1. Packages
  2. Databricks Provider
  3. API Docs
  4. getServicePrincipal
Databricks v1.67.0 published on Thursday, Apr 17, 2025 by Pulumi

databricks.getServicePrincipal

Explore with Pulumi AI

Note If you have a fully automated setup with workspaces created by databricks.MwsWorkspaces or azurerm_databricks_workspace, please make sure to add depends_on attribute in order to prevent default auth: cannot configure default credentials errors.

Retrieves information about databricks_service_principal.

Example Usage

Adding service principal 11111111-2222-3333-4444-555666777888 to administrative group

import * as pulumi from "@pulumi/pulumi";
import * as databricks from "@pulumi/databricks";

const admins = databricks.getGroup({
    displayName: "admins",
});
const spn = databricks.getServicePrincipal({
    applicationId: "11111111-2222-3333-4444-555666777888",
});
const myMemberA = new databricks.GroupMember("my_member_a", {
    groupId: admins.then(admins => admins.id),
    memberId: spn.then(spn => spn.id),
});
Copy
import pulumi
import pulumi_databricks as databricks

admins = databricks.get_group(display_name="admins")
spn = databricks.get_service_principal(application_id="11111111-2222-3333-4444-555666777888")
my_member_a = databricks.GroupMember("my_member_a",
    group_id=admins.id,
    member_id=spn.id)
Copy
package main

import (
	"github.com/pulumi/pulumi-databricks/sdk/go/databricks"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admins, err := databricks.LookupGroup(ctx, &databricks.LookupGroupArgs{
			DisplayName: "admins",
		}, nil)
		if err != nil {
			return err
		}
		spn, err := databricks.LookupServicePrincipal(ctx, &databricks.LookupServicePrincipalArgs{
			ApplicationId: pulumi.StringRef("11111111-2222-3333-4444-555666777888"),
		}, nil)
		if err != nil {
			return err
		}
		_, err = databricks.NewGroupMember(ctx, "my_member_a", &databricks.GroupMemberArgs{
			GroupId:  pulumi.String(admins.Id),
			MemberId: pulumi.String(spn.Id),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Databricks = Pulumi.Databricks;

return await Deployment.RunAsync(() => 
{
    var admins = Databricks.GetGroup.Invoke(new()
    {
        DisplayName = "admins",
    });

    var spn = Databricks.GetServicePrincipal.Invoke(new()
    {
        ApplicationId = "11111111-2222-3333-4444-555666777888",
    });

    var myMemberA = new Databricks.GroupMember("my_member_a", new()
    {
        GroupId = admins.Apply(getGroupResult => getGroupResult.Id),
        MemberId = spn.Apply(getServicePrincipalResult => getServicePrincipalResult.Id),
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.databricks.DatabricksFunctions;
import com.pulumi.databricks.inputs.GetGroupArgs;
import com.pulumi.databricks.inputs.GetServicePrincipalArgs;
import com.pulumi.databricks.GroupMember;
import com.pulumi.databricks.GroupMemberArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var admins = DatabricksFunctions.getGroup(GetGroupArgs.builder()
            .displayName("admins")
            .build());

        final var spn = DatabricksFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()
            .applicationId("11111111-2222-3333-4444-555666777888")
            .build());

        var myMemberA = new GroupMember("myMemberA", GroupMemberArgs.builder()
            .groupId(admins.id())
            .memberId(spn.id())
            .build());

    }
}
Copy
resources:
  myMemberA:
    type: databricks:GroupMember
    name: my_member_a
    properties:
      groupId: ${admins.id}
      memberId: ${spn.id}
variables:
  admins:
    fn::invoke:
      function: databricks:getGroup
      arguments:
        displayName: admins
  spn:
    fn::invoke:
      function: databricks:getServicePrincipal
      arguments:
        applicationId: 11111111-2222-3333-4444-555666777888
Copy

The following resources are used in the same context:

  • End to end workspace management guide.
  • databricks.getCurrentUser data to retrieve information about databricks.User or databricks_service_principal, that is calling Databricks REST API.
  • databricks.Group to manage groups in Databricks Workspace or Account Console (for AWS deployments).
  • databricks.Group data to retrieve information about databricks.Group members, entitlements and instance profiles.
  • databricks.GroupInstanceProfile to attach databricks.InstanceProfile (AWS) to databricks_group.
  • databricks.GroupMember to attach users and groups as group members.
  • databricks.Permissions to manage access control in Databricks workspace.
  • databricks_service principal to manage service principals

Using getServicePrincipal

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getServicePrincipal(args: GetServicePrincipalArgs, opts?: InvokeOptions): Promise<GetServicePrincipalResult>
function getServicePrincipalOutput(args: GetServicePrincipalOutputArgs, opts?: InvokeOptions): Output<GetServicePrincipalResult>
Copy
def get_service_principal(acl_principal_id: Optional[str] = None,
                          active: Optional[bool] = None,
                          application_id: Optional[str] = None,
                          display_name: Optional[str] = None,
                          external_id: Optional[str] = None,
                          home: Optional[str] = None,
                          id: Optional[str] = None,
                          repos: Optional[str] = None,
                          sp_id: Optional[str] = None,
                          opts: Optional[InvokeOptions] = None) -> GetServicePrincipalResult
def get_service_principal_output(acl_principal_id: Optional[pulumi.Input[str]] = None,
                          active: Optional[pulumi.Input[bool]] = None,
                          application_id: Optional[pulumi.Input[str]] = None,
                          display_name: Optional[pulumi.Input[str]] = None,
                          external_id: Optional[pulumi.Input[str]] = None,
                          home: Optional[pulumi.Input[str]] = None,
                          id: Optional[pulumi.Input[str]] = None,
                          repos: Optional[pulumi.Input[str]] = None,
                          sp_id: Optional[pulumi.Input[str]] = None,
                          opts: Optional[InvokeOptions] = None) -> Output[GetServicePrincipalResult]
Copy
func LookupServicePrincipal(ctx *Context, args *LookupServicePrincipalArgs, opts ...InvokeOption) (*LookupServicePrincipalResult, error)
func LookupServicePrincipalOutput(ctx *Context, args *LookupServicePrincipalOutputArgs, opts ...InvokeOption) LookupServicePrincipalResultOutput
Copy

> Note: This function is named LookupServicePrincipal in the Go SDK.

public static class GetServicePrincipal 
{
    public static Task<GetServicePrincipalResult> InvokeAsync(GetServicePrincipalArgs args, InvokeOptions? opts = null)
    public static Output<GetServicePrincipalResult> Invoke(GetServicePrincipalInvokeArgs args, InvokeOptions? opts = null)
}
Copy
public static CompletableFuture<GetServicePrincipalResult> getServicePrincipal(GetServicePrincipalArgs args, InvokeOptions options)
public static Output<GetServicePrincipalResult> getServicePrincipal(GetServicePrincipalArgs args, InvokeOptions options)
Copy
fn::invoke:
  function: databricks:index/getServicePrincipal:getServicePrincipal
  arguments:
    # arguments dictionary
Copy

The following arguments are supported:

AclPrincipalId string
identifier for use in databricks_access_control_rule_set, e.g. servicePrincipals/00000000-0000-0000-0000-000000000000.
Active bool
Whether service principal is active or not.
ApplicationId string
ID of the service principal. The service principal must exist before this resource can be retrieved.
DisplayName string
Exact display name of the service principal. The service principal must exist before this resource can be retrieved. In case if there are several service principals with the same name, an error is thrown.
ExternalId string
ID of the service principal in an external identity provider.
Home string
Home folder of the service principal, e.g. /Users/11111111-2222-3333-4444-555666777888.
Id string
The id of the service principal.
Repos string
Repos location of the service principal, e.g. /Repos/11111111-2222-3333-4444-555666777888.
SpId string
AclPrincipalId string
identifier for use in databricks_access_control_rule_set, e.g. servicePrincipals/00000000-0000-0000-0000-000000000000.
Active bool
Whether service principal is active or not.
ApplicationId string
ID of the service principal. The service principal must exist before this resource can be retrieved.
DisplayName string
Exact display name of the service principal. The service principal must exist before this resource can be retrieved. In case if there are several service principals with the same name, an error is thrown.
ExternalId string
ID of the service principal in an external identity provider.
Home string
Home folder of the service principal, e.g. /Users/11111111-2222-3333-4444-555666777888.
Id string
The id of the service principal.
Repos string
Repos location of the service principal, e.g. /Repos/11111111-2222-3333-4444-555666777888.
SpId string
aclPrincipalId String
identifier for use in databricks_access_control_rule_set, e.g. servicePrincipals/00000000-0000-0000-0000-000000000000.
active Boolean
Whether service principal is active or not.
applicationId String
ID of the service principal. The service principal must exist before this resource can be retrieved.
displayName String
Exact display name of the service principal. The service principal must exist before this resource can be retrieved. In case if there are several service principals with the same name, an error is thrown.
externalId String
ID of the service principal in an external identity provider.
home String
Home folder of the service principal, e.g. /Users/11111111-2222-3333-4444-555666777888.
id String
The id of the service principal.
repos String
Repos location of the service principal, e.g. /Repos/11111111-2222-3333-4444-555666777888.
spId String
aclPrincipalId string
identifier for use in databricks_access_control_rule_set, e.g. servicePrincipals/00000000-0000-0000-0000-000000000000.
active boolean
Whether service principal is active or not.
applicationId string
ID of the service principal. The service principal must exist before this resource can be retrieved.
displayName string
Exact display name of the service principal. The service principal must exist before this resource can be retrieved. In case if there are several service principals with the same name, an error is thrown.
externalId string
ID of the service principal in an external identity provider.
home string
Home folder of the service principal, e.g. /Users/11111111-2222-3333-4444-555666777888.
id string
The id of the service principal.
repos string
Repos location of the service principal, e.g. /Repos/11111111-2222-3333-4444-555666777888.
spId string
acl_principal_id str
identifier for use in databricks_access_control_rule_set, e.g. servicePrincipals/00000000-0000-0000-0000-000000000000.
active bool
Whether service principal is active or not.
application_id str
ID of the service principal. The service principal must exist before this resource can be retrieved.
display_name str
Exact display name of the service principal. The service principal must exist before this resource can be retrieved. In case if there are several service principals with the same name, an error is thrown.
external_id str
ID of the service principal in an external identity provider.
home str
Home folder of the service principal, e.g. /Users/11111111-2222-3333-4444-555666777888.
id str
The id of the service principal.
repos str
Repos location of the service principal, e.g. /Repos/11111111-2222-3333-4444-555666777888.
sp_id str
aclPrincipalId String
identifier for use in databricks_access_control_rule_set, e.g. servicePrincipals/00000000-0000-0000-0000-000000000000.
active Boolean
Whether service principal is active or not.
applicationId String
ID of the service principal. The service principal must exist before this resource can be retrieved.
displayName String
Exact display name of the service principal. The service principal must exist before this resource can be retrieved. In case if there are several service principals with the same name, an error is thrown.
externalId String
ID of the service principal in an external identity provider.
home String
Home folder of the service principal, e.g. /Users/11111111-2222-3333-4444-555666777888.
id String
The id of the service principal.
repos String
Repos location of the service principal, e.g. /Repos/11111111-2222-3333-4444-555666777888.
spId String

getServicePrincipal Result

The following output properties are available:

AclPrincipalId string
identifier for use in databricks_access_control_rule_set, e.g. servicePrincipals/00000000-0000-0000-0000-000000000000.
Active bool
Whether service principal is active or not.
ApplicationId string
DisplayName string
Display name of the service principal, e.g. Foo SPN.
ExternalId string
ID of the service principal in an external identity provider.
Home string
Home folder of the service principal, e.g. /Users/11111111-2222-3333-4444-555666777888.
Id string
The id of the service principal.
Repos string
Repos location of the service principal, e.g. /Repos/11111111-2222-3333-4444-555666777888.
SpId string
AclPrincipalId string
identifier for use in databricks_access_control_rule_set, e.g. servicePrincipals/00000000-0000-0000-0000-000000000000.
Active bool
Whether service principal is active or not.
ApplicationId string
DisplayName string
Display name of the service principal, e.g. Foo SPN.
ExternalId string
ID of the service principal in an external identity provider.
Home string
Home folder of the service principal, e.g. /Users/11111111-2222-3333-4444-555666777888.
Id string
The id of the service principal.
Repos string
Repos location of the service principal, e.g. /Repos/11111111-2222-3333-4444-555666777888.
SpId string
aclPrincipalId String
identifier for use in databricks_access_control_rule_set, e.g. servicePrincipals/00000000-0000-0000-0000-000000000000.
active Boolean
Whether service principal is active or not.
applicationId String
displayName String
Display name of the service principal, e.g. Foo SPN.
externalId String
ID of the service principal in an external identity provider.
home String
Home folder of the service principal, e.g. /Users/11111111-2222-3333-4444-555666777888.
id String
The id of the service principal.
repos String
Repos location of the service principal, e.g. /Repos/11111111-2222-3333-4444-555666777888.
spId String
aclPrincipalId string
identifier for use in databricks_access_control_rule_set, e.g. servicePrincipals/00000000-0000-0000-0000-000000000000.
active boolean
Whether service principal is active or not.
applicationId string
displayName string
Display name of the service principal, e.g. Foo SPN.
externalId string
ID of the service principal in an external identity provider.
home string
Home folder of the service principal, e.g. /Users/11111111-2222-3333-4444-555666777888.
id string
The id of the service principal.
repos string
Repos location of the service principal, e.g. /Repos/11111111-2222-3333-4444-555666777888.
spId string
acl_principal_id str
identifier for use in databricks_access_control_rule_set, e.g. servicePrincipals/00000000-0000-0000-0000-000000000000.
active bool
Whether service principal is active or not.
application_id str
display_name str
Display name of the service principal, e.g. Foo SPN.
external_id str
ID of the service principal in an external identity provider.
home str
Home folder of the service principal, e.g. /Users/11111111-2222-3333-4444-555666777888.
id str
The id of the service principal.
repos str
Repos location of the service principal, e.g. /Repos/11111111-2222-3333-4444-555666777888.
sp_id str
aclPrincipalId String
identifier for use in databricks_access_control_rule_set, e.g. servicePrincipals/00000000-0000-0000-0000-000000000000.
active Boolean
Whether service principal is active or not.
applicationId String
displayName String
Display name of the service principal, e.g. Foo SPN.
externalId String
ID of the service principal in an external identity provider.
home String
Home folder of the service principal, e.g. /Users/11111111-2222-3333-4444-555666777888.
id String
The id of the service principal.
repos String
Repos location of the service principal, e.g. /Repos/11111111-2222-3333-4444-555666777888.
spId String

Package Details

Repository
databricks pulumi/pulumi-databricks
License
Apache-2.0
Notes
This Pulumi package is based on the databricks Terraform Provider.