = parseResponse(
|
|
293
|
+
respBody,
|
|
294
|
+
unmarshalAccountsUpdateStorageCredentialRequest_ResponseSchema
|
|
295
|
+
);
|
|
296
|
+
};
|
|
297
|
+
await executeCall(call, options);
|
|
298
|
+
if (resp === undefined) {
|
|
299
|
+
throw new Error('operation completed without a result.');
|
|
300
|
+
}
|
|
301
|
+
return resp;
|
|
302
|
+
}
|
|
303
|
+
|
|
304
|
+
/**
|
|
305
|
+
* Creates a new credential. The type of credential to be created is determined by the **purpose** field,
|
|
306
|
+
* which should be either **SERVICE** or **STORAGE**.
|
|
307
|
+
*
|
|
308
|
+
* The caller must be a metastore admin or have the metastore privilege **CREATE_STORAGE_CREDENTIAL** for storage
|
|
309
|
+
* credentials, or **CREATE_SERVICE_CREDENTIAL** for service credentials.
|
|
310
|
+
*/
|
|
311
|
+
async createCredential(
|
|
312
|
+
req: CreateCredentialRequest,
|
|
313
|
+
options?: CallOptions
|
|
314
|
+
): Promise<StorageCredentialInfo> {
|
|
315
|
+
const url = `${this.host}/api/2.1/unity-catalog/credentials`;
|
|
316
|
+
const body = marshalRequest(req, marshalCreateCredentialRequestSchema);
|
|
317
|
+
let resp: StorageCredentialInfo | undefined;
|
|
318
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
319
|
+
const headers = new Headers({'Content-Type': 'application/json'});
|
|
320
|
+
if (this.workspaceId !== undefined) {
|
|
321
|
+
headers.set('X-Databricks-Org-Id', this.workspaceId);
|
|
322
|
+
}
|
|
323
|
+
headers.set('User-Agent', this.userAgent);
|
|
324
|
+
const httpReq = buildHttpRequest('POST', url, headers, callSignal, body);
|
|
325
|
+
const respBody = await executeHttpCall({
|
|
326
|
+
request: httpReq,
|
|
327
|
+
httpClient: this.httpClient,
|
|
328
|
+
logger: this.logger,
|
|
329
|
+
});
|
|
330
|
+
resp = parseResponse(respBody, unmarshalStorageCredentialInfoSchema);
|
|
331
|
+
};
|
|
332
|
+
await executeCall(call, options);
|
|
333
|
+
if (resp === undefined) {
|
|
334
|
+
throw new Error('operation completed without a result.');
|
|
335
|
+
}
|
|
336
|
+
return resp;
|
|
337
|
+
}
|
|
338
|
+
|
|
339
|
+
/**
|
|
340
|
+
* Creates a new storage credential.
|
|
341
|
+
*
|
|
342
|
+
* The caller must be a metastore admin or have the **CREATE_STORAGE_CREDENTIAL** privilege on the metastore.
|
|
343
|
+
*/
|
|
344
|
+
async createStorageCredential(
|
|
345
|
+
req: CreateStorageCredentialRequest,
|
|
346
|
+
options?: CallOptions
|
|
347
|
+
): Promise<StorageCredentialInfo> {
|
|
348
|
+
const url = `${this.host}/api/2.1/unity-catalog/storage-credentials`;
|
|
349
|
+
const body = marshalRequest(
|
|
350
|
+
req,
|
|
351
|
+
marshalCreateStorageCredentialRequestSchema
|
|
352
|
+
);
|
|
353
|
+
let resp: StorageCredentialInfo | undefined;
|
|
354
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
355
|
+
const headers = new Headers({'Content-Type': 'application/json'});
|
|
356
|
+
if (this.workspaceId !== undefined) {
|
|
357
|
+
headers.set('X-Databricks-Org-Id', this.workspaceId);
|
|
358
|
+
}
|
|
359
|
+
headers.set('User-Agent', this.userAgent);
|
|
360
|
+
const httpReq = buildHttpRequest('POST', url, headers, callSignal, body);
|
|
361
|
+
const respBody = await executeHttpCall({
|
|
362
|
+
request: httpReq,
|
|
363
|
+
httpClient: this.httpClient,
|
|
364
|
+
logger: this.logger,
|
|
365
|
+
});
|
|
366
|
+
resp = parseResponse(respBody, unmarshalStorageCredentialInfoSchema);
|
|
367
|
+
};
|
|
368
|
+
await executeCall(call, options);
|
|
369
|
+
if (resp === undefined) {
|
|
370
|
+
throw new Error('operation completed without a result.');
|
|
371
|
+
}
|
|
372
|
+
return resp;
|
|
373
|
+
}
|
|
374
|
+
|
|
375
|
+
/** Deletes a service or storage credential from the metastore. The caller must be an owner of the credential. */
|
|
376
|
+
async deleteCredential(
|
|
377
|
+
req: DeleteCredentialRequest,
|
|
378
|
+
options?: CallOptions
|
|
379
|
+
): Promise<DeleteCredentialRequest_Response> {
|
|
380
|
+
const url = `${this.host}/api/2.1/unity-catalog/credentials/${req.nameArg ?? ''}`;
|
|
381
|
+
const params = new URLSearchParams();
|
|
382
|
+
if (req.force !== undefined) {
|
|
383
|
+
params.append('force', String(req.force));
|
|
384
|
+
}
|
|
385
|
+
const query = params.toString();
|
|
386
|
+
const fullUrl = query !== '' ? `${url}?${query}` : url;
|
|
387
|
+
let resp: DeleteCredentialRequest_Response | undefined;
|
|
388
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
389
|
+
const headers = new Headers();
|
|
390
|
+
if (this.workspaceId !== undefined) {
|
|
391
|
+
headers.set('X-Databricks-Org-Id', this.workspaceId);
|
|
392
|
+
}
|
|
393
|
+
headers.set('User-Agent', this.userAgent);
|
|
394
|
+
const httpReq = buildHttpRequest('DELETE', fullUrl, headers, callSignal);
|
|
395
|
+
const respBody = await executeHttpCall({
|
|
396
|
+
request: httpReq,
|
|
397
|
+
httpClient: this.httpClient,
|
|
398
|
+
logger: this.logger,
|
|
399
|
+
});
|
|
400
|
+
resp = parseResponse(
|
|
401
|
+
respBody,
|
|
402
|
+
unmarshalDeleteCredentialRequest_ResponseSchema
|
|
403
|
+
);
|
|
404
|
+
};
|
|
405
|
+
await executeCall(call, options);
|
|
406
|
+
if (resp === undefined) {
|
|
407
|
+
throw new Error('operation completed without a result.');
|
|
408
|
+
}
|
|
409
|
+
return resp;
|
|
410
|
+
}
|
|
411
|
+
|
|
412
|
+
/** Deletes a storage credential from the metastore. The caller must be an owner of the storage credential. */
|
|
413
|
+
async deleteStorageCredential(
|
|
414
|
+
req: DeleteStorageCredentialRequest,
|
|
415
|
+
options?: CallOptions
|
|
416
|
+
): Promise<DeleteStorageCredentialRequest_Response> {
|
|
417
|
+
const url = `${this.host}/api/2.1/unity-catalog/storage-credentials/${req.nameArg ?? ''}`;
|
|
418
|
+
const params = new URLSearchParams();
|
|
419
|
+
if (req.force !== undefined) {
|
|
420
|
+
params.append('force', String(req.force));
|
|
421
|
+
}
|
|
422
|
+
const query = params.toString();
|
|
423
|
+
const fullUrl = query !== '' ? `${url}?${query}` : url;
|
|
424
|
+
let resp: DeleteStorageCredentialRequest_Response | undefined;
|
|
425
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
426
|
+
const headers = new Headers();
|
|
427
|
+
if (this.workspaceId !== undefined) {
|
|
428
|
+
headers.set('X-Databricks-Org-Id', this.workspaceId);
|
|
429
|
+
}
|
|
430
|
+
headers.set('User-Agent', this.userAgent);
|
|
431
|
+
const httpReq = buildHttpRequest('DELETE', fullUrl, headers, callSignal);
|
|
432
|
+
const respBody = await executeHttpCall({
|
|
433
|
+
request: httpReq,
|
|
434
|
+
httpClient: this.httpClient,
|
|
435
|
+
logger: this.logger,
|
|
436
|
+
});
|
|
437
|
+
resp = parseResponse(
|
|
438
|
+
respBody,
|
|
439
|
+
unmarshalDeleteStorageCredentialRequest_ResponseSchema
|
|
440
|
+
);
|
|
441
|
+
};
|
|
442
|
+
await executeCall(call, options);
|
|
443
|
+
if (resp === undefined) {
|
|
444
|
+
throw new Error('operation completed without a result.');
|
|
445
|
+
}
|
|
446
|
+
return resp;
|
|
447
|
+
}
|
|
448
|
+
|
|
449
|
+
/**
|
|
450
|
+
* Get a short-lived credential for directly accessing cloud storage locations registered in <Databricks>.
|
|
451
|
+
* The Generate Temporary Path Credentials API is only supported for external storage paths, specifically external
|
|
452
|
+
* locations and external tables. Managed tables are not supported by this API.
|
|
453
|
+
* The metastore must have **external_access_enabled** flag set to true (default false).
|
|
454
|
+
* The caller must have the **EXTERNAL_USE_LOCATION** privilege on the external location; this privilege can only be granted
|
|
455
|
+
* by external location owners.
|
|
456
|
+
* For requests on existing external tables, the caller must also have the **EXTERNAL_USE_SCHEMA** privilege on the parent schema;
|
|
457
|
+
* this privilege can only be granted by catalog owners.
|
|
458
|
+
*/
|
|
459
|
+
async generateTemporaryPathCredential(
|
|
460
|
+
req: GenerateTemporaryPathCredentialRequest,
|
|
461
|
+
options?: CallOptions
|
|
462
|
+
): Promise<GenerateTemporaryPathCredentialRequest_Response> {
|
|
463
|
+
const url = `${this.host}/api/2.0/unity-catalog/temporary-path-credentials`;
|
|
464
|
+
const body = marshalRequest(
|
|
465
|
+
req,
|
|
466
|
+
marshalGenerateTemporaryPathCredentialRequestSchema
|
|
467
|
+
);
|
|
468
|
+
let resp: GenerateTemporaryPathCredentialRequest_Response | undefined;
|
|
469
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
470
|
+
const headers = new Headers({'Content-Type': 'application/json'});
|
|
471
|
+
if (this.workspaceId !== undefined) {
|
|
472
|
+
headers.set('X-Databricks-Org-Id', this.workspaceId);
|
|
473
|
+
}
|
|
474
|
+
headers.set('User-Agent', this.userAgent);
|
|
475
|
+
const httpReq = buildHttpRequest('POST', url, headers, callSignal, body);
|
|
476
|
+
const respBody = await executeHttpCall({
|
|
477
|
+
request: httpReq,
|
|
478
|
+
httpClient: this.httpClient,
|
|
479
|
+
logger: this.logger,
|
|
480
|
+
});
|
|
481
|
+
resp = parseResponse(
|
|
482
|
+
respBody,
|
|
483
|
+
unmarshalGenerateTemporaryPathCredentialRequest_ResponseSchema
|
|
484
|
+
);
|
|
485
|
+
};
|
|
486
|
+
await executeCall(call, options);
|
|
487
|
+
if (resp === undefined) {
|
|
488
|
+
throw new Error('operation completed without a result.');
|
|
489
|
+
}
|
|
490
|
+
return resp;
|
|
491
|
+
}
|
|
492
|
+
|
|
493
|
+
/**
|
|
494
|
+
* Returns a set of temporary credentials generated using the specified service credential.
|
|
495
|
+
* The caller must be a metastore admin or have the metastore privilege **ACCESS** on the service credential.
|
|
496
|
+
*/
|
|
497
|
+
async generateTemporaryServiceCredential(
|
|
498
|
+
req: GenerateTemporaryServiceCredentialRequest,
|
|
499
|
+
options?: CallOptions
|
|
500
|
+
): Promise<TemporaryCredentials> {
|
|
501
|
+
const url = `${this.host}/api/2.1/unity-catalog/temporary-service-credentials`;
|
|
502
|
+
const body = marshalRequest(
|
|
503
|
+
req,
|
|
504
|
+
marshalGenerateTemporaryServiceCredentialRequestSchema
|
|
505
|
+
);
|
|
506
|
+
let resp: TemporaryCredentials | undefined;
|
|
507
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
508
|
+
const headers = new Headers({'Content-Type': 'application/json'});
|
|
509
|
+
if (this.workspaceId !== undefined) {
|
|
510
|
+
headers.set('X-Databricks-Org-Id', this.workspaceId);
|
|
511
|
+
}
|
|
512
|
+
headers.set('User-Agent', this.userAgent);
|
|
513
|
+
const httpReq = buildHttpRequest('POST', url, headers, callSignal, body);
|
|
514
|
+
const respBody = await executeHttpCall({
|
|
515
|
+
request: httpReq,
|
|
516
|
+
httpClient: this.httpClient,
|
|
517
|
+
logger: this.logger,
|
|
518
|
+
});
|
|
519
|
+
resp = parseResponse(respBody, unmarshalTemporaryCredentialsSchema);
|
|
520
|
+
};
|
|
521
|
+
await executeCall(call, options);
|
|
522
|
+
if (resp === undefined) {
|
|
523
|
+
throw new Error('operation completed without a result.');
|
|
524
|
+
}
|
|
525
|
+
return resp;
|
|
526
|
+
}
|
|
527
|
+
|
|
528
|
+
/**
|
|
529
|
+
* Get a short-lived credential for directly accessing the table data on cloud storage.
|
|
530
|
+
* The metastore must have **external_access_enabled** flag set to true (default false).
|
|
531
|
+
* The caller must have the **EXTERNAL_USE_SCHEMA** privilege on the parent schema and this privilege can only be granted
|
|
532
|
+
* by catalog owners.
|
|
533
|
+
*/
|
|
534
|
+
async generateTemporaryTableCredential(
|
|
535
|
+
req: GenerateTemporaryTableCredentialRequest,
|
|
536
|
+
options?: CallOptions
|
|
537
|
+
): Promise<GenerateTemporaryTableCredentialRequest_Response> {
|
|
538
|
+
const url = `${this.host}/api/2.0/unity-catalog/temporary-table-credentials`;
|
|
539
|
+
const body = marshalRequest(
|
|
540
|
+
req,
|
|
541
|
+
marshalGenerateTemporaryTableCredentialRequestSchema
|
|
542
|
+
);
|
|
543
|
+
let resp: GenerateTemporaryTableCredentialRequest_Response | undefined;
|
|
544
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
545
|
+
const headers = new Headers({'Content-Type': 'application/json'});
|
|
546
|
+
if (this.workspaceId !== undefined) {
|
|
547
|
+
headers.set('X-Databricks-Org-Id', this.workspaceId);
|
|
548
|
+
}
|
|
549
|
+
headers.set('User-Agent', this.userAgent);
|
|
550
|
+
const httpReq = buildHttpRequest('POST', url, headers, callSignal, body);
|
|
551
|
+
const respBody = await executeHttpCall({
|
|
552
|
+
request: httpReq,
|
|
553
|
+
httpClient: this.httpClient,
|
|
554
|
+
logger: this.logger,
|
|
555
|
+
});
|
|
556
|
+
resp = parseResponse(
|
|
557
|
+
respBody,
|
|
558
|
+
unmarshalGenerateTemporaryTableCredentialRequest_ResponseSchema
|
|
559
|
+
);
|
|
560
|
+
};
|
|
561
|
+
await executeCall(call, options);
|
|
562
|
+
if (resp === undefined) {
|
|
563
|
+
throw new Error('operation completed without a result.');
|
|
564
|
+
}
|
|
565
|
+
return resp;
|
|
566
|
+
}
|
|
567
|
+
|
|
568
|
+
/**
|
|
569
|
+
* Get a short-lived credential for directly accessing the volume data on cloud storage.
|
|
570
|
+
* The metastore must have **external_access_enabled** flag set to true (default false).
|
|
571
|
+
* The caller must have the **EXTERNAL_USE_SCHEMA** privilege on the parent schema and this privilege can only be granted
|
|
572
|
+
* by catalog owners.
|
|
573
|
+
*/
|
|
574
|
+
async generateTemporaryVolumeCredential(
|
|
575
|
+
req: GenerateTemporaryVolumeCredentialRequest,
|
|
576
|
+
options?: CallOptions
|
|
577
|
+
): Promise<GenerateTemporaryVolumeCredentialRequest_Response> {
|
|
578
|
+
const url = `${this.host}/api/2.0/unity-catalog/temporary-volume-credentials`;
|
|
579
|
+
const body = marshalRequest(
|
|
580
|
+
req,
|
|
581
|
+
marshalGenerateTemporaryVolumeCredentialRequestSchema
|
|
582
|
+
);
|
|
583
|
+
let resp: GenerateTemporaryVolumeCredentialRequest_Response | undefined;
|
|
584
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
585
|
+
const headers = new Headers({'Content-Type': 'application/json'});
|
|
586
|
+
if (this.workspaceId !== undefined) {
|
|
587
|
+
headers.set('X-Databricks-Org-Id', this.workspaceId);
|
|
588
|
+
}
|
|
589
|
+
headers.set('User-Agent', this.userAgent);
|
|
590
|
+
const httpReq = buildHttpRequest('POST', url, headers, callSignal, body);
|
|
591
|
+
const respBody = await executeHttpCall({
|
|
592
|
+
request: httpReq,
|
|
593
|
+
httpClient: this.httpClient,
|
|
594
|
+
logger: this.logger,
|
|
595
|
+
});
|
|
596
|
+
resp = parseResponse(
|
|
597
|
+
respBody,
|
|
598
|
+
unmarshalGenerateTemporaryVolumeCredentialRequest_ResponseSchema
|
|
599
|
+
);
|
|
600
|
+
};
|
|
601
|
+
await executeCall(call, options);
|
|
602
|
+
if (resp === undefined) {
|
|
603
|
+
throw new Error('operation completed without a result.');
|
|
604
|
+
}
|
|
605
|
+
return resp;
|
|
606
|
+
}
|
|
607
|
+
|
|
608
|
+
/**
|
|
609
|
+
* Gets a service or storage credential from the metastore.
|
|
610
|
+
* The caller must be a metastore admin, the owner of the credential, or have any permission on the credential.
|
|
611
|
+
*/
|
|
612
|
+
async getCredential(
|
|
613
|
+
req: GetCredentialRequest,
|
|
614
|
+
options?: CallOptions
|
|
615
|
+
): Promise<StorageCredentialInfo> {
|
|
616
|
+
const url = `${this.host}/api/2.1/unity-catalog/credentials/${req.nameArg ?? ''}`;
|
|
617
|
+
let resp: StorageCredentialInfo | undefined;
|
|
618
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
619
|
+
const headers = new Headers();
|
|
620
|
+
if (this.workspaceId !== undefined) {
|
|
621
|
+
headers.set('X-Databricks-Org-Id', this.workspaceId);
|
|
622
|
+
}
|
|
623
|
+
headers.set('User-Agent', this.userAgent);
|
|
624
|
+
const httpReq = buildHttpRequest('GET', url, headers, callSignal);
|
|
625
|
+
const respBody = await executeHttpCall({
|
|
626
|
+
request: httpReq,
|
|
627
|
+
httpClient: this.httpClient,
|
|
628
|
+
logger: this.logger,
|
|
629
|
+
});
|
|
630
|
+
resp = parseResponse(respBody, unmarshalStorageCredentialInfoSchema);
|
|
631
|
+
};
|
|
632
|
+
await executeCall(call, options);
|
|
633
|
+
if (resp === undefined) {
|
|
634
|
+
throw new Error('operation completed without a result.');
|
|
635
|
+
}
|
|
636
|
+
return resp;
|
|
637
|
+
}
|
|
638
|
+
|
|
639
|
+
/**
|
|
640
|
+
* Gets a storage credential from the metastore.
|
|
641
|
+
* The caller must be a metastore admin, the owner of the storage credential, or have some permission on the storage credential.
|
|
642
|
+
*/
|
|
643
|
+
async getStorageCredential(
|
|
644
|
+
req: GetStorageCredentialRequest,
|
|
645
|
+
options?: CallOptions
|
|
646
|
+
): Promise<StorageCredentialInfo> {
|
|
647
|
+
const url = `${this.host}/api/2.1/unity-catalog/storage-credentials/${req.nameArg ?? ''}`;
|
|
648
|
+
let resp: StorageCredentialInfo | undefined;
|
|
649
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
650
|
+
const headers = new Headers();
|
|
651
|
+
if (this.workspaceId !== undefined) {
|
|
652
|
+
headers.set('X-Databricks-Org-Id', this.workspaceId);
|
|
653
|
+
}
|
|
654
|
+
headers.set('User-Agent', this.userAgent);
|
|
655
|
+
const httpReq = buildHttpRequest('GET', url, headers, callSignal);
|
|
656
|
+
const respBody = await executeHttpCall({
|
|
657
|
+
request: httpReq,
|
|
658
|
+
httpClient: this.httpClient,
|
|
659
|
+
logger: this.logger,
|
|
660
|
+
});
|
|
661
|
+
resp = parseResponse(respBody, unmarshalStorageCredentialInfoSchema);
|
|
662
|
+
};
|
|
663
|
+
await executeCall(call, options);
|
|
664
|
+
if (resp === undefined) {
|
|
665
|
+
throw new Error('operation completed without a result.');
|
|
666
|
+
}
|
|
667
|
+
return resp;
|
|
668
|
+
}
|
|
669
|
+
|
|
670
|
+
/**
|
|
671
|
+
* Gets an array of credentials (as __CredentialInfo__ objects).
|
|
672
|
+
*
|
|
673
|
+
* The array is limited to only the credentials that the caller has permission to access.
|
|
674
|
+
* If the caller is a metastore admin, retrieval of credentials is unrestricted.
|
|
675
|
+
* There is no guarantee of a specific ordering of the elements in the array.
|
|
676
|
+
*
|
|
677
|
+
* PAGINATION BEHAVIOR: The API is by default paginated, a page may contain zero results while still providing a next_page_token.
|
|
678
|
+
* Clients must continue reading pages until next_page_token is absent, which is the only indication that the end of results has been reached.
|
|
679
|
+
*/
|
|
680
|
+
async listCredentials(
|
|
681
|
+
req: ListCredentialsRequest,
|
|
682
|
+
options?: CallOptions
|
|
683
|
+
): Promise<ListCredentialsRequest_Response> {
|
|
684
|
+
const url = `${this.host}/api/2.1/unity-catalog/credentials`;
|
|
685
|
+
const params = new URLSearchParams();
|
|
686
|
+
if (req.includeUnbound !== undefined) {
|
|
687
|
+
params.append('include_unbound', String(req.includeUnbound));
|
|
688
|
+
}
|
|
689
|
+
if (req.maxResults !== undefined) {
|
|
690
|
+
params.append('max_results', String(req.maxResults));
|
|
691
|
+
}
|
|
692
|
+
if (req.pageToken !== undefined) {
|
|
693
|
+
params.append('page_token', req.pageToken);
|
|
694
|
+
}
|
|
695
|
+
const query = params.toString();
|
|
696
|
+
const fullUrl = query !== '' ? `${url}?${query}` : url;
|
|
697
|
+
let resp: ListCredentialsRequest_Response | undefined;
|
|
698
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
699
|
+
const headers = new Headers();
|
|
700
|
+
if (this.workspaceId !== undefined) {
|
|
701
|
+
headers.set('X-Databricks-Org-Id', this.workspaceId);
|
|
702
|
+
}
|
|
703
|
+
headers.set('User-Agent', this.userAgent);
|
|
704
|
+
const httpReq = buildHttpRequest('GET', fullUrl, headers, callSignal);
|
|
705
|
+
const respBody = await executeHttpCall({
|
|
706
|
+
request: httpReq,
|
|
707
|
+
httpClient: this.httpClient,
|
|
708
|
+
logger: this.logger,
|
|
709
|
+
});
|
|
710
|
+
resp = parseResponse(
|
|
711
|
+
respBody,
|
|
712
|
+
unmarshalListCredentialsRequest_ResponseSchema
|
|
713
|
+
);
|
|
714
|
+
};
|
|
715
|
+
await executeCall(call, options);
|
|
716
|
+
if (resp === undefined) {
|
|
717
|
+
throw new Error('operation completed without a result.');
|
|
718
|
+
}
|
|
719
|
+
return resp;
|
|
720
|
+
}
|
|
721
|
+
|
|
722
|
+
async *listCredentialsIter(
|
|
723
|
+
req: ListCredentialsRequest,
|
|
724
|
+
options?: CallOptions
|
|
725
|
+
): AsyncGenerator<CredentialInfo> {
|
|
726
|
+
const pageReq: ListCredentialsRequest = {...req};
|
|
727
|
+
for (;;) {
|
|
728
|
+
const resp = await this.listCredentials(pageReq, options);
|
|
729
|
+
for (const item of resp.credentials ?? []) {
|
|
730
|
+
yield item;
|
|
731
|
+
}
|
|
732
|
+
if (resp.nextPageToken === undefined || resp.nextPageToken === '') {
|
|
733
|
+
return;
|
|
734
|
+
}
|
|
735
|
+
pageReq.pageToken = resp.nextPageToken;
|
|
736
|
+
}
|
|
737
|
+
}
|
|
738
|
+
|
|
739
|
+
/**
|
|
740
|
+
* Gets an array of storage credentials (as __StorageCredentialInfo__ objects).
|
|
741
|
+
* The array is limited to only those storage credentials the caller has permission to access.
|
|
742
|
+
* If the caller is a metastore admin, retrieval of credentials is unrestricted.
|
|
743
|
+
* There is no guarantee of a specific ordering of the elements in the array.
|
|
744
|
+
*
|
|
745
|
+
* NOTE: we recommend using max_results=0 to use the paginated version of this API. Unpaginated calls will be deprecated soon.
|
|
746
|
+
*
|
|
747
|
+
* PAGINATION BEHAVIOR: When using pagination (max_results >= 0), a page may contain zero results while still providing a next_page_token.
|
|
748
|
+
* Clients must continue reading pages until next_page_token is absent, which is the only indication that the end of results has been reached.
|
|
749
|
+
*/
|
|
750
|
+
async listStorageCredentials(
|
|
751
|
+
req: ListStorageCredentialsRequest,
|
|
752
|
+
options?: CallOptions
|
|
753
|
+
): Promise<ListStorageCredentialsRequest_Response> {
|
|
754
|
+
const url = `${this.host}/api/2.1/unity-catalog/storage-credentials`;
|
|
755
|
+
const params = new URLSearchParams();
|
|
756
|
+
if (req.includeUnbound !== undefined) {
|
|
757
|
+
params.append('include_unbound', String(req.includeUnbound));
|
|
758
|
+
}
|
|
759
|
+
if (req.maxResults !== undefined) {
|
|
760
|
+
params.append('max_results', String(req.maxResults));
|
|
761
|
+
}
|
|
762
|
+
if (req.pageToken !== undefined) {
|
|
763
|
+
params.append('page_token', req.pageToken);
|
|
764
|
+
}
|
|
765
|
+
const query = params.toString();
|
|
766
|
+
const fullUrl = query !== '' ? `${url}?${query}` : url;
|
|
767
|
+
let resp: ListStorageCredentialsRequest_Response | undefined;
|
|
768
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
769
|
+
const headers = new Headers();
|
|
770
|
+
if (this.workspaceId !== undefined) {
|
|
771
|
+
headers.set('X-Databricks-Org-Id', this.workspaceId);
|
|
772
|
+
}
|
|
773
|
+
headers.set('User-Agent', this.userAgent);
|
|
774
|
+
const httpReq = buildHttpRequest('GET', fullUrl, headers, callSignal);
|
|
775
|
+
const respBody = await executeHttpCall({
|
|
776
|
+
request: httpReq,
|
|
777
|
+
httpClient: this.httpClient,
|
|
778
|
+
logger: this.logger,
|
|
779
|
+
});
|
|
780
|
+
resp = parseResponse(
|
|
781
|
+
respBody,
|
|
782
|
+
unmarshalListStorageCredentialsRequest_ResponseSchema
|
|
783
|
+
);
|
|
784
|
+
};
|
|
785
|
+
await executeCall(call, options);
|
|
786
|
+
if (resp === undefined) {
|
|
787
|
+
throw new Error('operation completed without a result.');
|
|
788
|
+
}
|
|
789
|
+
return resp;
|
|
790
|
+
}
|
|
791
|
+
|
|
792
|
+
async *listStorageCredentialsIter(
|
|
793
|
+
req: ListStorageCredentialsRequest,
|
|
794
|
+
options?: CallOptions
|
|
795
|
+
): AsyncGenerator<StorageCredentialInfo> {
|
|
796
|
+
const pageReq: ListStorageCredentialsRequest = {...req};
|
|
797
|
+
for (;;) {
|
|
798
|
+
const resp = await this.listStorageCredentials(pageReq, options);
|
|
799
|
+
for (const item of resp.storageCredentials ?? []) {
|
|
800
|
+
yield item;
|
|
801
|
+
}
|
|
802
|
+
if (resp.nextPageToken === undefined || resp.nextPageToken === '') {
|
|
803
|
+
return;
|
|
804
|
+
}
|
|
805
|
+
pageReq.pageToken = resp.nextPageToken;
|
|
806
|
+
}
|
|
807
|
+
}
|
|
808
|
+
|
|
809
|
+
/**
|
|
810
|
+
* Updates a service or storage credential on the metastore.
|
|
811
|
+
*
|
|
812
|
+
* The caller must be the owner of the credential or a metastore admin or have the `MANAGE` permission. If the caller is
|
|
813
|
+
* a metastore admin, only the __owner__ field can be changed.
|
|
814
|
+
*/
|
|
815
|
+
async updateCredential(
|
|
816
|
+
req: UpdateCredentialRequest,
|
|
817
|
+
options?: CallOptions
|
|
818
|
+
): Promise<StorageCredentialInfo> {
|
|
819
|
+
const url = `${this.host}/api/2.1/unity-catalog/credentials/${req.nameArg ?? ''}`;
|
|
820
|
+
const body = marshalRequest(req, marshalUpdateCredentialRequestSchema);
|
|
821
|
+
let resp: StorageCredentialInfo | undefined;
|
|
822
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
823
|
+
const headers = new Headers({'Content-Type': 'application/json'});
|
|
824
|
+
if (this.workspaceId !== undefined) {
|
|
825
|
+
headers.set('X-Databricks-Org-Id', this.workspaceId);
|
|
826
|
+
}
|
|
827
|
+
headers.set('User-Agent', this.userAgent);
|
|
828
|
+
const httpReq = buildHttpRequest('PATCH', url, headers, callSignal, body);
|
|
829
|
+
const respBody = await executeHttpCall({
|
|
830
|
+
request: httpReq,
|
|
831
|
+
httpClient: this.httpClient,
|
|
832
|
+
logger: this.logger,
|
|
833
|
+
});
|
|
834
|
+
resp = parseResponse(respBody, unmarshalStorageCredentialInfoSchema);
|
|
835
|
+
};
|
|
836
|
+
await executeCall(call, options);
|
|
837
|
+
if (resp === undefined) {
|
|
838
|
+
throw new Error('operation completed without a result.');
|
|
839
|
+
}
|
|
840
|
+
return resp;
|
|
841
|
+
}
|
|
842
|
+
|
|
843
|
+
/**
|
|
844
|
+
* Updates a storage credential on the metastore.
|
|
845
|
+
*
|
|
846
|
+
* The caller must be the owner of the storage credential or a metastore admin.
|
|
847
|
+
* If the caller is a metastore admin, only the **owner** field can be changed.
|
|
848
|
+
*/
|
|
849
|
+
async updateStorageCredential(
|
|
850
|
+
req: UpdateStorageCredentialRequest,
|
|
851
|
+
options?: CallOptions
|
|
852
|
+
): Promise<StorageCredentialInfo> {
|
|
853
|
+
const url = `${this.host}/api/2.1/unity-catalog/storage-credentials/${req.nameArg ?? ''}`;
|
|
854
|
+
const body = marshalRequest(
|
|
855
|
+
req,
|
|
856
|
+
marshalUpdateStorageCredentialRequestSchema
|
|
857
|
+
);
|
|
858
|
+
let resp: StorageCredentialInfo | undefined;
|
|
859
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
860
|
+
const headers = new Headers({'Content-Type': 'application/json'});
|
|
861
|
+
if (this.workspaceId !== undefined) {
|
|
862
|
+
headers.set('X-Databricks-Org-Id', this.workspaceId);
|
|
863
|
+
}
|
|
864
|
+
headers.set('User-Agent', this.userAgent);
|
|
865
|
+
const httpReq = buildHttpRequest('PATCH', url, headers, callSignal, body);
|
|
866
|
+
const respBody = await executeHttpCall({
|
|
867
|
+
request: httpReq,
|
|
868
|
+
httpClient: this.httpClient,
|
|
869
|
+
logger: this.logger,
|
|
870
|
+
});
|
|
871
|
+
resp = parseResponse(respBody, unmarshalStorageCredentialInfoSchema);
|
|
872
|
+
};
|
|
873
|
+
await executeCall(call, options);
|
|
874
|
+
if (resp === undefined) {
|
|
875
|
+
throw new Error('operation completed without a result.');
|
|
876
|
+
}
|
|
877
|
+
return resp;
|
|
878
|
+
}
|
|
879
|
+
|
|
880
|
+
/**
|
|
881
|
+
* Validates a credential.
|
|
882
|
+
*
|
|
883
|
+
* For service credentials (purpose is **SERVICE**), either the __credential_name__ or the cloud-specific credential
|
|
884
|
+
* must be provided.
|
|
885
|
+
*
|
|
886
|
+
* For storage credentials (purpose is **STORAGE**), at least one of __external_location_name__ and __url__ need to be
|
|
887
|
+
* provided. If only one of them is provided, it will be used for validation. And if both are provided, the __url__
|
|
888
|
+
* will be used for validation, and __external_location_name__ will be ignored when checking overlapping urls. Either
|
|
889
|
+
* the __credential_name__ or the cloud-specific credential must be provided.
|
|
890
|
+
*
|
|
891
|
+
* The caller must be a metastore admin or the credential owner or have the required permission on the metastore and
|
|
892
|
+
* the credential (e.g., **CREATE_EXTERNAL_LOCATION** when purpose is **STORAGE**).
|
|
893
|
+
*/
|
|
894
|
+
async validateCredential(
|
|
895
|
+
req: ValidateCredentialRequest,
|
|
896
|
+
options?: CallOptions
|
|
897
|
+
): Promise<ValidateCredentialRequest_Response> {
|
|
898
|
+
const url = `${this.host}/api/2.1/unity-catalog/validate-credentials`;
|
|
899
|
+
const body = marshalRequest(req, marshalValidateCredentialRequestSchema);
|
|
900
|
+
let resp: ValidateCredentialRequest_Response | undefined;
|
|
901
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
902
|
+
const headers = new Headers({'Content-Type': 'application/json'});
|
|
903
|
+
if (this.workspaceId !== undefined) {
|
|
904
|
+
headers.set('X-Databricks-Org-Id', this.workspaceId);
|
|
905
|
+
}
|
|
906
|
+
headers.set('User-Agent', this.userAgent);
|
|
907
|
+
const httpReq = buildHttpRequest('POST', url, headers, callSignal, body);
|
|
908
|
+
const respBody = await executeHttpCall({
|
|
909
|
+
request: httpReq,
|
|
910
|
+
httpClient: this.httpClient,
|
|
911
|
+
logger: this.logger,
|
|
912
|
+
});
|
|
913
|
+
resp = parseResponse(
|
|
914
|
+
respBody,
|
|
915
|
+
unmarshalValidateCredentialRequest_ResponseSchema
|
|
916
|
+
);
|
|
917
|
+
};
|
|
918
|
+
await executeCall(call, options);
|
|
919
|
+
if (resp === undefined) {
|
|
920
|
+
throw new Error('operation completed without a result.');
|
|
921
|
+
}
|
|
922
|
+
return resp;
|
|
923
|
+
}
|
|
924
|
+
|
|
925
|
+
/**
|
|
926
|
+
* Validates a storage credential.
|
|
927
|
+
* At least one of __external_location_name__ and __url__ need to be provided. If only one of them is
|
|
928
|
+
* provided, it will be used for validation. And if both are provided, the __url__ will be used for
|
|
929
|
+
* validation, and __external_location_name__ will be ignored when checking overlapping urls.
|
|
930
|
+
*
|
|
931
|
+
* Either the __storage_credential_name__ or the cloud-specific credential must be provided.
|
|
932
|
+
*
|
|
933
|
+
* The caller must be a metastore admin or the storage credential owner or
|
|
934
|
+
* have the **CREATE_EXTERNAL_LOCATION** privilege on the metastore and the storage credential.
|
|
935
|
+
*/
|
|
936
|
+
async validateStorageCredential(
|
|
937
|
+
req: ValidateStorageCredentialRequest,
|
|
938
|
+
options?: CallOptions
|
|
939
|
+
): Promise<ValidateStorageCredentialRequest_Response> {
|
|
940
|
+
const url = `${this.host}/api/2.1/unity-catalog/validate-storage-credentials`;
|
|
941
|
+
const body = marshalRequest(
|
|
942
|
+
req,
|
|
943
|
+
marshalValidateStorageCredentialRequestSchema
|
|
944
|
+
);
|
|
945
|
+
let resp: ValidateStorageCredentialRequest_Response | undefined;
|
|
946
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
947
|
+
const headers = new Headers({'Content-Type': 'application/json'});
|
|
948
|
+
if (this.workspaceId !== undefined) {
|
|
949
|
+
headers.set('X-Databricks-Org-Id', this.workspaceId);
|
|
950
|
+
}
|
|
951
|
+
headers.set('User-Agent', this.userAgent);
|
|
952
|
+
const httpReq = buildHttpRequest('POST', url, headers, callSignal, body);
|
|
953
|
+
const respBody = await executeHttpCall({
|
|
954
|
+
request: httpReq,
|
|
955
|
+
httpClient: this.httpClient,
|
|
956
|
+
logger: this.logger,
|
|
957
|
+
});
|
|
958
|
+
resp = parseResponse(
|
|
959
|
+
respBody,
|
|
960
|
+
unmarshalValidateStorageCredentialRequest_ResponseSchema
|
|
961
|
+
);
|
|
962
|
+
};
|
|
963
|
+
await executeCall(call, options);
|
|
964
|
+
if (resp === undefined) {
|
|
965
|
+
throw new Error('operation completed without a result.');
|
|
966
|
+
}
|
|
967
|
+
return resp;
|
|
968
|
+
}
|
|
969
|
+
|
|
970
|
+
/**
|
|
971
|
+
* Creates a <Databricks> credential configuration that represents cloud cross-account credentials for a specified account. <Databricks> uses this to set up network infrastructure properly to host <Databricks> clusters. For your AWS IAM role, you need to trust the External ID (the Databricks Account API account ID) in the returned credential object, and configure the required access policy.
|
|
972
|
+
*
|
|
973
|
+
* Save the response's `credentials_id` field, which is the ID for your new credential configuration object.
|
|
974
|
+
*
|
|
975
|
+
* For information about how to create a new workspace with this API, see [Create a new workspace using the Account API](http://docs.databricks.com/administration-guide/account-api/new-workspace.html)
|
|
976
|
+
*/
|
|
977
|
+
async createCredentialsPublic(
|
|
978
|
+
req: CreateCredentialsRequest,
|
|
979
|
+
options?: CallOptions
|
|
980
|
+
): Promise<Credentials> {
|
|
981
|
+
const url = `${this.host}/api/2.0/accounts/${req.accountId ?? this.accountId ?? ''}/credentials`;
|
|
982
|
+
const body = marshalRequest(req, marshalCreateCredentialsRequestSchema);
|
|
983
|
+
let resp: Credentials | undefined;
|
|
984
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
985
|
+
const headers = new Headers({'Content-Type': 'application/json'});
|
|
986
|
+
headers.set('User-Agent', this.userAgent);
|
|
987
|
+
const httpReq = buildHttpRequest('POST', url, headers, callSignal, body);
|
|
988
|
+
const respBody = await executeHttpCall({
|
|
989
|
+
request: httpReq,
|
|
990
|
+
httpClient: this.httpClient,
|
|
991
|
+
logger: this.logger,
|
|
992
|
+
});
|
|
993
|
+
resp = parseResponse(respBody, unmarshalCredentialsSchema);
|
|
994
|
+
};
|
|
995
|
+
await executeCall(call, options);
|
|
996
|
+
if (resp === undefined) {
|
|
997
|
+
throw new Error('operation completed without a result.');
|
|
998
|
+
}
|
|
999
|
+
return resp;
|
|
1000
|
+
}
|
|
1001
|
+
|
|
1002
|
+
/** Deletes a <Databricks> credential configuration object for an account, both specified by ID. You cannot delete a credential that is associated with any workspace. */
|
|
1003
|
+
async deleteCredentialsPublic(
|
|
1004
|
+
req: DeleteCredentialsRequest,
|
|
1005
|
+
options?: CallOptions
|
|
1006
|
+
): Promise<Credentials> {
|
|
1007
|
+
const url = `${this.host}/api/2.0/accounts/${req.accountId ?? this.accountId ?? ''}/credentials/${req.credentialsId ?? ''}`;
|
|
1008
|
+
let resp: Credentials | undefined;
|
|
1009
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
1010
|
+
const headers = new Headers();
|
|
1011
|
+
headers.set('User-Agent', this.userAgent);
|
|
1012
|
+
const httpReq = buildHttpRequest('DELETE', url, headers, callSignal);
|
|
1013
|
+
const respBody = await executeHttpCall({
|
|
1014
|
+
request: httpReq,
|
|
1015
|
+
httpClient: this.httpClient,
|
|
1016
|
+
logger: this.logger,
|
|
1017
|
+
});
|
|
1018
|
+
resp = parseResponse(respBody, unmarshalCredentialsSchema);
|
|
1019
|
+
};
|
|
1020
|
+
await executeCall(call, options);
|
|
1021
|
+
if (resp === undefined) {
|
|
1022
|
+
throw new Error('operation completed without a result.');
|
|
1023
|
+
}
|
|
1024
|
+
return resp;
|
|
1025
|
+
}
|
|
1026
|
+
|
|
1027
|
+
/** Gets a <Databricks> credential configuration object for an account, both specified by ID. */
|
|
1028
|
+
async getCredentialsPublic(
|
|
1029
|
+
req: GetCredentialsRequest,
|
|
1030
|
+
options?: CallOptions
|
|
1031
|
+
): Promise<Credentials> {
|
|
1032
|
+
const url = `${this.host}/api/2.0/accounts/${req.accountId ?? this.accountId ?? ''}/credentials/${req.credentialsId ?? ''}`;
|
|
1033
|
+
let resp: Credentials | undefined;
|
|
1034
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
1035
|
+
const headers = new Headers();
|
|
1036
|
+
headers.set('User-Agent', this.userAgent);
|
|
1037
|
+
const httpReq = buildHttpRequest('GET', url, headers, callSignal);
|
|
1038
|
+
const respBody = await executeHttpCall({
|
|
1039
|
+
request: httpReq,
|
|
1040
|
+
httpClient: this.httpClient,
|
|
1041
|
+
logger: this.logger,
|
|
1042
|
+
});
|
|
1043
|
+
resp = parseResponse(respBody, unmarshalCredentialsSchema);
|
|
1044
|
+
};
|
|
1045
|
+
await executeCall(call, options);
|
|
1046
|
+
if (resp === undefined) {
|
|
1047
|
+
throw new Error('operation completed without a result.');
|
|
1048
|
+
}
|
|
1049
|
+
return resp;
|
|
1050
|
+
}
|
|
1051
|
+
|
|
1052
|
+
/** List <Databricks> credential configuration objects for an account, specified by ID. */
|
|
1053
|
+
async listCredentialsPublic(
|
|
1054
|
+
req: ListCredentialsPublicRequest,
|
|
1055
|
+
options?: CallOptions
|
|
1056
|
+
): Promise<ListCredentialsResponse> {
|
|
1057
|
+
const url = `${this.host}/api/2.0/accounts/${req.accountId ?? this.accountId ?? ''}/credentials`;
|
|
1058
|
+
let resp: ListCredentialsResponse | undefined;
|
|
1059
|
+
const call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
1060
|
+
const headers = new Headers();
|
|
1061
|
+
headers.set('User-Agent', this.userAgent);
|
|
1062
|
+
const httpReq = buildHttpRequest('GET', url, headers, callSignal);
|
|
1063
|
+
const respBody = await executeHttpCall({
|
|
1064
|
+
request: httpReq,
|
|
1065
|
+
httpClient: this.httpClient,
|
|
1066
|
+
logger: this.logger,
|
|
1067
|
+
});
|
|
1068
|
+
resp = {
|
|
1069
|
+
credentials: parseResponse(
|
|
1070
|
+
respBody,
|
|
1071
|
+
z.array(z.lazy(() => unmarshalCredentialsSchema))
|
|
1072
|
+
),
|
|
1073
|
+
};
|
|
1074
|
+
};
|
|
1075
|
+
await executeCall(call, options);
|
|
1076
|
+
if (resp === undefined) {
|
|
1077
|
+
throw new Error('operation completed without a result.');
|
|
1078
|
+
}
|
|
1079
|
+
return resp;
|
|
1080
|
+
}
|
|
1081
|
+
}
|