@databricks/sdk-uc-credentials 0.1.0-dev.3 → 0.1.0-dev.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/src/v1/client.ts DELETED
@@ -1,1075 +0,0 @@
1
- // Code generated from API definition by Databricks SDK Generator. DO NOT EDIT.
2
-
3
- import {VERSION as AUTH_VERSION} from '@databricks/sdk-auth';
4
- import {createDefault} from '@databricks/sdk-core/clientinfo';
5
- import type {Logger} from '@databricks/sdk-core/logger';
6
- import {NoOpLogger} from '@databricks/sdk-core/logger';
7
- import type {CallOptions} from '@databricks/sdk-options/call';
8
- import type {ClientOptions} from '@databricks/sdk-options/client';
9
- import type {HttpClient} from '@databricks/sdk-core/http';
10
- import {newHttpClient} from './transport';
11
- import {
12
- buildHttpRequest,
13
- executeCall,
14
- executeHttpCall,
15
- marshalRequest,
16
- parseResponse,
17
- } from './utils';
18
- import pkgJson from '../../package.json' with {type: 'json'};
19
- import {z} from 'zod';
20
- import type {
21
- AccountsCreateStorageCredentialRequest,
22
- AccountsCreateStorageCredentialResponse,
23
- AccountsDeleteStorageCredentialRequest,
24
- AccountsDeleteStorageCredentialResponse,
25
- AccountsGetStorageCredentialRequest,
26
- AccountsGetStorageCredentialResponse,
27
- AccountsListStorageCredentialsRequest,
28
- AccountsListStorageCredentialsResponse,
29
- AccountsUpdateStorageCredentialRequest,
30
- AccountsUpdateStorageCredentialResponse,
31
- CreateCredentialRequest,
32
- CreateCredentialsRequest,
33
- CreateStorageCredentialRequest,
34
- CredentialInfo,
35
- Credentials,
36
- DeleteCredentialRequest,
37
- DeleteCredentialResponse,
38
- DeleteCredentialsRequest,
39
- DeleteStorageCredentialRequest,
40
- DeleteStorageCredentialResponse,
41
- GenerateTemporaryPathCredentialRequest,
42
- GenerateTemporaryPathCredentialResponse,
43
- GenerateTemporaryServiceCredentialRequest,
44
- GenerateTemporaryTableCredentialRequest,
45
- GenerateTemporaryTableCredentialResponse,
46
- GenerateTemporaryVolumeCredentialRequest,
47
- GenerateTemporaryVolumeCredentialResponse,
48
- GetCredentialRequest,
49
- GetCredentialsRequest,
50
- GetStorageCredentialRequest,
51
- ListCredentialsPublicRequest,
52
- ListCredentialsRequest,
53
- ListCredentialsRequest_Response,
54
- ListCredentialsResponse,
55
- ListStorageCredentialsRequest,
56
- ListStorageCredentialsResponse,
57
- StorageCredentialInfo,
58
- TemporaryCredentials,
59
- UpdateCredentialRequest,
60
- UpdateStorageCredentialRequest,
61
- ValidateCredentialRequest,
62
- ValidateCredentialResponse,
63
- ValidateStorageCredentialRequest,
64
- ValidateStorageCredentialResponse,
65
- } from './model';
66
- import {
67
- marshalAccountsCreateStorageCredentialRequestSchema,
68
- marshalAccountsUpdateStorageCredentialRequestSchema,
69
- marshalCreateCredentialRequestSchema,
70
- marshalCreateCredentialsRequestSchema,
71
- marshalCreateStorageCredentialRequestSchema,
72
- marshalGenerateTemporaryPathCredentialRequestSchema,
73
- marshalGenerateTemporaryServiceCredentialRequestSchema,
74
- marshalGenerateTemporaryTableCredentialRequestSchema,
75
- marshalGenerateTemporaryVolumeCredentialRequestSchema,
76
- marshalUpdateCredentialRequestSchema,
77
- marshalUpdateStorageCredentialRequestSchema,
78
- marshalValidateCredentialRequestSchema,
79
- marshalValidateStorageCredentialRequestSchema,
80
- unmarshalAccountsCreateStorageCredentialResponseSchema,
81
- unmarshalAccountsDeleteStorageCredentialResponseSchema,
82
- unmarshalAccountsGetStorageCredentialResponseSchema,
83
- unmarshalAccountsListStorageCredentialsResponseSchema,
84
- unmarshalAccountsUpdateStorageCredentialResponseSchema,
85
- unmarshalCredentialsSchema,
86
- unmarshalDeleteCredentialResponseSchema,
87
- unmarshalDeleteStorageCredentialResponseSchema,
88
- unmarshalGenerateTemporaryPathCredentialResponseSchema,
89
- unmarshalGenerateTemporaryTableCredentialResponseSchema,
90
- unmarshalGenerateTemporaryVolumeCredentialResponseSchema,
91
- unmarshalListCredentialsRequest_ResponseSchema,
92
- unmarshalListStorageCredentialsResponseSchema,
93
- unmarshalStorageCredentialInfoSchema,
94
- unmarshalTemporaryCredentialsSchema,
95
- unmarshalValidateCredentialResponseSchema,
96
- unmarshalValidateStorageCredentialResponseSchema,
97
- } from './model';
98
-
99
- // Package identity segment for this client to be used in the User-Agent header.
100
- const PACKAGE_SEGMENT = {
101
- key: 'sdk-js-' + pkgJson.name.replace(/^@[^/]+\/sdk-/, ''),
102
- value: pkgJson.version,
103
- };
104
-
105
- export class CredentialsClient {
106
- private readonly host: string;
107
- // Fallback for endpoints whose path contains {account_id}. If the request
108
- // already carries an accountId, that value wins.
109
- private readonly accountId: string | undefined;
110
- // Workspace ID used to route workspace-level calls on unified hosts (SPOG).
111
- // When set, workspace-level methods send X-Databricks-Org-Id on every
112
- // request.
113
- private readonly workspaceId: string | undefined;
114
- private readonly httpClient: HttpClient;
115
- private readonly logger: Logger;
116
- // User-Agent header value. Composed once at construction from
117
- // createDefault() merged with this package's identity and the active
118
- // credential's name.
119
- private readonly userAgent: string;
120
-
121
- constructor(options: ClientOptions) {
122
- if (options.host === undefined) {
123
- throw new Error('Host is required.');
124
- }
125
- this.host = options.host.replace(/\/$/, '');
126
- this.accountId = options.accountId;
127
- this.workspaceId = options.workspaceId;
128
- this.logger = options.logger ?? new NoOpLogger();
129
- const info = createDefault()
130
- .with(PACKAGE_SEGMENT)
131
- .with({key: 'sdk-js-auth', value: AUTH_VERSION})
132
- .with({key: 'auth', value: options.credentials?.name() ?? 'default'});
133
- this.userAgent = info.toString();
134
- this.httpClient = newHttpClient(options);
135
- }
136
-
137
- /**
138
- * Creates a new storage credential. The request object is specific to the cloud:
139
- * - **AwsIamRole** for AWS credentials
140
- * - **AzureServicePrincipal** for Azure credentials
141
- * - **GcpServiceAccountKey** for GCP credentials
142
- *
143
- * The caller must be a metastore admin and have the `CREATE_STORAGE_CREDENTIAL` privilege on the metastore.
144
- */
145
- async createAccountsStorageCredential(
146
- req: AccountsCreateStorageCredentialRequest,
147
- options?: CallOptions
148
- ): Promise<AccountsCreateStorageCredentialResponse> {
149
- const url = `${this.host}/api/2.0/accounts/${req.accountId ?? this.accountId ?? ''}/metastores/${req.metastoreId ?? ''}/storage-credentials`;
150
- const body = marshalRequest(
151
- req,
152
- marshalAccountsCreateStorageCredentialRequestSchema
153
- );
154
- let resp: AccountsCreateStorageCredentialResponse | undefined;
155
- const call = async (callSignal?: AbortSignal): Promise<void> => {
156
- const headers = new Headers({'Content-Type': 'application/json'});
157
- headers.set('User-Agent', this.userAgent);
158
- const httpReq = buildHttpRequest('POST', url, headers, callSignal, body);
159
- const respBody = await executeHttpCall({
160
- request: httpReq,
161
- httpClient: this.httpClient,
162
- logger: this.logger,
163
- });
164
- resp = parseResponse(
165
- respBody,
166
- unmarshalAccountsCreateStorageCredentialResponseSchema
167
- );
168
- };
169
- await executeCall(call, options);
170
- if (resp === undefined) {
171
- throw new Error('operation completed without a result.');
172
- }
173
- return resp;
174
- }
175
-
176
- /** Deletes a storage credential from the metastore. The caller must be an owner of the storage credential. */
177
- async deleteAccountsStorageCredential(
178
- req: AccountsDeleteStorageCredentialRequest,
179
- options?: CallOptions
180
- ): Promise<AccountsDeleteStorageCredentialResponse> {
181
- const url = `${this.host}/api/2.0/accounts/${req.accountId ?? this.accountId ?? ''}/metastores/${req.metastoreId ?? ''}/storage-credentials/${req.nameArg ?? ''}`;
182
- const params = new URLSearchParams();
183
- if (req.force !== undefined) {
184
- params.append('force', String(req.force));
185
- }
186
- const query = params.toString();
187
- const fullUrl = query !== '' ? `${url}?${query}` : url;
188
- let resp: AccountsDeleteStorageCredentialResponse | undefined;
189
- const call = async (callSignal?: AbortSignal): Promise<void> => {
190
- const headers = new Headers();
191
- headers.set('User-Agent', this.userAgent);
192
- const httpReq = buildHttpRequest('DELETE', fullUrl, headers, callSignal);
193
- const respBody = await executeHttpCall({
194
- request: httpReq,
195
- httpClient: this.httpClient,
196
- logger: this.logger,
197
- });
198
- resp = parseResponse(
199
- respBody,
200
- unmarshalAccountsDeleteStorageCredentialResponseSchema
201
- );
202
- };
203
- await executeCall(call, options);
204
- if (resp === undefined) {
205
- throw new Error('operation completed without a result.');
206
- }
207
- return resp;
208
- }
209
-
210
- /**
211
- * Gets a storage credential from the metastore. The caller must be a metastore admin, the owner of the
212
- * storage credential, or have a level of privilege on the storage credential.
213
- */
214
- async getAccountsStorageCredential(
215
- req: AccountsGetStorageCredentialRequest,
216
- options?: CallOptions
217
- ): Promise<AccountsGetStorageCredentialResponse> {
218
- const url = `${this.host}/api/2.0/accounts/${req.accountId ?? this.accountId ?? ''}/metastores/${req.metastoreId ?? ''}/storage-credentials/${req.nameArg ?? ''}`;
219
- let resp: AccountsGetStorageCredentialResponse | undefined;
220
- const call = async (callSignal?: AbortSignal): Promise<void> => {
221
- const headers = new Headers();
222
- headers.set('User-Agent', this.userAgent);
223
- const httpReq = buildHttpRequest('GET', url, headers, callSignal);
224
- const respBody = await executeHttpCall({
225
- request: httpReq,
226
- httpClient: this.httpClient,
227
- logger: this.logger,
228
- });
229
- resp = parseResponse(
230
- respBody,
231
- unmarshalAccountsGetStorageCredentialResponseSchema
232
- );
233
- };
234
- await executeCall(call, options);
235
- if (resp === undefined) {
236
- throw new Error('operation completed without a result.');
237
- }
238
- return resp;
239
- }
240
-
241
- /** Gets a list of all storage credentials that have been assigned to given metastore. */
242
- async listAccountsStorageCredentials(
243
- req: AccountsListStorageCredentialsRequest,
244
- options?: CallOptions
245
- ): Promise<AccountsListStorageCredentialsResponse> {
246
- const url = `${this.host}/api/2.0/accounts/${req.accountId ?? this.accountId ?? ''}/metastores/${req.metastoreId ?? ''}/storage-credentials`;
247
- let resp: AccountsListStorageCredentialsResponse | undefined;
248
- const call = async (callSignal?: AbortSignal): Promise<void> => {
249
- const headers = new Headers();
250
- headers.set('User-Agent', this.userAgent);
251
- const httpReq = buildHttpRequest('GET', url, headers, callSignal);
252
- const respBody = await executeHttpCall({
253
- request: httpReq,
254
- httpClient: this.httpClient,
255
- logger: this.logger,
256
- });
257
- resp = parseResponse(
258
- respBody,
259
- unmarshalAccountsListStorageCredentialsResponseSchema
260
- );
261
- };
262
- await executeCall(call, options);
263
- if (resp === undefined) {
264
- throw new Error('operation completed without a result.');
265
- }
266
- return resp;
267
- }
268
-
269
- /**
270
- * Updates a storage credential on the metastore. The caller must be the owner of the storage credential.
271
- * If the caller is a metastore admin, only the **owner** credential can be changed.
272
- */
273
- async updateAccountsStorageCredential(
274
- req: AccountsUpdateStorageCredentialRequest,
275
- options?: CallOptions
276
- ): Promise<AccountsUpdateStorageCredentialResponse> {
277
- const url = `${this.host}/api/2.0/accounts/${req.accountId ?? this.accountId ?? ''}/metastores/${req.metastoreId ?? ''}/storage-credentials/${req.nameArg ?? ''}`;
278
- const body = marshalRequest(
279
- req,
280
- marshalAccountsUpdateStorageCredentialRequestSchema
281
- );
282
- let resp: AccountsUpdateStorageCredentialResponse | undefined;
283
- const call = async (callSignal?: AbortSignal): Promise<void> => {
284
- const headers = new Headers({'Content-Type': 'application/json'});
285
- headers.set('User-Agent', this.userAgent);
286
- const httpReq = buildHttpRequest('PUT', url, headers, callSignal, body);
287
- const respBody = await executeHttpCall({
288
- request: httpReq,
289
- httpClient: this.httpClient,
290
- logger: this.logger,
291
- });
292
- resp = parseResponse(
293
- respBody,
294
- unmarshalAccountsUpdateStorageCredentialResponseSchema
295
- );
296
- };
297
- await executeCall(call, options);
298
- if (resp === undefined) {
299
- throw new Error('operation completed without a result.');
300
- }
301
- return resp;
302
- }
303
-
304
- /**
305
- * Creates a new credential. The type of credential to be created is determined by the **purpose** field,
306
- * which should be either **SERVICE** or **STORAGE**.
307
- *
308
- * The caller must be a metastore admin or have the metastore privilege **CREATE_STORAGE_CREDENTIAL** for storage
309
- * credentials, or **CREATE_SERVICE_CREDENTIAL** for service credentials.
310
- */
311
- async createCredential(
312
- req: CreateCredentialRequest,
313
- options?: CallOptions
314
- ): Promise<StorageCredentialInfo> {
315
- const url = `${this.host}/api/2.1/unity-catalog/credentials`;
316
- const body = marshalRequest(req, marshalCreateCredentialRequestSchema);
317
- let resp: StorageCredentialInfo | undefined;
318
- const call = async (callSignal?: AbortSignal): Promise<void> => {
319
- const headers = new Headers({'Content-Type': 'application/json'});
320
- if (this.workspaceId !== undefined) {
321
- headers.set('X-Databricks-Org-Id', this.workspaceId);
322
- }
323
- headers.set('User-Agent', this.userAgent);
324
- const httpReq = buildHttpRequest('POST', url, headers, callSignal, body);
325
- const respBody = await executeHttpCall({
326
- request: httpReq,
327
- httpClient: this.httpClient,
328
- logger: this.logger,
329
- });
330
- resp = parseResponse(respBody, unmarshalStorageCredentialInfoSchema);
331
- };
332
- await executeCall(call, options);
333
- if (resp === undefined) {
334
- throw new Error('operation completed without a result.');
335
- }
336
- return resp;
337
- }
338
-
339
- /**
340
- * Creates a new storage credential.
341
- *
342
- * The caller must be a metastore admin or have the **CREATE_STORAGE_CREDENTIAL** privilege on the metastore.
343
- */
344
- async createStorageCredential(
345
- req: CreateStorageCredentialRequest,
346
- options?: CallOptions
347
- ): Promise<StorageCredentialInfo> {
348
- const url = `${this.host}/api/2.1/unity-catalog/storage-credentials`;
349
- const body = marshalRequest(
350
- req,
351
- marshalCreateStorageCredentialRequestSchema
352
- );
353
- let resp: StorageCredentialInfo | undefined;
354
- const call = async (callSignal?: AbortSignal): Promise<void> => {
355
- const headers = new Headers({'Content-Type': 'application/json'});
356
- if (this.workspaceId !== undefined) {
357
- headers.set('X-Databricks-Org-Id', this.workspaceId);
358
- }
359
- headers.set('User-Agent', this.userAgent);
360
- const httpReq = buildHttpRequest('POST', url, headers, callSignal, body);
361
- const respBody = await executeHttpCall({
362
- request: httpReq,
363
- httpClient: this.httpClient,
364
- logger: this.logger,
365
- });
366
- resp = parseResponse(respBody, unmarshalStorageCredentialInfoSchema);
367
- };
368
- await executeCall(call, options);
369
- if (resp === undefined) {
370
- throw new Error('operation completed without a result.');
371
- }
372
- return resp;
373
- }
374
-
375
- /** Deletes a service or storage credential from the metastore. The caller must be an owner of the credential. */
376
- async deleteCredential(
377
- req: DeleteCredentialRequest,
378
- options?: CallOptions
379
- ): Promise<DeleteCredentialResponse> {
380
- const url = `${this.host}/api/2.1/unity-catalog/credentials/${req.nameArg ?? ''}`;
381
- const params = new URLSearchParams();
382
- if (req.force !== undefined) {
383
- params.append('force', String(req.force));
384
- }
385
- const query = params.toString();
386
- const fullUrl = query !== '' ? `${url}?${query}` : url;
387
- let resp: DeleteCredentialResponse | undefined;
388
- const call = async (callSignal?: AbortSignal): Promise<void> => {
389
- const headers = new Headers();
390
- if (this.workspaceId !== undefined) {
391
- headers.set('X-Databricks-Org-Id', this.workspaceId);
392
- }
393
- headers.set('User-Agent', this.userAgent);
394
- const httpReq = buildHttpRequest('DELETE', fullUrl, headers, callSignal);
395
- const respBody = await executeHttpCall({
396
- request: httpReq,
397
- httpClient: this.httpClient,
398
- logger: this.logger,
399
- });
400
- resp = parseResponse(respBody, unmarshalDeleteCredentialResponseSchema);
401
- };
402
- await executeCall(call, options);
403
- if (resp === undefined) {
404
- throw new Error('operation completed without a result.');
405
- }
406
- return resp;
407
- }
408
-
409
- /** Deletes a storage credential from the metastore. The caller must be an owner of the storage credential. */
410
- async deleteStorageCredential(
411
- req: DeleteStorageCredentialRequest,
412
- options?: CallOptions
413
- ): Promise<DeleteStorageCredentialResponse> {
414
- const url = `${this.host}/api/2.1/unity-catalog/storage-credentials/${req.nameArg ?? ''}`;
415
- const params = new URLSearchParams();
416
- if (req.force !== undefined) {
417
- params.append('force', String(req.force));
418
- }
419
- const query = params.toString();
420
- const fullUrl = query !== '' ? `${url}?${query}` : url;
421
- let resp: DeleteStorageCredentialResponse | undefined;
422
- const call = async (callSignal?: AbortSignal): Promise<void> => {
423
- const headers = new Headers();
424
- if (this.workspaceId !== undefined) {
425
- headers.set('X-Databricks-Org-Id', this.workspaceId);
426
- }
427
- headers.set('User-Agent', this.userAgent);
428
- const httpReq = buildHttpRequest('DELETE', fullUrl, headers, callSignal);
429
- const respBody = await executeHttpCall({
430
- request: httpReq,
431
- httpClient: this.httpClient,
432
- logger: this.logger,
433
- });
434
- resp = parseResponse(
435
- respBody,
436
- unmarshalDeleteStorageCredentialResponseSchema
437
- );
438
- };
439
- await executeCall(call, options);
440
- if (resp === undefined) {
441
- throw new Error('operation completed without a result.');
442
- }
443
- return resp;
444
- }
445
-
446
- /**
447
- * Get a short-lived credential for directly accessing cloud storage locations registered in <Databricks>.
448
- * The Generate Temporary Path Credentials API is only supported for external storage paths, specifically external
449
- * locations and external tables. Managed tables are not supported by this API.
450
- * The metastore must have **external_access_enabled** flag set to true (default false).
451
- * The caller must have the **EXTERNAL_USE_LOCATION** privilege on the external location; this privilege can only be granted
452
- * by external location owners.
453
- * For requests on existing external tables, the caller must also have the **EXTERNAL_USE_SCHEMA** privilege on the parent schema;
454
- * this privilege can only be granted by catalog owners.
455
- */
456
- async generateTemporaryPathCredential(
457
- req: GenerateTemporaryPathCredentialRequest,
458
- options?: CallOptions
459
- ): Promise<GenerateTemporaryPathCredentialResponse> {
460
- const url = `${this.host}/api/2.0/unity-catalog/temporary-path-credentials`;
461
- const body = marshalRequest(
462
- req,
463
- marshalGenerateTemporaryPathCredentialRequestSchema
464
- );
465
- let resp: GenerateTemporaryPathCredentialResponse | undefined;
466
- const call = async (callSignal?: AbortSignal): Promise<void> => {
467
- const headers = new Headers({'Content-Type': 'application/json'});
468
- if (this.workspaceId !== undefined) {
469
- headers.set('X-Databricks-Org-Id', this.workspaceId);
470
- }
471
- headers.set('User-Agent', this.userAgent);
472
- const httpReq = buildHttpRequest('POST', url, headers, callSignal, body);
473
- const respBody = await executeHttpCall({
474
- request: httpReq,
475
- httpClient: this.httpClient,
476
- logger: this.logger,
477
- });
478
- resp = parseResponse(
479
- respBody,
480
- unmarshalGenerateTemporaryPathCredentialResponseSchema
481
- );
482
- };
483
- await executeCall(call, options);
484
- if (resp === undefined) {
485
- throw new Error('operation completed without a result.');
486
- }
487
- return resp;
488
- }
489
-
490
- /**
491
- * Returns a set of temporary credentials generated using the specified service credential.
492
- * The caller must be a metastore admin or have the metastore privilege **ACCESS** on the service credential.
493
- */
494
- async generateTemporaryServiceCredential(
495
- req: GenerateTemporaryServiceCredentialRequest,
496
- options?: CallOptions
497
- ): Promise<TemporaryCredentials> {
498
- const url = `${this.host}/api/2.1/unity-catalog/temporary-service-credentials`;
499
- const body = marshalRequest(
500
- req,
501
- marshalGenerateTemporaryServiceCredentialRequestSchema
502
- );
503
- let resp: TemporaryCredentials | undefined;
504
- const call = async (callSignal?: AbortSignal): Promise<void> => {
505
- const headers = new Headers({'Content-Type': 'application/json'});
506
- if (this.workspaceId !== undefined) {
507
- headers.set('X-Databricks-Org-Id', this.workspaceId);
508
- }
509
- headers.set('User-Agent', this.userAgent);
510
- const httpReq = buildHttpRequest('POST', url, headers, callSignal, body);
511
- const respBody = await executeHttpCall({
512
- request: httpReq,
513
- httpClient: this.httpClient,
514
- logger: this.logger,
515
- });
516
- resp = parseResponse(respBody, unmarshalTemporaryCredentialsSchema);
517
- };
518
- await executeCall(call, options);
519
- if (resp === undefined) {
520
- throw new Error('operation completed without a result.');
521
- }
522
- return resp;
523
- }
524
-
525
- /**
526
- * Get a short-lived credential for directly accessing the table data on cloud storage.
527
- * The metastore must have **external_access_enabled** flag set to true (default false).
528
- * The caller must have the **EXTERNAL_USE_SCHEMA** privilege on the parent schema and this privilege can only be granted
529
- * by catalog owners.
530
- */
531
- async generateTemporaryTableCredential(
532
- req: GenerateTemporaryTableCredentialRequest,
533
- options?: CallOptions
534
- ): Promise<GenerateTemporaryTableCredentialResponse> {
535
- const url = `${this.host}/api/2.0/unity-catalog/temporary-table-credentials`;
536
- const body = marshalRequest(
537
- req,
538
- marshalGenerateTemporaryTableCredentialRequestSchema
539
- );
540
- let resp: GenerateTemporaryTableCredentialResponse | undefined;
541
- const call = async (callSignal?: AbortSignal): Promise<void> => {
542
- const headers = new Headers({'Content-Type': 'application/json'});
543
- if (this.workspaceId !== undefined) {
544
- headers.set('X-Databricks-Org-Id', this.workspaceId);
545
- }
546
- headers.set('User-Agent', this.userAgent);
547
- const httpReq = buildHttpRequest('POST', url, headers, callSignal, body);
548
- const respBody = await executeHttpCall({
549
- request: httpReq,
550
- httpClient: this.httpClient,
551
- logger: this.logger,
552
- });
553
- resp = parseResponse(
554
- respBody,
555
- unmarshalGenerateTemporaryTableCredentialResponseSchema
556
- );
557
- };
558
- await executeCall(call, options);
559
- if (resp === undefined) {
560
- throw new Error('operation completed without a result.');
561
- }
562
- return resp;
563
- }
564
-
565
- /**
566
- * Get a short-lived credential for directly accessing the volume data on cloud storage.
567
- * The metastore must have **external_access_enabled** flag set to true (default false).
568
- * The caller must have the **EXTERNAL_USE_SCHEMA** privilege on the parent schema and this privilege can only be granted
569
- * by catalog owners.
570
- */
571
- async generateTemporaryVolumeCredential(
572
- req: GenerateTemporaryVolumeCredentialRequest,
573
- options?: CallOptions
574
- ): Promise<GenerateTemporaryVolumeCredentialResponse> {
575
- const url = `${this.host}/api/2.0/unity-catalog/temporary-volume-credentials`;
576
- const body = marshalRequest(
577
- req,
578
- marshalGenerateTemporaryVolumeCredentialRequestSchema
579
- );
580
- let resp: GenerateTemporaryVolumeCredentialResponse | undefined;
581
- const call = async (callSignal?: AbortSignal): Promise<void> => {
582
- const headers = new Headers({'Content-Type': 'application/json'});
583
- if (this.workspaceId !== undefined) {
584
- headers.set('X-Databricks-Org-Id', this.workspaceId);
585
- }
586
- headers.set('User-Agent', this.userAgent);
587
- const httpReq = buildHttpRequest('POST', url, headers, callSignal, body);
588
- const respBody = await executeHttpCall({
589
- request: httpReq,
590
- httpClient: this.httpClient,
591
- logger: this.logger,
592
- });
593
- resp = parseResponse(
594
- respBody,
595
- unmarshalGenerateTemporaryVolumeCredentialResponseSchema
596
- );
597
- };
598
- await executeCall(call, options);
599
- if (resp === undefined) {
600
- throw new Error('operation completed without a result.');
601
- }
602
- return resp;
603
- }
604
-
605
- /**
606
- * Gets a service or storage credential from the metastore.
607
- * The caller must be a metastore admin, the owner of the credential, or have any permission on the credential.
608
- */
609
- async getCredential(
610
- req: GetCredentialRequest,
611
- options?: CallOptions
612
- ): Promise<StorageCredentialInfo> {
613
- const url = `${this.host}/api/2.1/unity-catalog/credentials/${req.nameArg ?? ''}`;
614
- let resp: StorageCredentialInfo | undefined;
615
- const call = async (callSignal?: AbortSignal): Promise<void> => {
616
- const headers = new Headers();
617
- if (this.workspaceId !== undefined) {
618
- headers.set('X-Databricks-Org-Id', this.workspaceId);
619
- }
620
- headers.set('User-Agent', this.userAgent);
621
- const httpReq = buildHttpRequest('GET', url, headers, callSignal);
622
- const respBody = await executeHttpCall({
623
- request: httpReq,
624
- httpClient: this.httpClient,
625
- logger: this.logger,
626
- });
627
- resp = parseResponse(respBody, unmarshalStorageCredentialInfoSchema);
628
- };
629
- await executeCall(call, options);
630
- if (resp === undefined) {
631
- throw new Error('operation completed without a result.');
632
- }
633
- return resp;
634
- }
635
-
636
- /**
637
- * Gets a storage credential from the metastore.
638
- * The caller must be a metastore admin, the owner of the storage credential, or have some permission on the storage credential.
639
- */
640
- async getStorageCredential(
641
- req: GetStorageCredentialRequest,
642
- options?: CallOptions
643
- ): Promise<StorageCredentialInfo> {
644
- const url = `${this.host}/api/2.1/unity-catalog/storage-credentials/${req.nameArg ?? ''}`;
645
- let resp: StorageCredentialInfo | undefined;
646
- const call = async (callSignal?: AbortSignal): Promise<void> => {
647
- const headers = new Headers();
648
- if (this.workspaceId !== undefined) {
649
- headers.set('X-Databricks-Org-Id', this.workspaceId);
650
- }
651
- headers.set('User-Agent', this.userAgent);
652
- const httpReq = buildHttpRequest('GET', url, headers, callSignal);
653
- const respBody = await executeHttpCall({
654
- request: httpReq,
655
- httpClient: this.httpClient,
656
- logger: this.logger,
657
- });
658
- resp = parseResponse(respBody, unmarshalStorageCredentialInfoSchema);
659
- };
660
- await executeCall(call, options);
661
- if (resp === undefined) {
662
- throw new Error('operation completed without a result.');
663
- }
664
- return resp;
665
- }
666
-
667
- /**
668
- * Gets an array of credentials (as __CredentialInfo__ objects).
669
- *
670
- * The array is limited to only the credentials that the caller has permission to access.
671
- * If the caller is a metastore admin, retrieval of credentials is unrestricted.
672
- * There is no guarantee of a specific ordering of the elements in the array.
673
- *
674
- * PAGINATION BEHAVIOR: The API is by default paginated, a page may contain zero results while still providing a next_page_token.
675
- * Clients must continue reading pages until next_page_token is absent, which is the only indication that the end of results has been reached.
676
- */
677
- async listCredentials(
678
- req: ListCredentialsRequest,
679
- options?: CallOptions
680
- ): Promise<ListCredentialsRequest_Response> {
681
- const url = `${this.host}/api/2.1/unity-catalog/credentials`;
682
- const params = new URLSearchParams();
683
- if (req.includeUnbound !== undefined) {
684
- params.append('include_unbound', String(req.includeUnbound));
685
- }
686
- if (req.maxResults !== undefined) {
687
- params.append('max_results', String(req.maxResults));
688
- }
689
- if (req.pageToken !== undefined) {
690
- params.append('page_token', req.pageToken);
691
- }
692
- const query = params.toString();
693
- const fullUrl = query !== '' ? `${url}?${query}` : url;
694
- let resp: ListCredentialsRequest_Response | undefined;
695
- const call = async (callSignal?: AbortSignal): Promise<void> => {
696
- const headers = new Headers();
697
- if (this.workspaceId !== undefined) {
698
- headers.set('X-Databricks-Org-Id', this.workspaceId);
699
- }
700
- headers.set('User-Agent', this.userAgent);
701
- const httpReq = buildHttpRequest('GET', fullUrl, headers, callSignal);
702
- const respBody = await executeHttpCall({
703
- request: httpReq,
704
- httpClient: this.httpClient,
705
- logger: this.logger,
706
- });
707
- resp = parseResponse(
708
- respBody,
709
- unmarshalListCredentialsRequest_ResponseSchema
710
- );
711
- };
712
- await executeCall(call, options);
713
- if (resp === undefined) {
714
- throw new Error('operation completed without a result.');
715
- }
716
- return resp;
717
- }
718
-
719
- async *listCredentialsIter(
720
- req: ListCredentialsRequest,
721
- options?: CallOptions
722
- ): AsyncGenerator<CredentialInfo> {
723
- const pageReq: ListCredentialsRequest = {...req};
724
- for (;;) {
725
- const resp = await this.listCredentials(pageReq, options);
726
- for (const item of resp.credentials ?? []) {
727
- yield item;
728
- }
729
- if (resp.nextPageToken === undefined || resp.nextPageToken === '') {
730
- return;
731
- }
732
- pageReq.pageToken = resp.nextPageToken;
733
- }
734
- }
735
-
736
- /**
737
- * Gets an array of storage credentials (as __StorageCredentialInfo__ objects).
738
- * The array is limited to only those storage credentials the caller has permission to access.
739
- * If the caller is a metastore admin, retrieval of credentials is unrestricted.
740
- * There is no guarantee of a specific ordering of the elements in the array.
741
- *
742
- * NOTE: we recommend using max_results=0 to use the paginated version of this API. Unpaginated calls will be deprecated soon.
743
- *
744
- * PAGINATION BEHAVIOR: When using pagination (max_results >= 0), a page may contain zero results while still providing a next_page_token.
745
- * Clients must continue reading pages until next_page_token is absent, which is the only indication that the end of results has been reached.
746
- */
747
- async listStorageCredentials(
748
- req: ListStorageCredentialsRequest,
749
- options?: CallOptions
750
- ): Promise<ListStorageCredentialsResponse> {
751
- const url = `${this.host}/api/2.1/unity-catalog/storage-credentials`;
752
- const params = new URLSearchParams();
753
- if (req.includeUnbound !== undefined) {
754
- params.append('include_unbound', String(req.includeUnbound));
755
- }
756
- if (req.maxResults !== undefined) {
757
- params.append('max_results', String(req.maxResults));
758
- }
759
- if (req.pageToken !== undefined) {
760
- params.append('page_token', req.pageToken);
761
- }
762
- const query = params.toString();
763
- const fullUrl = query !== '' ? `${url}?${query}` : url;
764
- let resp: ListStorageCredentialsResponse | undefined;
765
- const call = async (callSignal?: AbortSignal): Promise<void> => {
766
- const headers = new Headers();
767
- if (this.workspaceId !== undefined) {
768
- headers.set('X-Databricks-Org-Id', this.workspaceId);
769
- }
770
- headers.set('User-Agent', this.userAgent);
771
- const httpReq = buildHttpRequest('GET', fullUrl, headers, callSignal);
772
- const respBody = await executeHttpCall({
773
- request: httpReq,
774
- httpClient: this.httpClient,
775
- logger: this.logger,
776
- });
777
- resp = parseResponse(
778
- respBody,
779
- unmarshalListStorageCredentialsResponseSchema
780
- );
781
- };
782
- await executeCall(call, options);
783
- if (resp === undefined) {
784
- throw new Error('operation completed without a result.');
785
- }
786
- return resp;
787
- }
788
-
789
- async *listStorageCredentialsIter(
790
- req: ListStorageCredentialsRequest,
791
- options?: CallOptions
792
- ): AsyncGenerator<StorageCredentialInfo> {
793
- const pageReq: ListStorageCredentialsRequest = {...req};
794
- for (;;) {
795
- const resp = await this.listStorageCredentials(pageReq, options);
796
- for (const item of resp.storageCredentials ?? []) {
797
- yield item;
798
- }
799
- if (resp.nextPageToken === undefined || resp.nextPageToken === '') {
800
- return;
801
- }
802
- pageReq.pageToken = resp.nextPageToken;
803
- }
804
- }
805
-
806
- /**
807
- * Updates a service or storage credential on the metastore.
808
- *
809
- * The caller must be the owner of the credential or a metastore admin or have the `MANAGE` permission. If the caller is
810
- * a metastore admin, only the __owner__ field can be changed.
811
- */
812
- async updateCredential(
813
- req: UpdateCredentialRequest,
814
- options?: CallOptions
815
- ): Promise<StorageCredentialInfo> {
816
- const url = `${this.host}/api/2.1/unity-catalog/credentials/${req.nameArg ?? ''}`;
817
- const body = marshalRequest(req, marshalUpdateCredentialRequestSchema);
818
- let resp: StorageCredentialInfo | undefined;
819
- const call = async (callSignal?: AbortSignal): Promise<void> => {
820
- const headers = new Headers({'Content-Type': 'application/json'});
821
- if (this.workspaceId !== undefined) {
822
- headers.set('X-Databricks-Org-Id', this.workspaceId);
823
- }
824
- headers.set('User-Agent', this.userAgent);
825
- const httpReq = buildHttpRequest('PATCH', url, headers, callSignal, body);
826
- const respBody = await executeHttpCall({
827
- request: httpReq,
828
- httpClient: this.httpClient,
829
- logger: this.logger,
830
- });
831
- resp = parseResponse(respBody, unmarshalStorageCredentialInfoSchema);
832
- };
833
- await executeCall(call, options);
834
- if (resp === undefined) {
835
- throw new Error('operation completed without a result.');
836
- }
837
- return resp;
838
- }
839
-
840
- /**
841
- * Updates a storage credential on the metastore.
842
- *
843
- * The caller must be the owner of the storage credential or a metastore admin.
844
- * If the caller is a metastore admin, only the **owner** field can be changed.
845
- */
846
- async updateStorageCredential(
847
- req: UpdateStorageCredentialRequest,
848
- options?: CallOptions
849
- ): Promise<StorageCredentialInfo> {
850
- const url = `${this.host}/api/2.1/unity-catalog/storage-credentials/${req.nameArg ?? ''}`;
851
- const body = marshalRequest(
852
- req,
853
- marshalUpdateStorageCredentialRequestSchema
854
- );
855
- let resp: StorageCredentialInfo | undefined;
856
- const call = async (callSignal?: AbortSignal): Promise<void> => {
857
- const headers = new Headers({'Content-Type': 'application/json'});
858
- if (this.workspaceId !== undefined) {
859
- headers.set('X-Databricks-Org-Id', this.workspaceId);
860
- }
861
- headers.set('User-Agent', this.userAgent);
862
- const httpReq = buildHttpRequest('PATCH', url, headers, callSignal, body);
863
- const respBody = await executeHttpCall({
864
- request: httpReq,
865
- httpClient: this.httpClient,
866
- logger: this.logger,
867
- });
868
- resp = parseResponse(respBody, unmarshalStorageCredentialInfoSchema);
869
- };
870
- await executeCall(call, options);
871
- if (resp === undefined) {
872
- throw new Error('operation completed without a result.');
873
- }
874
- return resp;
875
- }
876
-
877
- /**
878
- * Validates a credential.
879
- *
880
- * For service credentials (purpose is **SERVICE**), either the __credential_name__ or the cloud-specific credential
881
- * must be provided.
882
- *
883
- * For storage credentials (purpose is **STORAGE**), at least one of __external_location_name__ and __url__ need to be
884
- * provided. If only one of them is provided, it will be used for validation. And if both are provided, the __url__
885
- * will be used for validation, and __external_location_name__ will be ignored when checking overlapping urls. Either
886
- * the __credential_name__ or the cloud-specific credential must be provided.
887
- *
888
- * The caller must be a metastore admin or the credential owner or have the required permission on the metastore and
889
- * the credential (e.g., **CREATE_EXTERNAL_LOCATION** when purpose is **STORAGE**).
890
- */
891
- async validateCredential(
892
- req: ValidateCredentialRequest,
893
- options?: CallOptions
894
- ): Promise<ValidateCredentialResponse> {
895
- const url = `${this.host}/api/2.1/unity-catalog/validate-credentials`;
896
- const body = marshalRequest(req, marshalValidateCredentialRequestSchema);
897
- let resp: ValidateCredentialResponse | undefined;
898
- const call = async (callSignal?: AbortSignal): Promise<void> => {
899
- const headers = new Headers({'Content-Type': 'application/json'});
900
- if (this.workspaceId !== undefined) {
901
- headers.set('X-Databricks-Org-Id', this.workspaceId);
902
- }
903
- headers.set('User-Agent', this.userAgent);
904
- const httpReq = buildHttpRequest('POST', url, headers, callSignal, body);
905
- const respBody = await executeHttpCall({
906
- request: httpReq,
907
- httpClient: this.httpClient,
908
- logger: this.logger,
909
- });
910
- resp = parseResponse(respBody, unmarshalValidateCredentialResponseSchema);
911
- };
912
- await executeCall(call, options);
913
- if (resp === undefined) {
914
- throw new Error('operation completed without a result.');
915
- }
916
- return resp;
917
- }
918
-
919
- /**
920
- * Validates a storage credential.
921
- * At least one of __external_location_name__ and __url__ need to be provided. If only one of them is
922
- * provided, it will be used for validation. And if both are provided, the __url__ will be used for
923
- * validation, and __external_location_name__ will be ignored when checking overlapping urls.
924
- *
925
- * Either the __storage_credential_name__ or the cloud-specific credential must be provided.
926
- *
927
- * The caller must be a metastore admin or the storage credential owner or
928
- * have the **CREATE_EXTERNAL_LOCATION** privilege on the metastore and the storage credential.
929
- */
930
- async validateStorageCredential(
931
- req: ValidateStorageCredentialRequest,
932
- options?: CallOptions
933
- ): Promise<ValidateStorageCredentialResponse> {
934
- const url = `${this.host}/api/2.1/unity-catalog/validate-storage-credentials`;
935
- const body = marshalRequest(
936
- req,
937
- marshalValidateStorageCredentialRequestSchema
938
- );
939
- let resp: ValidateStorageCredentialResponse | undefined;
940
- const call = async (callSignal?: AbortSignal): Promise<void> => {
941
- const headers = new Headers({'Content-Type': 'application/json'});
942
- if (this.workspaceId !== undefined) {
943
- headers.set('X-Databricks-Org-Id', this.workspaceId);
944
- }
945
- headers.set('User-Agent', this.userAgent);
946
- const httpReq = buildHttpRequest('POST', url, headers, callSignal, body);
947
- const respBody = await executeHttpCall({
948
- request: httpReq,
949
- httpClient: this.httpClient,
950
- logger: this.logger,
951
- });
952
- resp = parseResponse(
953
- respBody,
954
- unmarshalValidateStorageCredentialResponseSchema
955
- );
956
- };
957
- await executeCall(call, options);
958
- if (resp === undefined) {
959
- throw new Error('operation completed without a result.');
960
- }
961
- return resp;
962
- }
963
-
964
- /**
965
- * Creates a <Databricks> credential configuration that represents cloud cross-account credentials for a specified account. <Databricks> uses this to set up network infrastructure properly to host <Databricks> clusters. For your AWS IAM role, you need to trust the External ID (the Databricks Account API account ID) in the returned credential object, and configure the required access policy.
966
- *
967
- * Save the response's `credentials_id` field, which is the ID for your new credential configuration object.
968
- *
969
- * For information about how to create a new workspace with this API, see [Create a new workspace using the Account API](http://docs.databricks.com/administration-guide/account-api/new-workspace.html)
970
- */
971
- async createCredentialsPublic(
972
- req: CreateCredentialsRequest,
973
- options?: CallOptions
974
- ): Promise<Credentials> {
975
- const url = `${this.host}/api/2.0/accounts/${req.accountId ?? this.accountId ?? ''}/credentials`;
976
- const body = marshalRequest(req, marshalCreateCredentialsRequestSchema);
977
- let resp: Credentials | undefined;
978
- const call = async (callSignal?: AbortSignal): Promise<void> => {
979
- const headers = new Headers({'Content-Type': 'application/json'});
980
- headers.set('User-Agent', this.userAgent);
981
- const httpReq = buildHttpRequest('POST', url, headers, callSignal, body);
982
- const respBody = await executeHttpCall({
983
- request: httpReq,
984
- httpClient: this.httpClient,
985
- logger: this.logger,
986
- });
987
- resp = parseResponse(respBody, unmarshalCredentialsSchema);
988
- };
989
- await executeCall(call, options);
990
- if (resp === undefined) {
991
- throw new Error('operation completed without a result.');
992
- }
993
- return resp;
994
- }
995
-
996
- /** Deletes a <Databricks> credential configuration object for an account, both specified by ID. You cannot delete a credential that is associated with any workspace. */
997
- async deleteCredentialsPublic(
998
- req: DeleteCredentialsRequest,
999
- options?: CallOptions
1000
- ): Promise<Credentials> {
1001
- const url = `${this.host}/api/2.0/accounts/${req.accountId ?? this.accountId ?? ''}/credentials/${req.credentialsId ?? ''}`;
1002
- let resp: Credentials | undefined;
1003
- const call = async (callSignal?: AbortSignal): Promise<void> => {
1004
- const headers = new Headers();
1005
- headers.set('User-Agent', this.userAgent);
1006
- const httpReq = buildHttpRequest('DELETE', url, headers, callSignal);
1007
- const respBody = await executeHttpCall({
1008
- request: httpReq,
1009
- httpClient: this.httpClient,
1010
- logger: this.logger,
1011
- });
1012
- resp = parseResponse(respBody, unmarshalCredentialsSchema);
1013
- };
1014
- await executeCall(call, options);
1015
- if (resp === undefined) {
1016
- throw new Error('operation completed without a result.');
1017
- }
1018
- return resp;
1019
- }
1020
-
1021
- /** Gets a <Databricks> credential configuration object for an account, both specified by ID. */
1022
- async getCredentialsPublic(
1023
- req: GetCredentialsRequest,
1024
- options?: CallOptions
1025
- ): Promise<Credentials> {
1026
- const url = `${this.host}/api/2.0/accounts/${req.accountId ?? this.accountId ?? ''}/credentials/${req.credentialsId ?? ''}`;
1027
- let resp: Credentials | undefined;
1028
- const call = async (callSignal?: AbortSignal): Promise<void> => {
1029
- const headers = new Headers();
1030
- headers.set('User-Agent', this.userAgent);
1031
- const httpReq = buildHttpRequest('GET', url, headers, callSignal);
1032
- const respBody = await executeHttpCall({
1033
- request: httpReq,
1034
- httpClient: this.httpClient,
1035
- logger: this.logger,
1036
- });
1037
- resp = parseResponse(respBody, unmarshalCredentialsSchema);
1038
- };
1039
- await executeCall(call, options);
1040
- if (resp === undefined) {
1041
- throw new Error('operation completed without a result.');
1042
- }
1043
- return resp;
1044
- }
1045
-
1046
- /** List <Databricks> credential configuration objects for an account, specified by ID. */
1047
- async listCredentialsPublic(
1048
- req: ListCredentialsPublicRequest,
1049
- options?: CallOptions
1050
- ): Promise<ListCredentialsResponse> {
1051
- const url = `${this.host}/api/2.0/accounts/${req.accountId ?? this.accountId ?? ''}/credentials`;
1052
- let resp: ListCredentialsResponse | undefined;
1053
- const call = async (callSignal?: AbortSignal): Promise<void> => {
1054
- const headers = new Headers();
1055
- headers.set('User-Agent', this.userAgent);
1056
- const httpReq = buildHttpRequest('GET', url, headers, callSignal);
1057
- const respBody = await executeHttpCall({
1058
- request: httpReq,
1059
- httpClient: this.httpClient,
1060
- logger: this.logger,
1061
- });
1062
- resp = {
1063
- credentials: parseResponse(
1064
- respBody,
1065
- z.array(z.lazy(() => unmarshalCredentialsSchema))
1066
- ),
1067
- };
1068
- };
1069
- await executeCall(call, options);
1070
- if (resp === undefined) {
1071
- throw new Error('operation completed without a result.');
1072
- }
1073
- return resp;
1074
- }
1075
- }