Insert a secret under the provided scope with the given name.
Arguments
- scope
Name of the scope to which the secret will be associated with
- key
Unique name to identify the secret.
- value
Contents of the secret to store, must be a string.
- as_bytes
Boolean (default:
FALSE
). Determines ifvalue
is stored as bytes.- host
Databricks workspace URL, defaults to calling
db_host()
.- token
Databricks workspace token, defaults to calling
db_token()
.- perform_request
If
TRUE
(default) the request is performed, ifFALSE
the httr2 request is returned without being performed.
Details
If a secret already exists with the same name, this command overwrites the existing secret’s value.
The server encrypts the secret using the secret scope’s encryption settings
before storing it. You must have WRITE
or MANAGE
permission on the secret
scope.
The secret key must consist of alphanumeric characters, dashes, underscores, and periods, and cannot exceed 128 characters. The maximum allowed secret value size is 128 KB. The maximum number of secrets in a given scope is 1000.
You can read a secret value only from within a command on a cluster
(for example, through a notebook); there is no API to read a secret value
outside of a cluster. The permission applied is based on who is invoking the
command and you must have at least READ
permission.
The input fields string_value
or bytes_value
specify the type of the
secret, which will determine the value returned when the secret value is
requested. Exactly one must be specified, this function interfaces these
parameters via as_bytes
which defaults to FALSE
.
Throws
RESOURCE_DOES_NOT_EXIST
if no such secret scope exists.Throws
RESOURCE_LIMIT_EXCEEDED
if maximum number of secrets in scope is exceeded.Throws
INVALID_PARAMETER_VALUE
if the key name or value length is invalid.Throws
PERMISSION_DENIED
if the user does not have permission to make this API call.
See also
Other Secrets API:
db_secrets_delete()
,
db_secrets_list()
,
db_secrets_scope_acl_delete()
,
db_secrets_scope_acl_get()
,
db_secrets_scope_acl_list()
,
db_secrets_scope_acl_put()
,
db_secrets_scope_create()
,
db_secrets_scope_delete()
,
db_secrets_scope_list_all()