使用ARM模板创建Azure Databricks令牌 [英] Create Azure Databricks Token using ARM template

问题描述

我需要使用ARM模板在Azure Databricks中创建令牌. 我能够使用ARM模板创建Azure Databricks，但是无法使用ARM模板在Azure Databricks中创建令牌

I need to create a token in Azure Databricks using ARM template. I am able to create Azure Databricks using ARM template but unable to create token in Azure Databricks using ARM template

以下是我用来创建Azure Databricks的模板

Following is the template which i have used to create Azure Databricks

{
"$schema": "https://schema.management.azure.com/schemas/2015-01- 
01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"workspaceName": {
"type": "string",
  "metadata": {
    "description": "The name of the Azure Databricks workspace to create."
  }
},
"pricingTier": {
  "type": "string",
  "defaultValue": "premium",
  "allowedValues": [
    "standard",
    "premium"
  ],
  "metadata": {
    "description": "The pricing tier of workspace."
  }
},
"location": {
  "type": "string",
  "defaultValue": "[resourceGroup().location]",
  "metadata": {
    "description": "Location for all resources."
  }
}
},
"variables": {
"managedResourceGroupName": "[concat('databricks-rg-', 
parameters('workspaceName'), '-', uniqueString(parameters('workspaceName'), 
resourceGroup().id))]"
},
"resources": [
{
  "type": "Microsoft.Databricks/workspaces",
  "name": "[parameters('workspaceName')]",
  "location": "[parameters('location')]",
  "apiVersion": "2018-04-01",
  "sku": {
    "name": "[parameters('pricingTier')]"
  },
  "properties": {
    "ManagedResourceGroupId": "[concat(subscription().id, '/resourceGroups/', variables('managedResourceGroupName'))]"
  }
}
],
"outputs": {
"workspace": {
  "type": "object",
  "value": "[reference(resourceId('Microsoft.Databricks/workspaces', parameters('workspaceName')))]"
}
}
}

请让我知道如何使用ARM模板在Azure Databricks中创建令牌

Kindly let me know how to create tokens in Azure Databricks using ARM template

推荐答案

我在一条评论中看到您询问是否可以使用脚本创建令牌.现在有可能！

I see in a comment that you ask if it is possible to create a token using a script. It is now possible!

Databricks具有令牌API: https://docs.databricks .com/dev-tools/api/latest/tokens.html

Databricks has a token API: https://docs.databricks.com/dev-tools/api/latest/tokens.html

查看此博客: https ://cloudarchitected.com/2020/01/using-azure-ad-with-the-azure-databricks-api/

它显示了使用AAD和其他一些方法创建数据块令牌非常容易.

It shows how easy it is to create a databricks token using AAD, and a few other methods.

我有一些用于自动执行此任务的Python代码.我将其扩展为将令牌自动添加到某种类型的密钥库中.这是一个示例:

I have some Python Code that I use automate this task. I would extend it to automatically add the token to a key vault of some sort. Here is a sample:

import requests
import adal
import json

# set variables 
clientId = "<Service Principal Id>"
tenantId = "<Tenant Id>"
clientSecret = "<Service Principal Secret>"
subscription_id = "<Subscription Id>"
resource_group = "<Resource Group Name>"
databricks_workspace = "<Databricks Workspace Name>"
dbricks_location = "<Databricks Azure Region i.e. westus>"



# Acquire a token to authenticate against Azure management API
authority_url = 'https://login.microsoftonline.com/'+tenantId
context = adal.AuthenticationContext(authority_url)
token = context.acquire_token_with_client_credentials(
    resource='https://management.core.windows.net/',
    client_id=clientId,
    client_secret=clientSecret
)
azToken = token.get('accessToken')



# Acquire a token to authenticate against the Azure Databricks Resource
token = context.acquire_token_with_client_credentials(
    resource="2ff814a6-3304-4ab8-85cb-cd0e6f879c1d",
    client_id=clientId,
    client_secret=clientSecret
)
adbToken = token.get('accessToken')


# Format Request API Url
dbricks_api = "https://{}.azuredatabricks.net/api/2.0".format(dbricks_location)


# Request Authentication
dbricks_auth = {
    "Authorization": "Bearer {}".format(adbToken),
    "X-Databricks-Azure-SP-Management-Token": azToken,
    "X-Databricks-Azure-Workspace-Resource-Id": ("/subscriptions/{}/resourceGroups/{}/providers/Microsoft.Databricks/workspaces/{}".format(subscription_id, resource_group, databricks_workspace) )
    }


# Optional Paramters 
payload = {
    "comment": "This token is generated through AAD and Databricks APIs", # optional parameter
    # "lifetime_seconds": 3600 # optional parameter. If not passed then it is indefinte
}


# Request and Send Data to Create a Databricks Token
data = requests.post("{}/token/create".format(dbricks_api), headers= dbricks_auth, json=payload)

# display the response data
data.status_code
data.content

# Decode response, get token, and print token
dict_content = json.loads(data.content.decode('utf-8'))
token = dict_content.get('token_value')
print("This is the databricks token: {}".format(token))

这篇关于使用ARM模板创建Azure Databricks令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！