Adding User Assigned MI Support for Azure Databricks Access Connector

[mvvsubbu]

ARM API Information (Control Plane)

MSFT employees can try out our new experience at OpenAPI Hub - one location for using our validation tools and finding your workflow.

Azure 1st Party Service can try out the Shift Left experience to initiate API design review from ADO code repo. If you are interested, may request engineering support by filling in with the form https://aka.ms/ShiftLeftSupportForm.

Changelog

Add a changelog entry for this PR by answering the following questions:

1. What's the purpose of the update?
   • new service onboarding
   • new API version
   • update existing version for new feature
   • update existing version to fix swagger quality issue in s360
   • Other, please clarify
2. When are you targeting to deploy the new service/feature to public regions? Please provide the date or, if the date is not yet available, the month. 02/15/2023
3. When do you expect to publish the swagger? Please provide date or, the the date is not yet available, the month. 02/15/2023
4. By default, Azure SDKs of all languages (.NET/Python/Java/JavaScript for both management-plane SDK and data-plane SDK, Go for management-plane SDK only ) MUST be refreshed with/after swagger of new version is published. If you prefer NOT to refresh any specific SDK language upon swagger updates in the current PR, please leave details with justification here.

Contribution checklist (MS Employees Only):

• I commit to follow the Breaking Change Policy of "no breaking changes"
• I have reviewed the documentation for the workflow.
• Validation tools were run on swagger spec(s) and errors have all been fixed in this PR. How to fix?

If any further question about AME onboarding or validation tools, please view the FAQ.

ARM API Review Checklist

Applicability: ⚠️

If your changes encompass only the following scenarios, you should SKIP this section, as these scenarios do not require ARM review.

• Change to data plane APIs
• Adding new properties
• All removals

Otherwise your PR may be subject to ARM review requirements. Complete the following:

• Check this box if any of the following apply to the PR so that the label "ARMReview" and "WaitForARMFeedback" will be added by bot to kick off ARM API Review. Missing to check this box in the following scenario may result in delays to the ARM manifest review and deployment.

  • Adding a new service
  • Adding new API(s)
  • Adding a new API version
    -[ ] To review changes efficiently, ensure you copy the existing version into the new directory structure for first commit and then push new changes, including version updates, in separate commits. You can use OpenAPIHub to initialize the PR for adding a new version. For more details refer to the wiki.

• Ensure you've reviewed following guidelines including ARM resource provider contract and REST guidelines. Estimated time (4 hours). This is required before you can request review from ARM API Review board.

• If you are blocked on ARM review and want to get the PR merged with urgency, please get the ARM oncall for reviews (RP Manifest Approvers team under Azure Resource Manager service) from IcM and reach out to them.

Breaking Change Review Checklist

If you have any breaking changes as defined in the Breaking Change Policy, request approval from the Breaking Change Review Board.

Action: to initiate an evaluation of the breaking change, create a new intake using the template for breaking changes. Additional details on the process and office hours are on the Breaking Change Wiki.

NOTE: To update API(s) in public preview for over 1 year (refer to Retirement of Previews)

Please follow the link to find more details on PR review process.

[openapi-workflow-bot]

Hi, @mvvsubbu Thanks for your PR. I am workflow bot for review process. Here are some small tips.

Please ensure to do self-check against checklists in first PR comment.

PR assignee is the person auto-assigned and responsible for your current PR reviewing and merging.

For specs comparison cross API versions, Use API Specs Comparison Report Generator

If there is CI failure(s), to fix CI error(s) is mandatory for PR merging; or you need to provide justification in PR comment for explanation. How to fix?

Any feedback about review process or workflow bot, pls contact swagger and tools team. [email protected]

[openapi-pipeline-app]

Swagger Validation Report

️️✔️BreakingChange succeeded [Detail] [Expand]

There are no breaking changes.

️⚠️Breaking Change(Cross-Version): 5 Warnings warning [Detail]

compared swaggers (via Oad v0.10.4)]	new version	base version
accessconnector.json	2022-10-01-preview(e499ef1)	2022-04-01-preview(main)

The following breaking changes are detected by comparison with the latest preview version:

Rule	Message
⚠️ 1006 - RemovedDefinition	The new version is missing a definition that was found in the old version. Was 'IdentityData' removed or renamed? New: Microsoft.Databricks/preview/2022-10-01-preview/accessconnector.json#L317:3 Old: Microsoft.Databricks/preview/2022-04-01-preview/accessconnector.json#L314:3
⚠️ 1017 - ReferenceRedirection	The '$ref' property points to different models in the old and new versions. New: Microsoft.Databricks/preview/2022-10-01-preview/accessconnector.json#L321:9 Old: Microsoft.Databricks/preview/2022-04-01-preview/accessconnector.json#L318:9
⚠️ 1017 - ReferenceRedirection	The '$ref' property points to different models in the old and new versions. New: common-types/resource-management/v3/managedidentity.json#L65:9 Old: Microsoft.Databricks/preview/2022-04-01-preview/accessconnector.json#L371:9
⚠️ 1017 - ReferenceRedirection	The '$ref' property points to different models in the old and new versions. New: Microsoft.Databricks/preview/2022-10-01-preview/accessconnector.json#L370:9 Old: Microsoft.Databricks/preview/2022-04-01-preview/accessconnector.json#L400:9
⚠️ 1047 - XmsEnumChanged	The new version has a different x-ms-enum 'name' than the previous one. New: common-types/resource-management/v3/managedidentity.json#L65:9 Old: Microsoft.Databricks/preview/2022-04-01-preview/accessconnector.json#L371:9

️️✔️CredScan succeeded [Detail] [Expand]

There is no credential detected.

️⚠️LintDiff: 0 Warnings warning [Detail]

compared tags (via openapi-validator v2.0.0)	new version	base version
package-2023-02-01	package-2023-02-01(e499ef1)	package-2023-02-01(main)

The following errors/warnings exist before current PR submission:

Rule	Message
❌ ResourceNameRestriction	The resource name parameter 'connectorName' should be defined with a 'pattern' restriction. Location: Microsoft.Databricks/preview/2022-10-01-preview/accessconnector.json#L37
❌ DeleteOperationAsyncResponseValidation	An async DELETE operation must set long running operation options 'x-ms-long-running-operation-options' Location: Microsoft.Databricks/preview/2022-10-01-preview/accessconnector.json#L78
❌ LroLocationHeader	A 202 response should include an Location response header. Location: Microsoft.Databricks/preview/2022-10-01-preview/accessconnector.json#L104
❌ CreateOperationAsyncResponseValidation	An async PUT operation must set long running operation options 'x-ms-long-running-operation-options' Location: Microsoft.Databricks/preview/2022-10-01-preview/accessconnector.json#L122
❌ LroLocationHeader	A 202 response should include an Location response header. Location: Microsoft.Databricks/preview/2022-10-01-preview/accessconnector.json#L216
❌ ProvisioningStateValidation	ProvisioningState must have terminal states: Succeeded, Failed and Canceled. Location: Microsoft.Databricks/preview/2022-10-01-preview/accessconnector.json#L343
❌ XmsParameterLocation	The parameter 'SubscriptionIdParameter' is defined in global parameters section without 'x-ms-parameter-location' extension. This would add the parameter as the client property. Please ensure that this is exactly you want. If so, apply the extension 'x-ms-parameter-location': 'client'. Else, apply the extension 'x-ms-parameter-location': 'method'. Location: Microsoft.Databricks/preview/2022-10-01-preview/accessconnector.json#L394
❌ XmsParameterLocation	The parameter 'ApiVersionParameter' is defined in global parameters section without 'x-ms-parameter-location' extension. This would add the parameter as the client property. Please ensure that this is exactly you want. If so, apply the extension 'x-ms-parameter-location': 'client'. Else, apply the extension 'x-ms-parameter-location': 'method'. Location: Microsoft.Databricks/preview/2022-10-01-preview/accessconnector.json#L401
⚠️ XmsLongRunningOperationOptions	The x-ms-long-running-operation-options should be specified explicitly to indicate the type of response header to track the async operation. Location: Microsoft.Databricks/preview/2022-10-01-preview/accessconnector.json#L78
⚠️ XmsLongRunningOperationOptions	The x-ms-long-running-operation-options should be specified explicitly to indicate the type of response header to track the async operation. Location: Microsoft.Databricks/preview/2022-10-01-preview/accessconnector.json#L122
⚠️ XmsLongRunningOperationOptions	The x-ms-long-running-operation-options should be specified explicitly to indicate the type of response header to track the async operation. Location: Microsoft.Databricks/preview/2022-10-01-preview/accessconnector.json#L181
⚠️ AvoidNestedProperties	Consider using x-ms-client-flatten to provide a better end user experience Location: Microsoft.Databricks/preview/2022-10-01-preview/accessconnector.json#L328
⚠️ SchemaDescriptionOrTitle	Schema should have a description or title. Location: Microsoft.Databricks/preview/2022-10-01-preview/accessconnector.json#L340

️⚠️Avocado: 1 Warnings warning [Detail]

Rule	Message
⚠️ MULTIPLE_API_VERSION	The default tag contains multiple API versions swaggers. readme: specification/databricks/resource-manager/readme.md tag: specification/databricks/resource-manager/readme.md#tag-package-2023-02-01

️️✔️ApiReadinessCheck succeeded [Detail] [Expand]

️❌~[Staging] ServiceAPIReadinessTest: 15 Errors, 0 Warnings failed [Detail]

Tag package-2023-02-01; Prod region: Deployed

Test run on region: westcentralus; Operation coverage: total: 24, untested: 0, failed: 14, passed: 10

Service API Readiness Test failed. Check pipeline artifact for detail report.

Rule	Message
❌ OBJECT_ADDITIONAL_PROPERTIES	Additional properties not allowed: enableFedRampCertification Source: response OperationId: Workspaces_ListBySubscription
❌ OBJECT_ADDITIONAL_PROPERTIES	Additional properties not allowed: enableFedRampCertification Source: response OperationId: Workspaces_Get
❌ OBJECT_ADDITIONAL_PROPERTIES	Additional properties not allowed: enableFedRampCertification Source: response OperationId: Workspaces_ListByResourceGroup
❌ OBJECT_ADDITIONAL_PROPERTIES	Additional properties not allowed: enableFedRampCertification Source: response OperationId: Workspaces_Update
❌ CLIENT_ERROR	statusCode: 403, errorCode: LinkedAuthorizationFailed, errorMessage: The client '7904a8be-825f-480e-a728-80a70579dba4' with object id '7904a8be-825f-480e-a728-80a70579dba4' has permission to perform action 'Microsoft.Databricks/workspaces/virtualNetworkPeerings/write' on scope '/subscriptions/db5eb68e-73e2-4fa8-b18a-46cd1be4cce5/resourceGroups/apiTest-VBdPtj-22416/providers/Microsoft.Databricks/workspaces/workspacngo6s4/virtualNetworkPeerings/peeringnstfi1i'; however, it does not have permission to perform action 'peer/action' on the linked scope(s) '/subscriptions/0140911e-1040-48da-8bc9-b99fb3dd88a6/resourceGroups/subramantest/providers/Microsoft.Network/virtualNetworks/subramanvnet' or the linked scope(s) are invalid. Source: runtime OperationId: vNetPeering_CreateOrUpdate
❌ CLIENT_ERROR	statusCode: 404, errorCode: NotFound, errorMessage: Resource /subscriptions/db5eb68e-73e2-4fa8-b18a-46cd1be4cce5/resourceGroups/myManagedapiTest-VBdPtj-22416/providers/Microsoft.Network/virtualNetworks/workers-vnet/virtualNetworkPeerings/peeringnstfi1i not found. Source: runtime OperationId: vNetPeering_Get
❌ CLIENT_ERROR	statusCode: 400, errorCode: InvalidSkuForPrivateEndpoint, errorMessage: The workspace 'workspacngo6s4' has '' sku. Only premium workspaces can create private endpoint connection Source: runtime OperationId: PrivateEndpointConnections_Create
❌ CLIENT_ERROR	statusCode: 400, errorCode: InvalidSkuForPrivateEndpoint, errorMessage: The workspace 'workspacngo6s4' has '' sku. Only premium workspaces can create private endpoint connection Source: runtime OperationId: PrivateEndpointConnections_List
❌ CLIENT_ERROR	statusCode: 400, errorCode: InvalidSkuForPrivateEndpoint, errorMessage: The workspace 'workspacngo6s4' has '' sku. Only premium workspaces can create private endpoint connection Source: runtime OperationId: PrivateEndpointConnections_Get
❌ OBJECT_ADDITIONAL_PROPERTIES	Additional properties not allowed: origin Source: response OperationId: Operations_List
❌ OBJECT_ADDITIONAL_PROPERTIES	Additional properties not allowed: properties Source: response OperationId: Operations_List
❌ CLIENT_ERROR	statusCode: 400, errorCode: NonVNetInjectedWorkspaceNotSupported, errorMessage: The workspace 'workspacngo6s4' is not VNet injected. Outbound network endpoints are only supported for VNET injected workspaces. Source: runtime OperationId: OutboundNetworkDependenciesEndpoints_List
❌ CLIENT_ERROR	statusCode: 400, errorCode: InvalidSkuForPrivateEndpoint, errorMessage: The workspace 'workspacngo6s4' has '' sku. Only premium workspaces can create private endpoint connection Source: runtime OperationId: PrivateLinkResources_List
❌ CLIENT_ERROR	statusCode: 400, errorCode: InvalidSkuForPrivateEndpoint, errorMessage: The workspace 'workspacngo6s4' has '' sku. Only premium workspaces can create private endpoint connection Source: runtime OperationId: PrivateLinkResources_Get
❌ CLIENT_ERROR	statusCode: 404, errorCode: PrivateEndpointConnectionsNotFound, errorMessage: The private endpoint connection 'privatee42ixdq' is not found in the workspace 'workspacngo6s4' Source: runtime OperationId: PrivateEndpointConnections_Delete

️️✔️SwaggerAPIView succeeded [Detail] [Expand]

️️✔️CadlAPIView succeeded [Detail] [Expand]

️️✔️ModelValidation succeeded [Detail] [Expand]

Validation passes for ModelValidation.

️️✔️SemanticValidation succeeded [Detail] [Expand]

Validation passes for SemanticValidation.

️️✔️PoliCheck succeeded [Detail] [Expand]

Validation passed for PoliCheck.

️️✔️PrettierCheck succeeded [Detail] [Expand]

Validation passes for PrettierCheck.

️️✔️SpellCheck succeeded [Detail] [Expand]

Validation passes for SpellCheck.

️️✔️Lint(RPaaS) succeeded [Detail] [Expand]

Validation passes for Lint(RPaaS).

️️✔️CadlValidation succeeded [Detail] [Expand]

Validation passes for CadlValidation.

️️✔️PR Summary succeeded [Detail] [Expand]

Validation passes for Summary.

_{Posted by Swagger Pipeline | How to fix these errors?}

[openapi-pipeline-app]

Swagger Generation Artifacts

️️✔️ApiDocPreview succeeded [Detail] [Expand]

 Please click here to preview with your @microsoft account. 

️️✔️SDK Breaking Change Tracking succeeded [Detail] [Expand]

Breaking Changes Tracking

️⚠️ azure-sdk-for-python-track2 warning [Detail]

• ⚠️Warning [Logs]Release - Generate from 96c583e. SDK Automation 14.0.0

  command	sh scripts/automation_init.sh ../azure-sdk-for-python_tmp/initInput.json ../azure-sdk-for-python_tmp/initOutput.json
  cmderr	[automation_init.sh] WARNING: Skipping azure-nspkg as it is not installed.
  command	sh scripts/automation_generate.sh ../azure-sdk-for-python_tmp/generateInput.json ../azure-sdk-for-python_tmp/generateOutput.json
  cmderr	[automation_generate.sh]
  cmderr	[automation_generate.sh] npm notice New major version of npm available! 8.19.3 -> 9.4.2
  cmderr	[automation_generate.sh] npm notice Changelog: <https://github.com/npm/cli/releases/tag/v9.4.2>
  cmderr	[automation_generate.sh] npm notice Run `npm install -g [email protected]` to update!
  cmderr	[automation_generate.sh] npm notice

• ️✔️track2_azure-mgmt-databricks [View full logs]  [Release SDK Changes] Breaking Change Detected
  • azure_mgmt_databricks-1.0.0b1-py3-none-any.whl
  • azure-mgmt-databricks-1.0.0b1.zip

  info	[Changelog] ### Features Added
  info	[Changelog]
  info	[Changelog]   - Model AccessConnector has a new parameter system_data
  info	[Changelog]   - Model OperationDisplay has a new parameter description
  info	[Changelog]   - Model PrivateEndpointConnectionProperties has a new parameter group_ids
  info	[Changelog]   - Model PrivateLinkServiceConnectionState has a new parameter actions_required
  info	[Changelog]
  info	[Changelog] ### Breaking Changes
  info	[Changelog]
  info	[Changelog]   - Model PrivateLinkServiceConnectionState no longer has parameter action_required

️️✔️ azure-sdk-for-js succeeded [Detail] [Expand]

• ️✔️Succeeded [Logs]Release - Generate from 96c583e. SDK Automation 14.0.0

  command	sh .scripts/automation_init.sh ../azure-sdk-for-js_tmp/initInput.json ../azure-sdk-for-js_tmp/initOutput.json
  warn	File azure-sdk-for-js_tmp/initOutput.json not found to read
  command	sh .scripts/automation_generate.sh ../azure-sdk-for-js_tmp/generateInput.json ../azure-sdk-for-js_tmp/generateOutput.json

• ️✔️@azure/arm-databricks [View full logs]  [Release SDK Changes]
  • azure-arm-databricks-3.0.0-beta.5.tgz

  info	[Changelog]
  error	breakingChangeTracking is enabled, but version or changelogItem is not found in output.

️⚠️ azure-resource-manager-schemas warning [Detail]

• ⚠️Warning [Logs]Release - Generate from 96c583e. Schema Automation 14.0.0

  command	.sdkauto/initScript.sh ../azure-resource-manager-schemas_tmp/initInput.json ../azure-resource-manager-schemas_tmp/initOutput.json
  cmderr	[initScript.sh] WARN old lockfile
  cmderr	[initScript.sh] npm WARN old lockfile The package-lock.json file was created with an old version of npm,
  cmderr	[initScript.sh] npm WARN old lockfile so supplemental metadata must be fetched from the registry.
  cmderr	[initScript.sh] npm WARN old lockfile
  cmderr	[initScript.sh] npm WARN old lockfile This is a one-time fix-up, please be patient...
  cmderr	[initScript.sh] npm WARN old lockfile
  warn	File azure-resource-manager-schemas_tmp/initOutput.json not found to read
  command	.sdkauto/generateScript.sh ../azure-resource-manager-schemas_tmp/generateInput.json ../azure-resource-manager-schemas_tmp/generateOutput.json

• ️✔️databricks [View full logs]  [Release Schema Changes]

️️✔️ azure-powershell succeeded [Detail] [Expand]

• ️✔️Succeeded [Logs]Release - Generate from 96c583e. SDK Automation 14.0.0

  command	sh ./tools/SwaggerCI/init.sh ../azure-powershell_tmp/initInput.json ../azure-powershell_tmp/initOutput.json
  command	pwsh ./tools/SwaggerCI/psci.ps1 ../azure-powershell_tmp/generateInput.json ../azure-powershell_tmp/generateOutput.json

• ️✔️Az.Databricks [View full logs]  [Release SDK Changes]
  • Az.Databricks.0.1.0.nupkg

_{Posted by Swagger Pipeline | How to fix these errors?}

[openapi-pipeline-app]

Generated ApiView

Language	Package Name	ApiView Link
JavaScript	@azure/arm-databricks	https://apiview.dev/Assemblies/Review/6888beb060064bc2a1b9eb8a6cc06416

[openapi-workflow-bot]

Hi, @mvvsubbu your PR are labelled with WaitForARMFeedback. A notification email will be sent out shortly afterwards to notify ARM review board([email protected]).

[mvvsubbu]

These changes are already approved in Private Repository in the following PR

https://github.com/Azure/azure-rest-api-specs-pr/pull/9319

And these are also approved in Public Repository in the following PR

#21765

The Public Repository PR has been accidentally merged by the previous PR owner, so I had to revert and create new one.

[openapi-workflow-bot]

Hi, @mvvsubbu, For review efficiency consideration, when creating a new api version, it is required to place API specs of the base version in the first commit, and push new version updates into successive commits. You can use OpenAPIHub to initialize the PR for adding a new version. For more details refer to the wiki. Or you could onboard API spec pipeline

[sabose1]

LGTM

[mvvsubbu]

@leni-msft can you merge this PR, our service changes are deployed.

[leniatgh]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).