Share via


settings command group

Note

This information applies to Databricks CLI versions 0.205 and above. The Databricks CLI is in Public Preview.

Databricks CLI use is subject to the Databricks License and Databricks Privacy Notice, including any Usage Data provisions.

The settings command group within the Databricks CLI contains commands manage workspace-level settings, which control various features and policies that apply across the entire workspace. See Manage your workspace.

databricks settings aibi-dashboard-embedding-access-policy

Controls whether AI/BI published dashboard embedding is enabled, conditionally enabled, or disabled at the workspace level. By default, this setting is conditionally enabled (ALLOW_APPROVED_DOMAINS).

  • delete - Delete the AI/BI dashboard embedding access policy
  • get - Retrieve the AI/BI dashboard embedding access policy
  • update - Update the AI/BI dashboard embedding access policy

databricks settings aibi-dashboard-embedding-access-policy get

Retrieve the AI/BI dashboard embedding access policy. The default setting is ALLOW_APPROVED_DOMAINS, permitting AI/BI dashboards to be embedded on approved domains.

databricks settings aibi-dashboard-embedding-access-policy get [flags]

Options

--etag string

    etag used for versioning.

Global flags

Examples

databricks settings aibi-dashboard-embedding-access-policy get

databricks settings aibi-dashboard-embedding-access-policy update

Update the AI/BI dashboard embedding access policy at the workspace level.

databricks settings aibi-dashboard-embedding-access-policy update [flags]

Options

--json JSON

    The inline JSON string or the @path to the JSON file with the request body.

Global flags

Examples

databricks settings aibi-dashboard-embedding-access-policy update --json '{"access_policy": "ALLOW_ALL"}'

databricks settings aibi-dashboard-embedding-access-policy delete

Delete the AI/BI dashboard embedding access policy, reverting back to the default.

databricks settings aibi-dashboard-embedding-access-policy delete [flags]

Options

--etag string

    etag used for versioning.

Global flags

Examples

databricks settings aibi-dashboard-embedding-access-policy delete

databricks settings aibi-dashboard-embedding-approved-domains

Controls the list of domains approved to host the embedded AI/BI dashboards. The approved domains list can't be mutated when the current access policy is not set to ALLOW_APPROVED_DOMAINS.

  • delete - Delete AI/BI dashboard embedding approved domains
  • get - Retrieve the list of domains approved to host embedded AI/BI dashboards
  • update - Update the list of domains approved to host embedded AI/BI dashboards

Options

Global flags

Examples

databricks settings aibi-dashboard-embedding-approved-domains get
databricks settings aibi-dashboard-embedding-approved-domains update --json '{"approved_domains": ["example.com", "mydomain.org"]}'

databricks settings automatic-cluster-update

Controls whether automatic cluster update is enabled for the current workspace. By default, it is turned off.

  • get - Get the automatic cluster update setting
  • update - Update the automatic cluster update setting

Options

Global flags

databricks settings automatic-cluster-update get

Gets the automatic cluster update setting.

databricks settings automatic-cluster-update get [flags]

Options

--etag string

    etag used for versioning.

Global flags

Examples

databricks settings automatic-cluster-update get

databricks settings automatic-cluster-update update

Updates the automatic cluster update setting for the workspace. A fresh etag needs to be provided in update requests (as part of the setting field). The etag can be retrieved by making a get request before the update request.

databricks settings automatic-cluster-update update [flags]

Options

--json JSON

    The inline JSON string or the @path to the JSON file with the request body.

Global flags

Examples

databricks settings automatic-cluster-update update --json '{"automatic_cluster_update": {"enabled": true}}'

databricks settings compliance-security-profile

Controls whether to enable the compliance security profile for the current workspace. Enabling it on a workspace is permanent. By default, it is turned off.

Warning

This setting can NOT be disabled once it is enabled.

  • get - Get the compliance security profile setting
  • update - Update the compliance security profile setting

Options

Global flags

Examples

databricks settings compliance-security-profile get
databricks settings compliance-security-profile update --json '{"compliance_security_profile": {"enabled": true}}'

databricks settings dashboard-email-subscriptions

Controls whether schedules or workload tasks for refreshing AI/BI Dashboards in the workspace can send subscription emails containing PDFs and/or images of the dashboard. By default, this setting is enabled (set to true).

  • delete - Delete the dashboard email subscriptions setting
  • get - Get the dashboard email subscriptions setting
  • update - Update the dashboard email subscriptions setting

Options

Global flags

Examples

databricks settings dashboard-email-subscriptions get
databricks settings dashboard-email-subscriptions update --json '{"dashboard_email_subscriptions": {"enabled": false}}'

databricks settings default-namespace

Configure the default namespace for a Databricks workspace.

Through this command, users can retrieve, set, or modify the default namespace used when queries do not reference a fully qualified three-level name. For example, if you use the API to set retail_prod as the default catalog, then a query SELECT * FROM myTable would reference the object retail_prod.default.myTable (the schema default is always assumed).

Note

This setting requires a restart of clusters and SQL warehouses to take effect. Additionally, the default namespace only applies when using Unity Catalog-enabled compute.

  • delete - Delete the default namespace setting
  • get - Get the default namespace setting
  • update - Update the default namespace setting

Options

Global flags

Examples

databricks settings default-namespace get
databricks settings default-namespace update --json '{"namespace": {"value": "retail_prod"}}'
databricks settings default-namespace delete

databricks settings disable-legacy-access

Disabling legacy access has the following impacts:

  • Disables direct access to Hive Metastores from the workspace. However, you can still access a Hive Metastore through Hive Metastore federation.

  • Disables fallback mode on external ___location access from the workspace.

  • Disables Databricks Runtime versions prior to 13.3 LTS.

  • delete - Delete legacy access disablement status

  • get - Retrieve legacy access disablement status

  • update - Update legacy access disablement status

Options

Global flags

Examples

databricks settings disable-legacy-access get
databricks settings disable-legacy-access update --json '{"disable_legacy_access": {"disabled": true}}'

databricks settings enable-export-notebook

Controls whether users can export notebooks and files from the Workspace UI. By default, this setting is enabled.

  • get-enable-export-notebook - Get the notebook and file exporting setting
  • patch-enable-export-notebook - Update the notebook and file exporting setting

Options

Global flags

Examples

databricks settings enable-export-notebook get-enable-export-notebook
databricks settings enable-export-notebook patch-enable-export-notebook --json '{"allow_missing": true, "setting": {"enabled": false}}'

databricks settings enable-notebook-table-clipboard

Controls whether users can copy tabular data to the clipboard via the UI. By default, this setting is enabled.

  • get-enable-notebook-table-clipboard - Get the results table clipboard features setting
  • patch-enable-notebook-table-clipboard - Update the results table clipboard features setting

Options

Global flags

Examples

databricks settings enable-notebook-table-clipboard get-enable-notebook-table-clipboard
databricks settings enable-notebook-table-clipboard patch-enable-notebook-table-clipboard --json '{"allow_missing": true, "setting": {"enabled": false}}'

databricks settings enable-results-downloading

Controls whether users can download notebook results. By default, this setting is enabled.

  • get-enable-results-downloading - Get the notebook results download setting
  • patch-enable-results-downloading - Update the notebook results download setting

Options

Global flags

Examples

databricks settings enable-results-downloading get-enable-results-downloading
databricks settings enable-results-downloading patch-enable-results-downloading --json '{"allow_missing": true, "setting": {"enabled": false}}'

databricks settings enhanced-security-monitoring

Controls whether enhanced security monitoring is enabled for the current workspace. If the compliance security profile is enabled, this is automatically enabled. By default, it is disabled. However, if the compliance security profile is enabled, this is automatically enabled.

If the compliance security profile is disabled, you can enable or disable this setting and it is not permanent.

  • get - Get the enhanced security monitoring setting
  • update - Update the enhanced security monitoring setting

Options

Global flags

Examples

databricks settings enhanced-security-monitoring get
databricks settings enhanced-security-monitoring update --json '{"enhanced_security_monitoring": {"enabled": true}}'

databricks settings restrict-workspace-admins

The Restrict Workspace Admins setting lets you control the capabilities of workspace admins. With the setting status set to ALLOW_ALL, workspace admins can create service principal personal access tokens on behalf of any service principal in their workspace. Workspace admins can also change a job owner to any user in their workspace. And they can change the job run_as setting to any user in their workspace or to a service principal on which they have the Service Principal User role.

With the setting status set to RESTRICT_TOKENS_AND_JOB_RUN_AS, workspace admins can only create personal access tokens on behalf of service principals they have the Service Principal User role on. They can also only change a job owner to themselves. And they can change the job run_as setting to themselves or to a service principal on which they have the Service Principal User role.

  • delete - Delete the restrict workspace admins setting
  • get - Get the restrict workspace admins setting
  • update - Update the restrict workspace admins setting

Options

Global flags

Examples

databricks settings restrict-workspace-admins get
databricks settings restrict-workspace-admins update --json '{"restrict_workspace_admins": {"status": "RESTRICT_TOKENS_AND_JOB_RUN_AS"}}'
databricks settings restrict-workspace-admins delete

databricks settings sql-results-download

Controls whether users within the workspace are allowed to download results from the SQL Editor and AI/BI Dashboards UIs. By default, this setting is enabled (set to true).

  • delete - Delete the SQL Results Download setting
  • get - Get the SQL Results Download setting
  • update - Update the SQL Results Download setting

Options

Global flags

Examples

databricks settings sql-results-download get
databricks settings sql-results-download update --json '{"sql_results_download": {"enabled": false}}'
databricks settings sql-results-download delete

Global flags

--debug

  Whether to enable debug logging.

-h or --help

    Display help for the Databricks CLI or the related command group or the related command.

--log-file string

    A string representing the file to write output logs to. If this flag is not specified then the default is to write output logs to stderr.

--log-format format

    The log format type, text or json. The default value is text.

--log-level string

    A string representing the log format level. If not specified then the log format level is disabled.

-o, --output type

    The command output type, text or json. The default value is text.

-p, --profile string

    The name of the profile in the ~/.databrickscfg file to use to run the command. If this flag is not specified then if it exists, the profile named DEFAULT is used.

--progress-format format

    The format to display progress logs: default, append, inplace, or json

-t, --target string

    If applicable, the bundle target to use