In [1]:
import requests
import os
import json
import base64
from dotenv import load_dotenv
from rich import print

# Read environment variables from .env file
load_dotenv()

client_id = os.getenv("CLIENT_ID")
client_secret = os.getenv("CLIENT_SECRET")
account_id = os.getenv("ACCOUNT_ID")


url = f"https://accounts.azuredatabricks.net/oidc/accounts/{account_id}/v1/token"

# Use form data instead of string payload
payload = {
    'grant_type': 'client_credentials',
    'scope': 'all-apis'
}

# Encode credentials for Basic authentication
credentials = f"{client_id}:{client_secret}"
encoded_credentials = base64.b64encode(credentials.encode()).decode()

headers = {
    'Authorization': f'Basic {encoded_credentials}'
}

# Send as form data (requests will automatically set Content-Type to application/x-www-form-urlencoded)
response = requests.post(url, headers=headers, data=payload)


# Extract the token from the response
if response.status_code == 200:
    try:
        token_data = response.json()
        access_token = token_data.get('access_token')
        token_expiry = token_data.get('expires_in')
        print(f"\nAccess Token: {access_token}")
        print(f"Token Expiry (seconds): {token_expiry}")
        
        # Optionally save token to environment or file
        # os.environ['DATABRICKS_TOKEN'] = access_token
    except json.JSONDecodeError as e:
        print(f"\nJSON Decode Error: {e}")
        print(f"Raw response: {response.text}")  # First 500 chars
else:
    print(f"\nError: {response.status_code}")
    print(f"Response: {response.text}")  # First 500 chars

In [5]:
#create share

import time

from databricks.sdk import WorkspaceClient

w = WorkspaceClient(
  host  = 'https://adb-2329622552520735.15.azuredatabricks.net/',
  token = access_token
)

created_share = w.shares.create(name="share_{}".format(int(time.time())), comment = "this is share name for cmg")

print(created_share)
# cleanup



In [12]:
# List all Share details

from databricks.sdk import WorkspaceClient

w = WorkspaceClient(
  host='https://adb-2329622552520735.15.azuredatabricks.net/',
  token=access_token
)


# List all shares
all_shares = w.shares.list()

print("\nAll Shares:")
for share in all_shares:
    print(share)

In [6]:
print(type(all_shares))

In [67]:
# add or remove objects from share

import os
import time

from databricks.sdk import WorkspaceClient
from databricks.sdk.service.sharing import (
    SharedDataObjectUpdate, 
    SharedDataObjectUpdateAction, 
    SharedDataObject,
    PrivilegeAssignment,
    Privilege
)

w = WorkspaceClient(
  host='https://adb-2329622552520735.15.azuredatabricks.net/',
  token=access_token
)

share_name = "share_1-1764810660681405103"

# Tables to add to the share
tables_to_add = [ "mlops_1.cmg.diamonds",
    "mlops_1.pamtech.pam_diamonds"  ]

# Tables to remove from the share
tables_to_remove = [ 

]

# Recipient names to grant access
recipient_names = [
    "pam-client-1764805388466627073",
    "pam"
]

# Create update operations for adding tables
add_updates = [
    SharedDataObjectUpdate(
        action=SharedDataObjectUpdateAction.ADD,
        data_object=SharedDataObject(name=table_name)
    )
    for table_name in tables_to_add
]

# Create update operations for removing tables
remove_updates = [
    SharedDataObjectUpdate(
        action=SharedDataObjectUpdateAction.REMOVE,
        data_object=SharedDataObject(name=table_name)
    )
    for table_name in tables_to_remove
]

# Combine all updates
all_updates = add_updates + remove_updates

# Update the share with tables
if all_updates:
    response = w.shares.update(
        name=share_name,
        updates=all_updates
    )
    print(f"Share Name: {response.name}")
    print(f"Comment: {response.comment}")
    print(f"\nObjects in share:")
    for obj in response.objects:
        print(f"  - {obj.name} (Type: {obj.data_object_type})")


print(f"\n{'='*50}")
print("Share update complete!")

In [66]:
#add  recipients from share

from databricks.sdk import WorkspaceClient
from databricks.sdk.service.sharing import PermissionsChange

w = WorkspaceClient(
  host='https://adb-2329622552520735.15.azuredatabricks.net/',
  token=access_token
)

share_name = "share_1-1764810660681405103"
recipient_names = [
    "pam-client-1764805388466627073",
    "pam",
]

# Grant access to recipients
print(f"\n{'='*50}")
print("Granting access to recipients...")
print(f"{'='*50}")

for recipient_name in recipient_names:
    try:
        # Use update_permissions to grant the share to the recipient
        response = w.shares.update_permissions(
            name=share_name,
            changes=[
                PermissionsChange(
                    principal=recipient_name,
                    add=["SELECT"]  # SELECT is the only privilege for shares
                )
            ]
        )
        print(f"✓ Granted SELECT privilege to recipient: {recipient_name}")
    except Exception as e:
        print(f"✗ Failed to grant access to {recipient_name}: {str(e)}")

print(f"\n{'='*50}")
print("Share permissions updated successfully!")

In [None]:
#remove  recipients from share

from databricks.sdk import WorkspaceClient
from databricks.sdk.service.sharing import PermissionsChange

w = WorkspaceClient(
  host='https://adb-2329622552520735.15.azuredatabricks.net/',
  token=access_token
)

share_name = "share_1-1764810660681405103"
recipient_names = [
    "pam-client-1764805388466627073",
    "pam",
]

# Grant access to recipients
print(f"\n{'='*50}")
print("Granting access to recipients...")
print(f"{'='*50}")

for recipient_name in recipient_names:
    try:
        # Use update_permissions to grant the share to the recipient
        response = w.shares.update_permissions(
            name=share_name,
            changes=[
                PermissionsChange(
                    principal=recipient_name,
                    remove=["SELECT"]  # SELECT is the only privilege for shares
                )
            ]
        )
        print(f"✓ Granted SELECT privilege to recipient: {recipient_name}")
    except Exception as e:
        print(f"✗ Failed to grant access to {recipient_name}: {str(e)}")

print(f"\n{'='*50}")
print("Share permissions updated successfully!")