service_principal.md

subcategory
Security

databricks_service_principal Data Source

-> Note If you have a fully automated setup with workspaces created by databricks_mws_workspaces or azurerm_databricks_workspace, please make sure to add depends_on attribute in order to prevent default auth: cannot configure default credentials errors.

Retrieves information about databricks_service_principal.

Example Usage

Adding service principal 11111111-2222-3333-4444-555666777888 to administrative group

data "databricks_group" "admins" {
  display_name = "admins"
}

data "databricks_service_principal" "spn" {
  application_id = "11111111-2222-3333-4444-555666777888"
}

resource "databricks_group_member" "my_member_a" {
  group_id  = data.databricks_group.admins.id
  member_id = data.databricks_service_principal.spn.id
}

Argument Reference

Data source allows you to pick service principals by one of the following attributes (only one of them):

• application_id - (Required if display_name isn't used) ID of the service principal. The service principal must exist before this resource can be retrieved.
• display_name - (Required if application_id isn't used) Exact display name of the service principal. The service principal must exist before this resource can be retrieved. In case if there are several service principals with the same name, an error is thrown.

Attribute Reference

Data source exposes the following attributes:

• id - The id of the service principal.
• external_id - ID of the service principal in an external identity provider.
• display_name - Display name of the service principal, e.g. Foo SPN.
• home - Home folder of the service principal, e.g. /Users/11111111-2222-3333-4444-555666777888.
• repos - Repos location of the service principal, e.g. /Repos/11111111-2222-3333-4444-555666777888.
• active - Whether service principal is active or not.

• acl_principal_id - identifier for use in databricks_access_control_rule_set, e.g. servicePrincipals/00000000-0000-0000-0000-000000000000.

Related Resources

The following resources are used in the same context:

• End to end workspace management guide.
• databricks_current_user data to retrieve information about databricks_user or databricks_service_principal, that is calling Databricks REST API.
• databricks_group to manage groups in Databricks Workspace or Account Console (for AWS deployments).
• databricks_group data to retrieve information about databricks_group members, entitlements and instance profiles.
• databricks_group_instance_profile to attach databricks_instance_profile (AWS) to databricks_group.
• databricks_group_member to attach users and groups as group members.
• databricks_permissions to manage access control in Databricks workspace.
• databricks_service principal to manage service principals