This directory contain demonstration of how to authenticate to Databricks using Azure Active Directory token when using python-sql-connector library. There are three implementations:
dbsql-with-aad-token-spn.pyusing service principal and execute query against Databricks SQL Endpoint or Databricks Cluster.dbsql-with-aad-token-user.pyusing user AAD interactive authentication.dbsql-with-aad-token-mi.pyusing Azure Managed Identity associated with VM or AKS cluster.
Install all necessary dependencies:
databricks-sql-connector
by executing:
pip install -U -r requirements.txtYou need to modify scripts and change following variables:
host_name- set to host name of the Databricks workspace (withouthttps://)http_path- obtain HTTP Path parameter of Databricks SQL Endpoint or Databricks Cluster as per documentation.query- what query should be executed
Authentication parameters of service principal could be set in the code directly (not the best way), or obtained from following environment variables:
ARM_TENANT_ID- tenant ID in Azure Active DirectoryARM_CLIENT_ID- client ID of application in Azure Active DirectoryARM_CLIENT_SECRET- secret for AAD application
Authentication parameters of service principal could be set in the code directly (not the best way), or obtained from following environment variable:
ARM_CLIENT_ID- client ID of application in Azure Active Directory that has user impersonation permission for Azure Databricks
By default, the script will use default managed identity associated with the Azure VM or AKS. If you want to authenticate using a specific user-assigned managed identity, then set following environment variable.
ARM_CLIENT_ID- client ID of user-assigned managed identity associated with VM or AKS.
Just run:
python dbsql-with-aad-token-spn.pyor
python dbsql-with-aad-token-user.pyor (only from VM with MI)
python dbsql-with-aad-token-mi.pyand it will print result of query execution.