8:42 i have created an app as service principal and gave permission to access keyvault and also attached with databricks Still is says permission denied. Should i have to give permission(kv-officer) to inbuilt service principal? Like u did. Is this normal?
I thing i'm not able to understand is for accessing any azure resource in databricks, some authentication has to be done from databricks side. how is databricks able to access key vault secrets without authentication. in the example you just provided the key vault uri and resource id. How's databricks able to fetch the secret values without authentication?
Awesome work. Can you please create a video on how you would do this across diff env., like from dev to uat to prod env, obviously this won’t be done manually in each environment, can you show how we propagate these role assignment changes to other env. Thanks.
you can create a widget ( named as environment ) in databricks notebook. And then use this envrionment as variable while creating scope. scope_name = environment + "your_scope_name"
I love your channel!
Thank you so much :)
8:42 i have created an app as service principal and gave permission to access keyvault and also attached with databricks
Still is says permission denied.
Should i have to give permission(kv-officer) to inbuilt service principal? Like u did.
Is this normal?
Great help , thanks ✅
u saved my tim4 hour time or more , thank you so much , keep your good work
Great Content! Please cover delta sharing and CDF
Excellent video. Thanks for your efforts.
Thank you so much :)
Thank you for this video which saved me a lot of time
Thank you so much :)
Thank you very much!
Very good explanation
Thank you so much :)
I thing i'm not able to understand is for accessing any azure resource in databricks, some authentication has to be done from databricks side. how is databricks able to access key vault secrets without authentication. in the example you just provided the key vault uri and resource id. How's databricks able to fetch the secret values without authentication?
I think using the DNS and resource ID that was provided.
Awesome work. Can you please create a video on how you would do this across diff env., like from dev to uat to prod env, obviously this won’t be done manually in each environment, can you show how we propagate these role assignment changes to other env. Thanks.
you can create a widget ( named as environment ) in databricks notebook.
And then use this envrionment as variable while creating scope.
scope_name = environment + "your_scope_name"
"PERMISSION_DENIED: Invalid permissions on the specified KeyVault" is the error i came here for and thanks very much. It really helped
It doesn't work :(
it works , if you can't find the databricks service principal, type "AzureDatabricks" as it is for some reason search such doesn't show it
thanks
Thank you very much for the video.
if secrete_name == 'test':
what right approach to validate , can you please tell.
print(secrets[:1] , secrets[1:])
This gives you the secret name.