pulumi-databricks 1.75.0a1756323569__py3-none-any.whl → 1.77.0__py3-none-any.whl

pulumi_databricks/git_credential.py

@@ -21,6 +21,7 @@ class GitCredentialArgs:
     def __init__(__self__, *,
                  git_provider: pulumi.Input[_builtins.str],
                  force: Optional[pulumi.Input[_builtins.bool]] = None,
+                 git_email: Optional[pulumi.Input[_builtins.str]] = None,
                  git_username: Optional[pulumi.Input[_builtins.str]] = None,
                  is_default_for_provider: Optional[pulumi.Input[_builtins.bool]] = None,
                  name: Optional[pulumi.Input[_builtins.str]] = None,
@@ -29,7 +30,8 @@ class GitCredentialArgs:
         The set of arguments for constructing a GitCredential resource.
         :param pulumi.Input[_builtins.str] git_provider: case insensitive name of the Git provider.  Following values are supported right now (could be a subject for a change, consult [Git Credentials API documentation](https://docs.databricks.com/dev-tools/api/latest/gitcredentials.html)): `gitHub`, `gitHubEnterprise`, `bitbucketCloud`, `bitbucketServer`, `azureDevOpsServices`, `gitLab`, `gitLabEnterpriseEdition`, `awsCodeCommit`, `azureDevOpsServicesAad`.
         :param pulumi.Input[_builtins.bool] force: specify if settings need to be enforced (i.e., to overwrite previously set credential for service principals).
-        :param pulumi.Input[_builtins.str] git_username: user name at Git provider.
+        :param pulumi.Input[_builtins.str] git_email: The email associated with your Git provider user account. Used for authentication with the remote repository and also sets the author & committer identity for commits.
+        :param pulumi.Input[_builtins.str] git_username: user name at Git provider.  For most Git providers it is only used to set the Git committer & author names for commits, however it may be required for authentication depending on your Git provider / token requirements.
         :param pulumi.Input[_builtins.bool] is_default_for_provider: boolean flag specifying if the credential is the default for the given provider type.
         :param pulumi.Input[_builtins.str] name: the name of the git credential, used for identification and ease of lookup.
         :param pulumi.Input[_builtins.str] personal_access_token: The personal access token used to authenticate to the corresponding Git provider. If value is not provided, it's sourced from the first environment variable of `GITHUB_TOKEN`, `GITLAB_TOKEN`, or `AZDO_PERSONAL_ACCESS_TOKEN`, that has a non-empty value.
@@ -37,6 +39,8 @@ class GitCredentialArgs:
         pulumi.set(__self__, "git_provider", git_provider)
         if force is not None:
             pulumi.set(__self__, "force", force)
+        if git_email is not None:
+            pulumi.set(__self__, "git_email", git_email)
         if git_username is not None:
             pulumi.set(__self__, "git_username", git_username)
         if is_default_for_provider is not None:
@@ -70,11 +74,23 @@ class GitCredentialArgs:
     def force(self, value: Optional[pulumi.Input[_builtins.bool]]):
         pulumi.set(self, "force", value)
 
+    @_builtins.property
+    @pulumi.getter(name="gitEmail")
+    def git_email(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The email associated with your Git provider user account. Used for authentication with the remote repository and also sets the author & committer identity for commits.
+        """
+        return pulumi.get(self, "git_email")
+
+    @git_email.setter
+    def git_email(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "git_email", value)
+
     @_builtins.property
     @pulumi.getter(name="gitUsername")
     def git_username(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        user name at Git provider.
+        user name at Git provider.  For most Git providers it is only used to set the Git committer & author names for commits, however it may be required for authentication depending on your Git provider / token requirements.
         """
         return pulumi.get(self, "git_username")
 
@@ -123,6 +139,7 @@ class GitCredentialArgs:
 class _GitCredentialState:
     def __init__(__self__, *,
                  force: Optional[pulumi.Input[_builtins.bool]] = None,
+                 git_email: Optional[pulumi.Input[_builtins.str]] = None,
                  git_provider: Optional[pulumi.Input[_builtins.str]] = None,
                  git_username: Optional[pulumi.Input[_builtins.str]] = None,
                  is_default_for_provider: Optional[pulumi.Input[_builtins.bool]] = None,
@@ -131,14 +148,17 @@ class _GitCredentialState:
         """
         Input properties used for looking up and filtering GitCredential resources.
         :param pulumi.Input[_builtins.bool] force: specify if settings need to be enforced (i.e., to overwrite previously set credential for service principals).
+        :param pulumi.Input[_builtins.str] git_email: The email associated with your Git provider user account. Used for authentication with the remote repository and also sets the author & committer identity for commits.
         :param pulumi.Input[_builtins.str] git_provider: case insensitive name of the Git provider.  Following values are supported right now (could be a subject for a change, consult [Git Credentials API documentation](https://docs.databricks.com/dev-tools/api/latest/gitcredentials.html)): `gitHub`, `gitHubEnterprise`, `bitbucketCloud`, `bitbucketServer`, `azureDevOpsServices`, `gitLab`, `gitLabEnterpriseEdition`, `awsCodeCommit`, `azureDevOpsServicesAad`.
-        :param pulumi.Input[_builtins.str] git_username: user name at Git provider.
+        :param pulumi.Input[_builtins.str] git_username: user name at Git provider.  For most Git providers it is only used to set the Git committer & author names for commits, however it may be required for authentication depending on your Git provider / token requirements.
         :param pulumi.Input[_builtins.bool] is_default_for_provider: boolean flag specifying if the credential is the default for the given provider type.
         :param pulumi.Input[_builtins.str] name: the name of the git credential, used for identification and ease of lookup.
         :param pulumi.Input[_builtins.str] personal_access_token: The personal access token used to authenticate to the corresponding Git provider. If value is not provided, it's sourced from the first environment variable of `GITHUB_TOKEN`, `GITLAB_TOKEN`, or `AZDO_PERSONAL_ACCESS_TOKEN`, that has a non-empty value.
         """
         if force is not None:
             pulumi.set(__self__, "force", force)
+        if git_email is not None:
+            pulumi.set(__self__, "git_email", git_email)
         if git_provider is not None:
             pulumi.set(__self__, "git_provider", git_provider)
         if git_username is not None:
@@ -162,6 +182,18 @@ class _GitCredentialState:
     def force(self, value: Optional[pulumi.Input[_builtins.bool]]):
         pulumi.set(self, "force", value)
 
+    @_builtins.property
+    @pulumi.getter(name="gitEmail")
+    def git_email(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The email associated with your Git provider user account. Used for authentication with the remote repository and also sets the author & committer identity for commits.
+        """
+        return pulumi.get(self, "git_email")
+
+    @git_email.setter
+    def git_email(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "git_email", value)
+
     @_builtins.property
     @pulumi.getter(name="gitProvider")
     def git_provider(self) -> Optional[pulumi.Input[_builtins.str]]:
@@ -178,7 +210,7 @@ class _GitCredentialState:
     @pulumi.getter(name="gitUsername")
     def git_username(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        user name at Git provider.
+        user name at Git provider.  For most Git providers it is only used to set the Git committer & author names for commits, however it may be required for authentication depending on your Git provider / token requirements.
         """
         return pulumi.get(self, "git_username")
 
@@ -230,6 +262,7 @@ class GitCredential(pulumi.CustomResource):
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
                  force: Optional[pulumi.Input[_builtins.bool]] = None,
+                 git_email: Optional[pulumi.Input[_builtins.str]] = None,
                  git_provider: Optional[pulumi.Input[_builtins.str]] = None,
                  git_username: Optional[pulumi.Input[_builtins.str]] = None,
                  is_default_for_provider: Optional[pulumi.Input[_builtins.bool]] = None,
@@ -299,8 +332,9 @@ class GitCredential(pulumi.CustomResource):
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[_builtins.bool] force: specify if settings need to be enforced (i.e., to overwrite previously set credential for service principals).
+        :param pulumi.Input[_builtins.str] git_email: The email associated with your Git provider user account. Used for authentication with the remote repository and also sets the author & committer identity for commits.
         :param pulumi.Input[_builtins.str] git_provider: case insensitive name of the Git provider.  Following values are supported right now (could be a subject for a change, consult [Git Credentials API documentation](https://docs.databricks.com/dev-tools/api/latest/gitcredentials.html)): `gitHub`, `gitHubEnterprise`, `bitbucketCloud`, `bitbucketServer`, `azureDevOpsServices`, `gitLab`, `gitLabEnterpriseEdition`, `awsCodeCommit`, `azureDevOpsServicesAad`.
-        :param pulumi.Input[_builtins.str] git_username: user name at Git provider.
+        :param pulumi.Input[_builtins.str] git_username: user name at Git provider.  For most Git providers it is only used to set the Git committer & author names for commits, however it may be required for authentication depending on your Git provider / token requirements.
         :param pulumi.Input[_builtins.bool] is_default_for_provider: boolean flag specifying if the credential is the default for the given provider type.
         :param pulumi.Input[_builtins.str] name: the name of the git credential, used for identification and ease of lookup.
         :param pulumi.Input[_builtins.str] personal_access_token: The personal access token used to authenticate to the corresponding Git provider. If value is not provided, it's sourced from the first environment variable of `GITHUB_TOKEN`, `GITLAB_TOKEN`, or `AZDO_PERSONAL_ACCESS_TOKEN`, that has a non-empty value.
@@ -387,6 +421,7 @@ class GitCredential(pulumi.CustomResource):
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
                  force: Optional[pulumi.Input[_builtins.bool]] = None,
+                 git_email: Optional[pulumi.Input[_builtins.str]] = None,
                  git_provider: Optional[pulumi.Input[_builtins.str]] = None,
                  git_username: Optional[pulumi.Input[_builtins.str]] = None,
                  is_default_for_provider: Optional[pulumi.Input[_builtins.bool]] = None,
@@ -402,6 +437,7 @@ class GitCredential(pulumi.CustomResource):
             __props__ = GitCredentialArgs.__new__(GitCredentialArgs)
 
             __props__.__dict__["force"] = force
+            __props__.__dict__["git_email"] = git_email
             if git_provider is None and not opts.urn:
                 raise TypeError("Missing required property 'git_provider'")
             __props__.__dict__["git_provider"] = git_provider
@@ -420,6 +456,7 @@ class GitCredential(pulumi.CustomResource):
             id: pulumi.Input[str],
             opts: Optional[pulumi.ResourceOptions] = None,
             force: Optional[pulumi.Input[_builtins.bool]] = None,
+            git_email: Optional[pulumi.Input[_builtins.str]] = None,
             git_provider: Optional[pulumi.Input[_builtins.str]] = None,
             git_username: Optional[pulumi.Input[_builtins.str]] = None,
             is_default_for_provider: Optional[pulumi.Input[_builtins.bool]] = None,
@@ -433,8 +470,9 @@ class GitCredential(pulumi.CustomResource):
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[_builtins.bool] force: specify if settings need to be enforced (i.e., to overwrite previously set credential for service principals).
+        :param pulumi.Input[_builtins.str] git_email: The email associated with your Git provider user account. Used for authentication with the remote repository and also sets the author & committer identity for commits.
         :param pulumi.Input[_builtins.str] git_provider: case insensitive name of the Git provider.  Following values are supported right now (could be a subject for a change, consult [Git Credentials API documentation](https://docs.databricks.com/dev-tools/api/latest/gitcredentials.html)): `gitHub`, `gitHubEnterprise`, `bitbucketCloud`, `bitbucketServer`, `azureDevOpsServices`, `gitLab`, `gitLabEnterpriseEdition`, `awsCodeCommit`, `azureDevOpsServicesAad`.
-        :param pulumi.Input[_builtins.str] git_username: user name at Git provider.
+        :param pulumi.Input[_builtins.str] git_username: user name at Git provider.  For most Git providers it is only used to set the Git committer & author names for commits, however it may be required for authentication depending on your Git provider / token requirements.
         :param pulumi.Input[_builtins.bool] is_default_for_provider: boolean flag specifying if the credential is the default for the given provider type.
         :param pulumi.Input[_builtins.str] name: the name of the git credential, used for identification and ease of lookup.
         :param pulumi.Input[_builtins.str] personal_access_token: The personal access token used to authenticate to the corresponding Git provider. If value is not provided, it's sourced from the first environment variable of `GITHUB_TOKEN`, `GITLAB_TOKEN`, or `AZDO_PERSONAL_ACCESS_TOKEN`, that has a non-empty value.
@@ -444,6 +482,7 @@ class GitCredential(pulumi.CustomResource):
         __props__ = _GitCredentialState.__new__(_GitCredentialState)
 
         __props__.__dict__["force"] = force
+        __props__.__dict__["git_email"] = git_email
         __props__.__dict__["git_provider"] = git_provider
         __props__.__dict__["git_username"] = git_username
         __props__.__dict__["is_default_for_provider"] = is_default_for_provider
@@ -459,6 +498,14 @@ class GitCredential(pulumi.CustomResource):
         """
         return pulumi.get(self, "force")
 
+    @_builtins.property
+    @pulumi.getter(name="gitEmail")
+    def git_email(self) -> pulumi.Output[Optional[_builtins.str]]:
+        """
+        The email associated with your Git provider user account. Used for authentication with the remote repository and also sets the author & committer identity for commits.
+        """
+        return pulumi.get(self, "git_email")
+
     @_builtins.property
     @pulumi.getter(name="gitProvider")
     def git_provider(self) -> pulumi.Output[_builtins.str]:
@@ -471,7 +518,7 @@ class GitCredential(pulumi.CustomResource):
     @pulumi.getter(name="gitUsername")
     def git_username(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
-        user name at Git provider.
+        user name at Git provider.  For most Git providers it is only used to set the Git committer & author names for commits, however it may be required for authentication depending on your Git provider / token requirements.
         """
         return pulumi.get(self, "git_username")
 

pulumi_databricks/grant.py

@@ -442,7 +442,7 @@ class Grant(pulumi.CustomResource):
 
         > Most of Unity Catalog APIs are only accessible via **workspace-level APIs**. This design may change in the future. Account-level principal grants can be assigned with any valid workspace as the Unity Catalog is decoupled from specific workspaces. More information in [the official documentation](https://docs.databricks.com/data-governance/unity-catalog/index.html).
 
-        > This resource is _authoritative_ for grants on securables for a given principal. Configuring this resource for a securable will **OVERWRITE** any existing grants for the principal and changes made outside of Pulumi will be reset.
+        > This resource is _authoritative_ for grants on securables for a given _singular_ principal. Configuring this resource for a securable will **OVERWRITE** any existing grants for the principal and changes made outside of Pulumi will be reset. Use Grants for authoritative control of all grants on a securable.
 
         In Unity Catalog all users initially have no access to data. Only Metastore Admins can create objects and can grant/revoke access on individual objects to users and groups. Every securable object in Unity Catalog has an owner. The owner can be any account-level user or group, called principals in general. The principal that creates an object becomes its owner. Owners receive `ALL_PRIVILEGES` on the securable object (e.g., `SELECT` and `MODIFY` on a table), as well as the permission to grant privileges to other principals.
 
@@ -853,7 +853,7 @@ class Grant(pulumi.CustomResource):
 
         > Most of Unity Catalog APIs are only accessible via **workspace-level APIs**. This design may change in the future. Account-level principal grants can be assigned with any valid workspace as the Unity Catalog is decoupled from specific workspaces. More information in [the official documentation](https://docs.databricks.com/data-governance/unity-catalog/index.html).
 
-        > This resource is _authoritative_ for grants on securables for a given principal. Configuring this resource for a securable will **OVERWRITE** any existing grants for the principal and changes made outside of Pulumi will be reset.
+        > This resource is _authoritative_ for grants on securables for a given _singular_ principal. Configuring this resource for a securable will **OVERWRITE** any existing grants for the principal and changes made outside of Pulumi will be reset. Use Grants for authoritative control of all grants on a securable.
 
         In Unity Catalog all users initially have no access to data. Only Metastore Admins can create objects and can grant/revoke access on individual objects to users and groups. Every securable object in Unity Catalog has an owner. The owner can be any account-level user or group, called principals in general. The principal that creates an object becomes its owner. Owners receive `ALL_PRIVILEGES` on the securable object (e.g., `SELECT` and `MODIFY` on a table), as well as the permission to grant privileges to other principals.
 

pulumi_databricks/group.py

@@ -34,12 +34,12 @@ class GroupArgs:
         :param pulumi.Input[_builtins.str] acl_principal_id: identifier for use in databricks_access_control_rule_set, e.g. `groups/Some Group`.
         :param pulumi.Input[_builtins.bool] allow_cluster_create: This is a field to allow the group to have cluster create privileges. More fine grained permissions could be assigned with Permissions and cluster_id argument. Everyone without `allow_cluster_create` argument set, but with permission to use Cluster Policy would be able to create clusters, but within boundaries of that specific policy.
         :param pulumi.Input[_builtins.bool] allow_instance_pool_create: This is a field to allow the group to have instance pool create privileges. More fine grained permissions could be assigned with Permissions and instance_pool_id argument.
-        :param pulumi.Input[_builtins.bool] databricks_sql_access: This is a field to allow the group to have access to [Databricks SQL](https://databricks.com/product/databricks-sql) feature in User Interface and through databricks_sql_endpoint.
+        :param pulumi.Input[_builtins.bool] databricks_sql_access: This is a field to allow the group to have access to [Databricks SQL](https://databricks.com/product/databricks-sql)  UI, [Databricks One](https://docs.databricks.com/aws/en/workspace/databricks-one#who-can-access-databricks-one) and through databricks_sql_endpoint.
         :param pulumi.Input[_builtins.str] display_name: This is the display name for the given group.
         :param pulumi.Input[_builtins.str] external_id: ID of the group in an external identity provider.
         :param pulumi.Input[_builtins.bool] force: Ignore `cannot create group: Group with name X already exists.` errors and implicitly import the specific group into Pulumi state, enforcing entitlements defined in the instance of resource. _This functionality is experimental_ and is designed to simplify corner cases, like Azure Active Directory synchronisation.
-        :param pulumi.Input[_builtins.bool] workspace_access: This is a field to allow the group to have access to a Databricks Workspace.
-        :param pulumi.Input[_builtins.bool] workspace_consume: This is a field to allow the group to have access to a Databricks Workspace as consumer, with limited access to workspace UI.  Couldn't be used with `workspace_access` or `databricks_sql_access`.
+        :param pulumi.Input[_builtins.bool] workspace_access: This is a field to allow the group to have access to a Databricks Workspace UI and [Databricks One](https://docs.databricks.com/aws/en/workspace/databricks-one#who-can-access-databricks-one).
+        :param pulumi.Input[_builtins.bool] workspace_consume: This is a field to allow the group to have access only to [Databricks One](https://docs.databricks.com/aws/en/workspace/databricks-one#who-can-access-databricks-one).  Couldn't be used with `workspace_access` or `databricks_sql_access`.
         """
         if acl_principal_id is not None:
             pulumi.set(__self__, "acl_principal_id", acl_principal_id)
@@ -102,7 +102,7 @@ class GroupArgs:
     @pulumi.getter(name="databricksSqlAccess")
     def databricks_sql_access(self) -> Optional[pulumi.Input[_builtins.bool]]:
         """
-        This is a field to allow the group to have access to [Databricks SQL](https://databricks.com/product/databricks-sql) feature in User Interface and through databricks_sql_endpoint.
+        This is a field to allow the group to have access to [Databricks SQL](https://databricks.com/product/databricks-sql)  UI, [Databricks One](https://docs.databricks.com/aws/en/workspace/databricks-one#who-can-access-databricks-one) and through databricks_sql_endpoint.
         """
         return pulumi.get(self, "databricks_sql_access")
 
@@ -159,7 +159,7 @@ class GroupArgs:
     @pulumi.getter(name="workspaceAccess")
     def workspace_access(self) -> Optional[pulumi.Input[_builtins.bool]]:
         """
-        This is a field to allow the group to have access to a Databricks Workspace.
+        This is a field to allow the group to have access to a Databricks Workspace UI and [Databricks One](https://docs.databricks.com/aws/en/workspace/databricks-one#who-can-access-databricks-one).
         """
         return pulumi.get(self, "workspace_access")
 
@@ -171,7 +171,7 @@ class GroupArgs:
     @pulumi.getter(name="workspaceConsume")
     def workspace_consume(self) -> Optional[pulumi.Input[_builtins.bool]]:
         """
-        This is a field to allow the group to have access to a Databricks Workspace as consumer, with limited access to workspace UI.  Couldn't be used with `workspace_access` or `databricks_sql_access`.
+        This is a field to allow the group to have access only to [Databricks One](https://docs.databricks.com/aws/en/workspace/databricks-one#who-can-access-databricks-one).  Couldn't be used with `workspace_access` or `databricks_sql_access`.
         """
         return pulumi.get(self, "workspace_consume")
 
@@ -198,12 +198,12 @@ class _GroupState:
         :param pulumi.Input[_builtins.str] acl_principal_id: identifier for use in databricks_access_control_rule_set, e.g. `groups/Some Group`.
         :param pulumi.Input[_builtins.bool] allow_cluster_create: This is a field to allow the group to have cluster create privileges. More fine grained permissions could be assigned with Permissions and cluster_id argument. Everyone without `allow_cluster_create` argument set, but with permission to use Cluster Policy would be able to create clusters, but within boundaries of that specific policy.
         :param pulumi.Input[_builtins.bool] allow_instance_pool_create: This is a field to allow the group to have instance pool create privileges. More fine grained permissions could be assigned with Permissions and instance_pool_id argument.
-        :param pulumi.Input[_builtins.bool] databricks_sql_access: This is a field to allow the group to have access to [Databricks SQL](https://databricks.com/product/databricks-sql) feature in User Interface and through databricks_sql_endpoint.
+        :param pulumi.Input[_builtins.bool] databricks_sql_access: This is a field to allow the group to have access to [Databricks SQL](https://databricks.com/product/databricks-sql)  UI, [Databricks One](https://docs.databricks.com/aws/en/workspace/databricks-one#who-can-access-databricks-one) and through databricks_sql_endpoint.
         :param pulumi.Input[_builtins.str] display_name: This is the display name for the given group.
         :param pulumi.Input[_builtins.str] external_id: ID of the group in an external identity provider.
         :param pulumi.Input[_builtins.bool] force: Ignore `cannot create group: Group with name X already exists.` errors and implicitly import the specific group into Pulumi state, enforcing entitlements defined in the instance of resource. _This functionality is experimental_ and is designed to simplify corner cases, like Azure Active Directory synchronisation.
-        :param pulumi.Input[_builtins.bool] workspace_access: This is a field to allow the group to have access to a Databricks Workspace.
-        :param pulumi.Input[_builtins.bool] workspace_consume: This is a field to allow the group to have access to a Databricks Workspace as consumer, with limited access to workspace UI.  Couldn't be used with `workspace_access` or `databricks_sql_access`.
+        :param pulumi.Input[_builtins.bool] workspace_access: This is a field to allow the group to have access to a Databricks Workspace UI and [Databricks One](https://docs.databricks.com/aws/en/workspace/databricks-one#who-can-access-databricks-one).
+        :param pulumi.Input[_builtins.bool] workspace_consume: This is a field to allow the group to have access only to [Databricks One](https://docs.databricks.com/aws/en/workspace/databricks-one#who-can-access-databricks-one).  Couldn't be used with `workspace_access` or `databricks_sql_access`.
         """
         if acl_principal_id is not None:
             pulumi.set(__self__, "acl_principal_id", acl_principal_id)
@@ -266,7 +266,7 @@ class _GroupState:
     @pulumi.getter(name="databricksSqlAccess")
     def databricks_sql_access(self) -> Optional[pulumi.Input[_builtins.bool]]:
         """
-        This is a field to allow the group to have access to [Databricks SQL](https://databricks.com/product/databricks-sql) feature in User Interface and through databricks_sql_endpoint.
+        This is a field to allow the group to have access to [Databricks SQL](https://databricks.com/product/databricks-sql)  UI, [Databricks One](https://docs.databricks.com/aws/en/workspace/databricks-one#who-can-access-databricks-one) and through databricks_sql_endpoint.
         """
         return pulumi.get(self, "databricks_sql_access")
 
@@ -323,7 +323,7 @@ class _GroupState:
     @pulumi.getter(name="workspaceAccess")
     def workspace_access(self) -> Optional[pulumi.Input[_builtins.bool]]:
         """
-        This is a field to allow the group to have access to a Databricks Workspace.
+        This is a field to allow the group to have access to a Databricks Workspace UI and [Databricks One](https://docs.databricks.com/aws/en/workspace/databricks-one#who-can-access-databricks-one).
         """
         return pulumi.get(self, "workspace_access")
 
@@ -335,7 +335,7 @@ class _GroupState:
     @pulumi.getter(name="workspaceConsume")
     def workspace_consume(self) -> Optional[pulumi.Input[_builtins.bool]]:
         """
-        This is a field to allow the group to have access to a Databricks Workspace as consumer, with limited access to workspace UI.  Couldn't be used with `workspace_access` or `databricks_sql_access`.
+        This is a field to allow the group to have access only to [Databricks One](https://docs.databricks.com/aws/en/workspace/databricks-one#who-can-access-databricks-one).  Couldn't be used with `workspace_access` or `databricks_sql_access`.
         """
         return pulumi.get(self, "workspace_consume")
 
@@ -453,12 +453,12 @@ class Group(pulumi.CustomResource):
         :param pulumi.Input[_builtins.str] acl_principal_id: identifier for use in databricks_access_control_rule_set, e.g. `groups/Some Group`.
         :param pulumi.Input[_builtins.bool] allow_cluster_create: This is a field to allow the group to have cluster create privileges. More fine grained permissions could be assigned with Permissions and cluster_id argument. Everyone without `allow_cluster_create` argument set, but with permission to use Cluster Policy would be able to create clusters, but within boundaries of that specific policy.
         :param pulumi.Input[_builtins.bool] allow_instance_pool_create: This is a field to allow the group to have instance pool create privileges. More fine grained permissions could be assigned with Permissions and instance_pool_id argument.
-        :param pulumi.Input[_builtins.bool] databricks_sql_access: This is a field to allow the group to have access to [Databricks SQL](https://databricks.com/product/databricks-sql) feature in User Interface and through databricks_sql_endpoint.
+        :param pulumi.Input[_builtins.bool] databricks_sql_access: This is a field to allow the group to have access to [Databricks SQL](https://databricks.com/product/databricks-sql)  UI, [Databricks One](https://docs.databricks.com/aws/en/workspace/databricks-one#who-can-access-databricks-one) and through databricks_sql_endpoint.
         :param pulumi.Input[_builtins.str] display_name: This is the display name for the given group.
         :param pulumi.Input[_builtins.str] external_id: ID of the group in an external identity provider.
         :param pulumi.Input[_builtins.bool] force: Ignore `cannot create group: Group with name X already exists.` errors and implicitly import the specific group into Pulumi state, enforcing entitlements defined in the instance of resource. _This functionality is experimental_ and is designed to simplify corner cases, like Azure Active Directory synchronisation.
-        :param pulumi.Input[_builtins.bool] workspace_access: This is a field to allow the group to have access to a Databricks Workspace.
-        :param pulumi.Input[_builtins.bool] workspace_consume: This is a field to allow the group to have access to a Databricks Workspace as consumer, with limited access to workspace UI.  Couldn't be used with `workspace_access` or `databricks_sql_access`.
+        :param pulumi.Input[_builtins.bool] workspace_access: This is a field to allow the group to have access to a Databricks Workspace UI and [Databricks One](https://docs.databricks.com/aws/en/workspace/databricks-one#who-can-access-databricks-one).
+        :param pulumi.Input[_builtins.bool] workspace_consume: This is a field to allow the group to have access only to [Databricks One](https://docs.databricks.com/aws/en/workspace/databricks-one#who-can-access-databricks-one).  Couldn't be used with `workspace_access` or `databricks_sql_access`.
         """
         ...
     @overload
@@ -627,12 +627,12 @@ class Group(pulumi.CustomResource):
         :param pulumi.Input[_builtins.str] acl_principal_id: identifier for use in databricks_access_control_rule_set, e.g. `groups/Some Group`.
         :param pulumi.Input[_builtins.bool] allow_cluster_create: This is a field to allow the group to have cluster create privileges. More fine grained permissions could be assigned with Permissions and cluster_id argument. Everyone without `allow_cluster_create` argument set, but with permission to use Cluster Policy would be able to create clusters, but within boundaries of that specific policy.
         :param pulumi.Input[_builtins.bool] allow_instance_pool_create: This is a field to allow the group to have instance pool create privileges. More fine grained permissions could be assigned with Permissions and instance_pool_id argument.
-        :param pulumi.Input[_builtins.bool] databricks_sql_access: This is a field to allow the group to have access to [Databricks SQL](https://databricks.com/product/databricks-sql) feature in User Interface and through databricks_sql_endpoint.
+        :param pulumi.Input[_builtins.bool] databricks_sql_access: This is a field to allow the group to have access to [Databricks SQL](https://databricks.com/product/databricks-sql)  UI, [Databricks One](https://docs.databricks.com/aws/en/workspace/databricks-one#who-can-access-databricks-one) and through databricks_sql_endpoint.
         :param pulumi.Input[_builtins.str] display_name: This is the display name for the given group.
         :param pulumi.Input[_builtins.str] external_id: ID of the group in an external identity provider.
         :param pulumi.Input[_builtins.bool] force: Ignore `cannot create group: Group with name X already exists.` errors and implicitly import the specific group into Pulumi state, enforcing entitlements defined in the instance of resource. _This functionality is experimental_ and is designed to simplify corner cases, like Azure Active Directory synchronisation.
-        :param pulumi.Input[_builtins.bool] workspace_access: This is a field to allow the group to have access to a Databricks Workspace.
-        :param pulumi.Input[_builtins.bool] workspace_consume: This is a field to allow the group to have access to a Databricks Workspace as consumer, with limited access to workspace UI.  Couldn't be used with `workspace_access` or `databricks_sql_access`.
+        :param pulumi.Input[_builtins.bool] workspace_access: This is a field to allow the group to have access to a Databricks Workspace UI and [Databricks One](https://docs.databricks.com/aws/en/workspace/databricks-one#who-can-access-databricks-one).
+        :param pulumi.Input[_builtins.bool] workspace_consume: This is a field to allow the group to have access only to [Databricks One](https://docs.databricks.com/aws/en/workspace/databricks-one#who-can-access-databricks-one).  Couldn't be used with `workspace_access` or `databricks_sql_access`.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
 
@@ -678,7 +678,7 @@ class Group(pulumi.CustomResource):
     @pulumi.getter(name="databricksSqlAccess")
     def databricks_sql_access(self) -> pulumi.Output[Optional[_builtins.bool]]:
         """
-        This is a field to allow the group to have access to [Databricks SQL](https://databricks.com/product/databricks-sql) feature in User Interface and through databricks_sql_endpoint.
+        This is a field to allow the group to have access to [Databricks SQL](https://databricks.com/product/databricks-sql)  UI, [Databricks One](https://docs.databricks.com/aws/en/workspace/databricks-one#who-can-access-databricks-one) and through databricks_sql_endpoint.
         """
         return pulumi.get(self, "databricks_sql_access")
 
@@ -715,7 +715,7 @@ class Group(pulumi.CustomResource):
     @pulumi.getter(name="workspaceAccess")
     def workspace_access(self) -> pulumi.Output[Optional[_builtins.bool]]:
         """
-        This is a field to allow the group to have access to a Databricks Workspace.
+        This is a field to allow the group to have access to a Databricks Workspace UI and [Databricks One](https://docs.databricks.com/aws/en/workspace/databricks-one#who-can-access-databricks-one).
         """
         return pulumi.get(self, "workspace_access")
 
@@ -723,7 +723,7 @@ class Group(pulumi.CustomResource):
     @pulumi.getter(name="workspaceConsume")
     def workspace_consume(self) -> pulumi.Output[Optional[_builtins.bool]]:
         """
-        This is a field to allow the group to have access to a Databricks Workspace as consumer, with limited access to workspace UI.  Couldn't be used with `workspace_access` or `databricks_sql_access`.
+        This is a field to allow the group to have access only to [Databricks One](https://docs.databricks.com/aws/en/workspace/databricks-one#who-can-access-databricks-one).  Couldn't be used with `workspace_access` or `databricks_sql_access`.
         """
         return pulumi.get(self, "workspace_consume")
 

pulumi_databricks/job.py

@@ -47,6 +47,7 @@ class JobArgs:
                  parameters: Optional[pulumi.Input[Sequence[pulumi.Input['JobParameterArgs']]]] = None,
                  performance_target: Optional[pulumi.Input[_builtins.str]] = None,
                  pipeline_task: Optional[pulumi.Input['JobPipelineTaskArgs']] = None,
+                 provider_config: Optional[pulumi.Input['JobProviderConfigArgs']] = None,
                  python_wheel_task: Optional[pulumi.Input['JobPythonWheelTaskArgs']] = None,
                  queue: Optional[pulumi.Input['JobQueueArgs']] = None,
                  retry_on_timeout: Optional[pulumi.Input[_builtins.bool]] = None,
@@ -85,6 +86,7 @@ class JobArgs:
         :param pulumi.Input[_builtins.str] performance_target: The performance mode on a serverless job. The performance target determines the level of compute performance or cost-efficiency for the run.  Supported values are:
                * `PERFORMANCE_OPTIMIZED`: (default value) Prioritizes fast startup and execution times through rapid scaling and optimized cluster performance.
                * `STANDARD`: Enables cost-efficient execution of serverless workloads.
+        :param pulumi.Input['JobProviderConfigArgs'] provider_config: Configure the provider for management through account provider. This block consists of the following fields:
         :param pulumi.Input['JobQueueArgs'] queue: The queue status for the job. See queue Configuration Block below.
         :param pulumi.Input['JobRunAsArgs'] run_as: The user or the service principal the job runs as. See run_as Configuration Block below.
         :param pulumi.Input['JobScheduleArgs'] schedule: An optional periodic schedule for this job. The default behavior is that the job runs when triggered by clicking Run Now in the Jobs UI or sending an API request to runNow. See schedule Configuration Block below.
@@ -164,6 +166,8 @@ class JobArgs:
             pulumi.log.warn("""pipeline_task is deprecated: should be used inside a task block and not inside a job block""")
         if pipeline_task is not None:
             pulumi.set(__self__, "pipeline_task", pipeline_task)
+        if provider_config is not None:
+            pulumi.set(__self__, "provider_config", provider_config)
         if python_wheel_task is not None:
             warnings.warn("""should be used inside a task block and not inside a job block""", DeprecationWarning)
             pulumi.log.warn("""python_wheel_task is deprecated: should be used inside a task block and not inside a job block""")
@@ -508,6 +512,18 @@ class JobArgs:
     def pipeline_task(self, value: Optional[pulumi.Input['JobPipelineTaskArgs']]):
         pulumi.set(self, "pipeline_task", value)
 
+    @_builtins.property
+    @pulumi.getter(name="providerConfig")
+    def provider_config(self) -> Optional[pulumi.Input['JobProviderConfigArgs']]:
+        """
+        Configure the provider for management through account provider. This block consists of the following fields:
+        """
+        return pulumi.get(self, "provider_config")
+
+    @provider_config.setter
+    def provider_config(self, value: Optional[pulumi.Input['JobProviderConfigArgs']]):
+        pulumi.set(self, "provider_config", value)
+
     @_builtins.property
     @pulumi.getter(name="pythonWheelTask")
     @_utilities.deprecated("""should be used inside a task block and not inside a job block""")
@@ -703,6 +719,7 @@ class _JobState:
                  parameters: Optional[pulumi.Input[Sequence[pulumi.Input['JobParameterArgs']]]] = None,
                  performance_target: Optional[pulumi.Input[_builtins.str]] = None,
                  pipeline_task: Optional[pulumi.Input['JobPipelineTaskArgs']] = None,
+                 provider_config: Optional[pulumi.Input['JobProviderConfigArgs']] = None,
                  python_wheel_task: Optional[pulumi.Input['JobPythonWheelTaskArgs']] = None,
                  queue: Optional[pulumi.Input['JobQueueArgs']] = None,
                  retry_on_timeout: Optional[pulumi.Input[_builtins.bool]] = None,
@@ -742,6 +759,7 @@ class _JobState:
         :param pulumi.Input[_builtins.str] performance_target: The performance mode on a serverless job. The performance target determines the level of compute performance or cost-efficiency for the run.  Supported values are:
                * `PERFORMANCE_OPTIMIZED`: (default value) Prioritizes fast startup and execution times through rapid scaling and optimized cluster performance.
                * `STANDARD`: Enables cost-efficient execution of serverless workloads.
+        :param pulumi.Input['JobProviderConfigArgs'] provider_config: Configure the provider for management through account provider. This block consists of the following fields:
         :param pulumi.Input['JobQueueArgs'] queue: The queue status for the job. See queue Configuration Block below.
         :param pulumi.Input['JobRunAsArgs'] run_as: The user or the service principal the job runs as. See run_as Configuration Block below.
         :param pulumi.Input['JobScheduleArgs'] schedule: An optional periodic schedule for this job. The default behavior is that the job runs when triggered by clicking Run Now in the Jobs UI or sending an API request to runNow. See schedule Configuration Block below.
@@ -822,6 +840,8 @@ class _JobState:
             pulumi.log.warn("""pipeline_task is deprecated: should be used inside a task block and not inside a job block""")
         if pipeline_task is not None:
             pulumi.set(__self__, "pipeline_task", pipeline_task)
+        if provider_config is not None:
+            pulumi.set(__self__, "provider_config", provider_config)
         if python_wheel_task is not None:
             warnings.warn("""should be used inside a task block and not inside a job block""", DeprecationWarning)
             pulumi.log.warn("""python_wheel_task is deprecated: should be used inside a task block and not inside a job block""")
@@ -1168,6 +1188,18 @@ class _JobState:
     def pipeline_task(self, value: Optional[pulumi.Input['JobPipelineTaskArgs']]):
         pulumi.set(self, "pipeline_task", value)
 
+    @_builtins.property
+    @pulumi.getter(name="providerConfig")
+    def provider_config(self) -> Optional[pulumi.Input['JobProviderConfigArgs']]:
+        """
+        Configure the provider for management through account provider. This block consists of the following fields:
+        """
+        return pulumi.get(self, "provider_config")
+
+    @provider_config.setter
+    def provider_config(self, value: Optional[pulumi.Input['JobProviderConfigArgs']]):
+        pulumi.set(self, "provider_config", value)
+
     @_builtins.property
     @pulumi.getter(name="pythonWheelTask")
     @_utilities.deprecated("""should be used inside a task block and not inside a job block""")
@@ -1378,6 +1410,7 @@ class Job(pulumi.CustomResource):
                  parameters: Optional[pulumi.Input[Sequence[pulumi.Input[Union['JobParameterArgs', 'JobParameterArgsDict']]]]] = None,
                  performance_target: Optional[pulumi.Input[_builtins.str]] = None,
                  pipeline_task: Optional[pulumi.Input[Union['JobPipelineTaskArgs', 'JobPipelineTaskArgsDict']]] = None,
+                 provider_config: Optional[pulumi.Input[Union['JobProviderConfigArgs', 'JobProviderConfigArgsDict']]] = None,
                  python_wheel_task: Optional[pulumi.Input[Union['JobPythonWheelTaskArgs', 'JobPythonWheelTaskArgsDict']]] = None,
                  queue: Optional[pulumi.Input[Union['JobQueueArgs', 'JobQueueArgsDict']]] = None,
                  retry_on_timeout: Optional[pulumi.Input[_builtins.bool]] = None,
@@ -1510,6 +1543,7 @@ class Job(pulumi.CustomResource):
         :param pulumi.Input[_builtins.str] performance_target: The performance mode on a serverless job. The performance target determines the level of compute performance or cost-efficiency for the run.  Supported values are:
                * `PERFORMANCE_OPTIMIZED`: (default value) Prioritizes fast startup and execution times through rapid scaling and optimized cluster performance.
                * `STANDARD`: Enables cost-efficient execution of serverless workloads.
+        :param pulumi.Input[Union['JobProviderConfigArgs', 'JobProviderConfigArgsDict']] provider_config: Configure the provider for management through account provider. This block consists of the following fields:
         :param pulumi.Input[Union['JobQueueArgs', 'JobQueueArgsDict']] queue: The queue status for the job. See queue Configuration Block below.
         :param pulumi.Input[Union['JobRunAsArgs', 'JobRunAsArgsDict']] run_as: The user or the service principal the job runs as. See run_as Configuration Block below.
         :param pulumi.Input[Union['JobScheduleArgs', 'JobScheduleArgsDict']] schedule: An optional periodic schedule for this job. The default behavior is that the job runs when triggered by clicking Run Now in the Jobs UI or sending an API request to runNow. See schedule Configuration Block below.
@@ -1659,6 +1693,7 @@ class Job(pulumi.CustomResource):
                  parameters: Optional[pulumi.Input[Sequence[pulumi.Input[Union['JobParameterArgs', 'JobParameterArgsDict']]]]] = None,
                  performance_target: Optional[pulumi.Input[_builtins.str]] = None,
                  pipeline_task: Optional[pulumi.Input[Union['JobPipelineTaskArgs', 'JobPipelineTaskArgsDict']]] = None,
+                 provider_config: Optional[pulumi.Input[Union['JobProviderConfigArgs', 'JobProviderConfigArgsDict']]] = None,
                  python_wheel_task: Optional[pulumi.Input[Union['JobPythonWheelTaskArgs', 'JobPythonWheelTaskArgsDict']]] = None,
                  queue: Optional[pulumi.Input[Union['JobQueueArgs', 'JobQueueArgsDict']]] = None,
                  retry_on_timeout: Optional[pulumi.Input[_builtins.bool]] = None,
@@ -1709,6 +1744,7 @@ class Job(pulumi.CustomResource):
             __props__.__dict__["parameters"] = parameters
             __props__.__dict__["performance_target"] = performance_target
             __props__.__dict__["pipeline_task"] = pipeline_task
+            __props__.__dict__["provider_config"] = provider_config
             __props__.__dict__["python_wheel_task"] = python_wheel_task
             __props__.__dict__["queue"] = queue
             __props__.__dict__["retry_on_timeout"] = retry_on_timeout
@@ -1761,6 +1797,7 @@ class Job(pulumi.CustomResource):
             parameters: Optional[pulumi.Input[Sequence[pulumi.Input[Union['JobParameterArgs', 'JobParameterArgsDict']]]]] = None,
             performance_target: Optional[pulumi.Input[_builtins.str]] = None,
             pipeline_task: Optional[pulumi.Input[Union['JobPipelineTaskArgs', 'JobPipelineTaskArgsDict']]] = None,
+            provider_config: Optional[pulumi.Input[Union['JobProviderConfigArgs', 'JobProviderConfigArgsDict']]] = None,
             python_wheel_task: Optional[pulumi.Input[Union['JobPythonWheelTaskArgs', 'JobPythonWheelTaskArgsDict']]] = None,
             queue: Optional[pulumi.Input[Union['JobQueueArgs', 'JobQueueArgsDict']]] = None,
             retry_on_timeout: Optional[pulumi.Input[_builtins.bool]] = None,
@@ -1805,6 +1842,7 @@ class Job(pulumi.CustomResource):
         :param pulumi.Input[_builtins.str] performance_target: The performance mode on a serverless job. The performance target determines the level of compute performance or cost-efficiency for the run.  Supported values are:
                * `PERFORMANCE_OPTIMIZED`: (default value) Prioritizes fast startup and execution times through rapid scaling and optimized cluster performance.
                * `STANDARD`: Enables cost-efficient execution of serverless workloads.
+        :param pulumi.Input[Union['JobProviderConfigArgs', 'JobProviderConfigArgsDict']] provider_config: Configure the provider for management through account provider. This block consists of the following fields:
         :param pulumi.Input[Union['JobQueueArgs', 'JobQueueArgsDict']] queue: The queue status for the job. See queue Configuration Block below.
         :param pulumi.Input[Union['JobRunAsArgs', 'JobRunAsArgsDict']] run_as: The user or the service principal the job runs as. See run_as Configuration Block below.
         :param pulumi.Input[Union['JobScheduleArgs', 'JobScheduleArgsDict']] schedule: An optional periodic schedule for this job. The default behavior is that the job runs when triggered by clicking Run Now in the Jobs UI or sending an API request to runNow. See schedule Configuration Block below.
@@ -1845,6 +1883,7 @@ class Job(pulumi.CustomResource):
         __props__.__dict__["parameters"] = parameters
         __props__.__dict__["performance_target"] = performance_target
         __props__.__dict__["pipeline_task"] = pipeline_task
+        __props__.__dict__["provider_config"] = provider_config
         __props__.__dict__["python_wheel_task"] = python_wheel_task
         __props__.__dict__["queue"] = queue
         __props__.__dict__["retry_on_timeout"] = retry_on_timeout
@@ -2054,6 +2093,14 @@ class Job(pulumi.CustomResource):
     def pipeline_task(self) -> pulumi.Output[Optional['outputs.JobPipelineTask']]:
         return pulumi.get(self, "pipeline_task")
 
+    @_builtins.property
+    @pulumi.getter(name="providerConfig")
+    def provider_config(self) -> pulumi.Output[Optional['outputs.JobProviderConfig']]:
+        """
+        Configure the provider for management through account provider. This block consists of the following fields:
+        """
+        return pulumi.get(self, "provider_config")
+
     @_builtins.property
     @pulumi.getter(name="pythonWheelTask")
     @_utilities.deprecated("""should be used inside a task block and not inside a job block""")