Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Note
This information applies to Databricks CLI versions 0.205 and above. The Databricks CLI is in Public Preview.
Databricks CLI use is subject to the Databricks License and Databricks Privacy Notice, including any Usage Data provisions.
The ip-access-lists command group within the Databricks CLI contains commands that enable admins to configure IP access lists. See Manage IP access lists
databricks ip-access-lists create
Create an IP access list for this workspace. A list can be an allow list or a block list.
When creating or updating an IP access list:
- For all allow lists and block lists combined, the command supports a maximum of 1000 IP/CIDR values, where one CIDR counts as a single value. Attempts to exceed that number return error 400 with error_code value
QUOTA_EXCEEDED. - If the new list would block the calling user's current IP, error 400 is returned with error_code value
INVALID_STATE.
It can take a few minutes for the changes to take effect. Note that your resulting IP access list has no effect until you enable the feature.
databricks ip-access-lists create LABEL LIST_TYPE [flags]
Arguments
LABEL
Required. Label for the IP access list.
LIST_TYPE
Type of IP access list. Valid values are as follows and are case-sensitive:
- ALLOW: An allow list. Include this IP or range.
- BLOCK: A block list. Exclude this IP or range. IP addresses in the block list are excluded even if they are included in an allow list.
Options
--json JSON
The inline JSON string or the @path to the JSON file with the request body.
Examples
The following example creates an allow list IP access list:
databricks ip-access-lists create "Office Network" ALLOW --json '{"ip_addresses": ["192.168.1.0/24"]}'
The following example creates a block list IP access list:
databricks ip-access-lists create "Blocked IPs" BLOCK --json '{"ip_addresses": ["10.0.0.1"]}'
databricks ip-access-lists delete
Delete an IP access list, specified by its list ID.
databricks ip-access-lists delete IP_ACCESS_LIST_ID [flags]
Arguments
IP_ACCESS_LIST_ID
The ID for the corresponding IP access list
Options
Examples
The following example deletes an IP access list:
databricks ip-access-lists delete 12345
databricks ip-access-lists get
Get an IP access list, specified by its list ID.
databricks ip-access-lists get IP_ACCESS_LIST_ID [flags]
Arguments
IP_ACCESS_LIST_ID
The ID for the corresponding IP access list
Options
Examples
The following example gets details for an IP access list:
databricks ip-access-lists get 12345
databricks ip-access-lists list
Get all IP access lists for the specified workspace.
databricks ip-access-lists list [flags]
Arguments
None
Options
Examples
The following example lists all IP access lists for the workspace:
databricks ip-access-lists list
databricks ip-access-lists replace
Replace an IP access list, specified by its ID. A list can include allow lists and block lists.
When replacing an IP access list:
- For all allow lists and block lists combined, the API supports a maximum of 1000 IP/CIDR values, where one CIDR counts as a single value. Attempts to exceed that number return error 400 with error_code value
QUOTA_EXCEEDED. - If the resulting list would block the calling user's current IP, error 400 is returned with error_code value
INVALID_STATE.
It can take a few minutes for the changes to take effect. Note that your resulting IP access list has no effect until you enable the feature.
databricks ip-access-lists replace IP_ACCESS_LIST_ID LABEL LIST_TYPE ENABLED [flags]
Arguments
IP_ACCESS_LIST_ID
The ID for the corresponding IP access list
LABEL
Label for the IP access list. This cannot be empty.
LIST_TYPE
Type of IP access list. Valid values are as follows and are case-sensitive:
- ALLOW: An allow list. Include this IP or range.
- BLOCK: A block list. Exclude this IP or range. IP addresses in the block list are excluded even if they are included in an allow list.
ENABLED
Specifies whether this IP access list is enabled.
Options
--json JSON
The inline JSON string or the @path to the JSON file with the request body.
Examples
The following example replaces an IP access list with new settings:
databricks ip-access-lists replace 12345 "Updated Office Network" ALLOW true --json '{"ip_addresses": ["192.168.1.0/24", "10.0.0.0/16"]}'
databricks ip-access-lists update
Update an existing IP access list, specified by its ID. A list can include allow lists and block lists.
When replacing an IP access list:
- For all allow lists and block lists combined, the API supports a maximum of 1000 IP/CIDR values, where one CIDR counts as a single value. Attempts to exceed that number return error 400 with error_code value
QUOTA_EXCEEDED. - If the resulting list would block the calling user's current IP, error 400 is returned with error_code value
INVALID_STATE.
It can take a few minutes for the changes to take effect. Note that your resulting IP access list has no effect until you enable the feature.
databricks ip-access-lists update IP_ACCESS_LIST_ID [flags]
Arguments
IP_ACCESS_LIST_ID
The ID for the corresponding IP access list
Options
--enabled
Specifies whether this IP access list is enabled.
--json JSON
The inline JSON string or the @path to the JSON file with the request body.
--label string
Label for the IP access list.
--list-type ListType
Type of IP access list. Valid values are as follows and are case-sensitive:
- ALLOW: An allow list. Include this IP or range.
- BLOCK: A block list. Exclude this IP or range. IP addresses in the block list are excluded even if they are included in an allow list.
Examples
The following example updates the label of an IP access list:
databricks ip-access-lists update 12345 --label "Updated Network Label"
The following example enables an IP access list:
databricks ip-access-lists update 12345 --enabled
The following example updates multiple properties of an IP access list:
databricks ip-access-lists update 12345 --label "Corporate Network" --list-type ALLOW --enabled --json '{"ip_addresses": ["192.168.0.0/16"]}'
Global flags
--debug
Whether to enable debug logging.
-h or --help
Display help for the Databricks CLI or the related command group or the related command.
--log-file string
A string representing the file to write output logs to. If this flag is not specified then the default is to write output logs to stderr.
--log-format format
The log format type, text or json. The default value is text.
--log-level string
A string representing the log format level. If not specified then the log format level is disabled.
-o, --output type
The command output type, text or json. The default value is text.
-p, --profile string
The name of the profile in the ~/.databrickscfg file to use to run the command. If this flag is not specified then if it exists, the profile named DEFAULT is used.
--progress-format format
The format to display progress logs: default, append, inplace, or json
-t, --target string
If applicable, the bundle target to use