Hi,
I have a set of notebooks which configure new catalogs, set permissions, create default schemas, attach Azure Storage accounts as external volumes, create Git Folders and set current branches, etc.
All this works just fine.
One thing I'm trying to add is automated binding of a catalog to specific workspace(s).
I have my SQL cells creating the catalog and setting the permissions working.
Then, I have a %pip cell which installs the databricks-sdk and restarts python.
That works without error.
But then I have a python cell with the following:
_ = w.catalogs.update(name=newCatalogName, isolation_mode=CatalogIsolationMode.ISOLATED)
This raises the error:
PermissionDenied: Unauthorized token type db-internal to call UpdateCatalog. Config: host=https://ukwest.azuredatabricks.net, azure_tenant_id=**REDACTED**, auth_type=runtime
The odd thing is that I can use the WorkspaceClient for other operations (e.g. creating workspace items) absolutely fine without error.
Any help greatly appreciated!
For reference:
- My user is in the admins group for the workspace
- I have full permissions (including MODIFY) on the target catalog
- This is using Azure Databricks with SSO user authentication.
- The cluster is a Personal cluster.
