upgrade to 0.51

.codegen/_openapi_sha

@@ -1 +1 @@
-25b2478e5a18c888f0d423249abde5499dc58424
+d25296d2f4aa7bd6195c816fdf82e0f960f775da

.gitattributes

@@ -38,7 +38,6 @@ cmd/workspace/apps/apps.go linguist-generated=true
 cmd/workspace/artifact-allowlists/artifact-allowlists.go linguist-generated=true
 cmd/workspace/automatic-cluster-update/automatic-cluster-update.go linguist-generated=true
 cmd/workspace/catalogs/catalogs.go linguist-generated=true
-cmd/workspace/clean-rooms/clean-rooms.go linguist-generated=true
 cmd/workspace/cluster-policies/cluster-policies.go linguist-generated=true
 cmd/workspace/clusters/clusters.go linguist-generated=true
 cmd/workspace/cmd.go linguist-generated=true
@@ -50,6 +49,7 @@ cmd/workspace/consumer-listings/consumer-listings.go linguist-generated=true
 cmd/workspace/consumer-personalization-requests/consumer-personalization-requests.go linguist-generated=true
 cmd/workspace/consumer-providers/consumer-providers.go linguist-generated=true
 cmd/workspace/credentials-manager/credentials-manager.go linguist-generated=true
+cmd/workspace/credentials/credentials.go linguist-generated=true
 cmd/workspace/current-user/current-user.go linguist-generated=true
 cmd/workspace/dashboard-widgets/dashboard-widgets.go linguist-generated=true
 cmd/workspace/dashboards/dashboards.go linguist-generated=true

bundle/schema/jsonschema.json

@@ -572,7 +572,7 @@
                         "$ref": "#/$defs/github.com/databricks/databricks-sdk-go/service/pipelines.Filters"
                       },
                       "gateway_definition": {
-                        "description": "The definition of a gateway pipeline to support CDC.",
+                        "description": "The definition of a gateway pipeline to support change data capture.",
                         "$ref": "#/$defs/github.com/databricks/databricks-sdk-go/service/pipelines.IngestionGatewayPipelineDefinition"
                       },
                       "id": {
@@ -602,6 +602,10 @@
                         "description": "Whether Photon is enabled for this pipeline.",
                         "$ref": "#/$defs/bool"
                       },
+                      "restart_window": {
+                        "description": "Restart window of this pipeline.",
+                        "$ref": "#/$defs/github.com/databricks/databricks-sdk-go/service/pipelines.RestartWindow"
+                      },
                       "schema": {
                         "description": "The default schema (database) where tables are read from or published to. The presence of this field implies that the pipeline is in direct publishing mode.",
                         "$ref": "#/$defs/string"
@@ -1310,11 +1314,7 @@
                   "properties": {
                     "pause_status": {
                       "description": "Read only field that indicates whether a schedule is paused or not.",
-                      "$ref": "#/$defs/github.com/databricks/databricks-sdk-go/service/catalog.MonitorCronSchedulePauseStatus",
+                      "$ref": "#/$defs/github.com/databricks/databricks-sdk-go/service/catalog.MonitorCronSchedulePauseStatus"
-                      "enum": [
-                        "UNPAUSED",
-                        "PAUSED"
-                      ]
                     },
                     "quartz_cron_expression": {
                       "description": "The expression that determines when to run the monitor. See [examples](https://www.quartz-scheduler.org/documentation/quartz-2.3.0/tutorials/crontrigger.html).\n",
@@ -1338,7 +1338,12 @@
               ]
             },
             "catalog.MonitorCronSchedulePauseStatus": {
-              "type": "string"
+              "type": "string",
+              "description": "Read only field that indicates whether a schedule is paused or not.",
+              "enum": [
+                "UNPAUSED",
+                "PAUSED"
+              ]
             },
             "catalog.MonitorDataClassificationConfig": {
               "anyOf": [
@@ -1403,11 +1408,7 @@
                     },
                     "problem_type": {
                       "description": "Problem type the model aims to solve. Determines the type of model-quality metrics that will be computed.",
-                      "$ref": "#/$defs/github.com/databricks/databricks-sdk-go/service/catalog.MonitorInferenceLogProblemType",
+                      "$ref": "#/$defs/github.com/databricks/databricks-sdk-go/service/catalog.MonitorInferenceLogProblemType"
-                      "enum": [
-                        "PROBLEM_TYPE_CLASSIFICATION",
-                        "PROBLEM_TYPE_REGRESSION"
-                      ]
                     },
                     "timestamp_col": {
                       "description": "Column that contains the timestamps of requests. The column must be one of the following:\n- A ``TimestampType`` column\n- A column whose values can be converted to timestamps through the pyspark\n  ``to_timestamp`` [function](https://spark.apache.org/docs/latest/api/python/reference/pyspark.sql/api/pyspark.sql.functions.to_timestamp.html).\n",
@@ -1430,7 +1431,12 @@
               ]
             },
             "catalog.MonitorInferenceLogProblemType": {
-              "type": "string"
+              "type": "string",
+              "description": "Problem type the model aims to solve. Determines the type of model-quality metrics that will be computed.",
+              "enum": [
+                "PROBLEM_TYPE_CLASSIFICATION",
+                "PROBLEM_TYPE_REGRESSION"
+              ]
             },
             "catalog.MonitorMetric": {
               "anyOf": [
@@ -1455,12 +1461,7 @@
                     },
                     "type": {
                       "description": "Can only be one of ``\"CUSTOM_METRIC_TYPE_AGGREGATE\"``, ``\"CUSTOM_METRIC_TYPE_DERIVED\"``, or ``\"CUSTOM_METRIC_TYPE_DRIFT\"``.\nThe ``\"CUSTOM_METRIC_TYPE_AGGREGATE\"`` and ``\"CUSTOM_METRIC_TYPE_DERIVED\"`` metrics\nare computed on a single table, whereas the ``\"CUSTOM_METRIC_TYPE_DRIFT\"`` compare metrics across\nbaseline and input table, or across the two consecutive time windows.\n- CUSTOM_METRIC_TYPE_AGGREGATE: only depend on the existing columns in your table\n- CUSTOM_METRIC_TYPE_DERIVED: depend on previously computed aggregate metrics\n- CUSTOM_METRIC_TYPE_DRIFT:  depend on previously computed aggregate or derived metrics\n",
-                      "$ref": "#/$defs/github.com/databricks/databricks-sdk-go/service/catalog.MonitorMetricType",
+                      "$ref": "#/$defs/github.com/databricks/databricks-sdk-go/service/catalog.MonitorMetricType"
-                      "enum": [
-                        "CUSTOM_METRIC_TYPE_AGGREGATE",
-                        "CUSTOM_METRIC_TYPE_DERIVED",
-                        "CUSTOM_METRIC_TYPE_DRIFT"
-                      ]
                     }
                   },
                   "additionalProperties": false,
@@ -1479,7 +1480,13 @@
               ]
             },
             "catalog.MonitorMetricType": {
-              "type": "string"
+              "type": "string",
+              "description": "Can only be one of ``\"CUSTOM_METRIC_TYPE_AGGREGATE\"``, ``\"CUSTOM_METRIC_TYPE_DERIVED\"``, or ``\"CUSTOM_METRIC_TYPE_DRIFT\"``.\nThe ``\"CUSTOM_METRIC_TYPE_AGGREGATE\"`` and ``\"CUSTOM_METRIC_TYPE_DERIVED\"`` metrics\nare computed on a single table, whereas the ``\"CUSTOM_METRIC_TYPE_DRIFT\"`` compare metrics across\nbaseline and input table, or across the two consecutive time windows.\n- CUSTOM_METRIC_TYPE_AGGREGATE: only depend on the existing columns in your table\n- CUSTOM_METRIC_TYPE_DERIVED: depend on previously computed aggregate metrics\n- CUSTOM_METRIC_TYPE_DRIFT:  depend on previously computed aggregate or derived metrics\n",
+              "enum": [
+                "CUSTOM_METRIC_TYPE_AGGREGATE",
+                "CUSTOM_METRIC_TYPE_DERIVED",
+                "CUSTOM_METRIC_TYPE_DRIFT"
+              ]
             },
             "catalog.MonitorNotifications": {
               "anyOf": [
@@ -3980,15 +3987,15 @@
                   "type": "object",
                   "properties": {
                     "report": {
-                      "description": "Select tables from a specific source report.",
+                      "description": "Select a specific source report.",
                       "$ref": "#/$defs/github.com/databricks/databricks-sdk-go/service/pipelines.ReportSpec"
                     },
                     "schema": {
-                      "description": "Select tables from a specific source schema.",
+                      "description": "Select all tables from a specific source schema.",
                       "$ref": "#/$defs/github.com/databricks/databricks-sdk-go/service/pipelines.SchemaSpec"
                     },
                     "table": {
-                      "description": "Select tables from a specific source table.",
+                      "description": "Select a specific source table.",
                       "$ref": "#/$defs/github.com/databricks/databricks-sdk-go/service/pipelines.TableSpec"
                     }
                   },
@@ -4006,7 +4013,11 @@
                   "type": "object",
                   "properties": {
                     "connection_id": {
-                      "description": "Immutable. The Unity Catalog connection this gateway pipeline uses to communicate with the source.",
+                      "description": "[Deprecated, use connection_name instead] Immutable. The Unity Catalog connection that this gateway pipeline uses to communicate with the source.",
+                      "$ref": "#/$defs/string"
+                    },
+                    "connection_name": {
+                      "description": "Immutable. The Unity Catalog connection that this gateway pipeline uses to communicate with the source.",
                       "$ref": "#/$defs/string"
                     },
                     "gateway_storage_catalog": {
@@ -4036,11 +4047,11 @@
                   "type": "object",
                   "properties": {
                     "connection_name": {
-                      "description": "Immutable. The Unity Catalog connection this ingestion pipeline uses to communicate with the source. Specify either ingestion_gateway_id or connection_name.",
+                      "description": "Immutable. The Unity Catalog connection that this ingestion pipeline uses to communicate with the source. This is used with connectors for applications like Salesforce, Workday, and so on.",
                       "$ref": "#/$defs/string"
                     },
                     "ingestion_gateway_id": {
-                      "description": "Immutable. Identifier for the ingestion gateway used by this ingestion pipeline to communicate with the source. Specify either ingestion_gateway_id or connection_name.",
+                      "description": "Immutable. Identifier for the gateway that is used by this ingestion pipeline to communicate with the source database. This is used with connectors to databases like SQL Server.",
                       "$ref": "#/$defs/string"
                     },
                     "objects": {
@@ -4350,6 +4361,47 @@
                 }
               ]
             },
+            "pipelines.RestartWindow": {
+              "anyOf": [
+                {
+                  "type": "object",
+                  "properties": {
+                    "days_of_week": {
+                      "description": "Days of week in which the restart is allowed to happen (within a five-hour window starting at start_hour).\nIf not specified all days of the week will be used.",
+                      "$ref": "#/$defs/github.com/databricks/databricks-sdk-go/service/pipelines.RestartWindowDaysOfWeek",
+                      "enum": [
+                        "MONDAY",
+                        "TUESDAY",
+                        "WEDNESDAY",
+                        "THURSDAY",
+                        "FRIDAY",
+                        "SATURDAY",
+                        "SUNDAY"
+                      ]
+                    },
+                    "start_hour": {
+                      "description": "An integer between 0 and 23 denoting the start hour for the restart window in the 24-hour day.\nContinuous pipeline restart is triggered only within a five-hour window starting at this hour.",
+                      "$ref": "#/$defs/int"
+                    },
+                    "time_zone_id": {
+                      "description": "Time zone id of restart window. See https://docs.databricks.com/sql/language-manual/sql-ref-syntax-aux-conf-mgmt-set-timezone.html for details.\nIf not specified, UTC will be used.",
+                      "$ref": "#/$defs/string"
+                    }
+                  },
+                  "additionalProperties": false,
+                  "required": [
+                    "start_hour"
+                  ]
+                },
+                {
+                  "type": "string",
+                  "pattern": "\\$\\{(var(\\.[a-zA-Z]+([-_]?[a-zA-Z0-9]+)*(\\[[0-9]+\\])*)+)\\}"
+                }
+              ]
+            },
+            "pipelines.RestartWindowDaysOfWeek": {
+              "type": "string"
+            },
             "pipelines.SchemaSpec": {
               "anyOf": [
                 {

cmd/account/workspaces/workspaces.go

@@ -421,6 +421,7 @@ func newUpdate() *cobra.Command {
 	cmd.Flags().StringVar(&updateReq.ManagedServicesCustomerManagedKeyId, "managed-services-customer-managed-key-id", updateReq.ManagedServicesCustomerManagedKeyId, `The ID of the workspace's managed services encryption key configuration object.`)
 	cmd.Flags().StringVar(&updateReq.NetworkConnectivityConfigId, "network-connectivity-config-id", updateReq.NetworkConnectivityConfigId, ``)
 	cmd.Flags().StringVar(&updateReq.NetworkId, "network-id", updateReq.NetworkId, `The ID of the workspace's network configuration object.`)
+	cmd.Flags().StringVar(&updateReq.PrivateAccessSettingsId, "private-access-settings-id", updateReq.PrivateAccessSettingsId, `The ID of the workspace's private access settings configuration object.`)
 	cmd.Flags().StringVar(&updateReq.StorageConfigurationId, "storage-configuration-id", updateReq.StorageConfigurationId, `The ID of the workspace's storage configuration object.`)
 	cmd.Flags().StringVar(&updateReq.StorageCustomerManagedKeyId, "storage-customer-managed-key-id", updateReq.StorageCustomerManagedKeyId, `The ID of the key configuration object for workspace storage.`)
 

cmd/workspace/apps/apps.go

@@ -700,8 +700,9 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set app permissions.`
 	cmd.Long = `Set app permissions.
   
-  Sets permissions on an app. Apps can inherit permissions from their root
+  Sets permissions on an object, replacing existing permissions if they exist.
-  object.
+  Deletes all direct permissions if none are specified. Objects can inherit
+  permissions from their root object.
 
   Arguments:
     APP_NAME: The app for which to get or manage permissions.`

cmd/workspace/cluster-policies/cluster-policies.go

@@ -634,8 +634,9 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set cluster policy permissions.`
 	cmd.Long = `Set cluster policy permissions.
   
-  Sets permissions on a cluster policy. Cluster policies can inherit permissions
+  Sets permissions on an object, replacing existing permissions if they exist.
-  from their root object.
+  Deletes all direct permissions if none are specified. Objects can inherit
+  permissions from their root object.
 
   Arguments:
     CLUSTER_POLICY_ID: The cluster policy for which to get or manage permissions.`

cmd/workspace/clusters/clusters.go

@@ -512,7 +512,7 @@ func newEdit() *cobra.Command {
   Clusters created by the Databricks Jobs service cannot be edited.
 
   Arguments:
-    CLUSTER_ID: ID of the cluser
+    CLUSTER_ID: ID of the cluster
     SPARK_VERSION: The Spark version of the cluster, e.g. 3.3.x-scala2.11. A list of
       available Spark versions can be retrieved by using the
       :method:clusters/sparkVersions API call.`
@@ -1504,8 +1504,9 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set cluster permissions.`
 	cmd.Long = `Set cluster permissions.
   
-  Sets permissions on a cluster. Clusters can inherit permissions from their
+  Sets permissions on an object, replacing existing permissions if they exist.
-  root object.
+  Deletes all direct permissions if none are specified. Objects can inherit
+  permissions from their root object.
 
   Arguments:
     CLUSTER_ID: The cluster for which to get or manage permissions.`

cmd/workspace/cmd.go

@@ -8,7 +8,6 @@ import (
 	apps "github.com/databricks/cli/cmd/workspace/apps"
 	artifact_allowlists "github.com/databricks/cli/cmd/workspace/artifact-allowlists"
 	catalogs "github.com/databricks/cli/cmd/workspace/catalogs"
-	clean_rooms "github.com/databricks/cli/cmd/workspace/clean-rooms"
 	cluster_policies "github.com/databricks/cli/cmd/workspace/cluster-policies"
 	clusters "github.com/databricks/cli/cmd/workspace/clusters"
 	connections "github.com/databricks/cli/cmd/workspace/connections"
@@ -17,6 +16,7 @@ import (
 	consumer_listings "github.com/databricks/cli/cmd/workspace/consumer-listings"
 	consumer_personalization_requests "github.com/databricks/cli/cmd/workspace/consumer-personalization-requests"
 	consumer_providers "github.com/databricks/cli/cmd/workspace/consumer-providers"
+	credentials "github.com/databricks/cli/cmd/workspace/credentials"
 	credentials_manager "github.com/databricks/cli/cmd/workspace/credentials-manager"
 	current_user "github.com/databricks/cli/cmd/workspace/current-user"
 	dashboard_widgets "github.com/databricks/cli/cmd/workspace/dashboard-widgets"
@@ -98,7 +98,6 @@ func All() []*cobra.Command {
 	out = append(out, apps.New())
 	out = append(out, artifact_allowlists.New())
 	out = append(out, catalogs.New())
-	out = append(out, clean_rooms.New())
 	out = append(out, cluster_policies.New())
 	out = append(out, clusters.New())
 	out = append(out, connections.New())
@@ -107,6 +106,7 @@ func All() []*cobra.Command {
 	out = append(out, consumer_listings.New())
 	out = append(out, consumer_personalization_requests.New())
 	out = append(out, consumer_providers.New())
+	out = append(out, credentials.New())
 	out = append(out, credentials_manager.New())
 	out = append(out, current_user.New())
 	out = append(out, dashboard_widgets.New())

cmd/workspace/credentials/credentials.go

@@ -0,0 +1,545 @@
+// Code generated from OpenAPI specs by Databricks SDK Generator. DO NOT EDIT.
+
+package credentials
+
+import (
+	"github.com/databricks/cli/cmd/root"
+	"github.com/databricks/cli/libs/cmdio"
+	"github.com/databricks/cli/libs/flags"
+	"github.com/databricks/databricks-sdk-go/service/catalog"
+	"github.com/spf13/cobra"
+)
+
+// Slice with functions to override default command behavior.
+// Functions can be added from the `init()` function in manually curated files in this directory.
+var cmdOverrides []func(*cobra.Command)
+
+func New() *cobra.Command {
+	cmd := &cobra.Command{
+		Use:   "credentials",
+		Short: `A credential represents an authentication and authorization mechanism for accessing services on your cloud tenant.`,
+		Long: `A credential represents an authentication and authorization mechanism for
+  accessing services on your cloud tenant. Each credential is subject to Unity
+  Catalog access-control policies that control which users and groups can access
+  the credential.
+  
+  To create credentials, you must be a Databricks account admin or have the
+  CREATE SERVICE CREDENTIAL privilege. The user who creates the credential can
+  delegate ownership to another user or group to manage permissions on it`,
+		GroupID: "catalog",
+		Annotations: map[string]string{
+			"package": "catalog",
+		},
+
+		// This service is being previewed; hide from help output.
+		Hidden: true,
+	}
+
+	// Add methods
+	cmd.AddCommand(newCreateCredential())
+	cmd.AddCommand(newDeleteCredential())
+	cmd.AddCommand(newGenerateTemporaryServiceCredential())
+	cmd.AddCommand(newGetCredential())
+	cmd.AddCommand(newListCredentials())
+	cmd.AddCommand(newUpdateCredential())
+	cmd.AddCommand(newValidateCredential())
+
+	// Apply optional overrides to this command.
+	for _, fn := range cmdOverrides {
+		fn(cmd)
+	}
+
+	return cmd
+}
+
+// start create-credential command
+
+// Slice with functions to override default command behavior.
+// Functions can be added from the `init()` function in manually curated files in this directory.
+var createCredentialOverrides []func(
+	*cobra.Command,
+	*catalog.CreateCredentialRequest,
+)
+
+func newCreateCredential() *cobra.Command {
+	cmd := &cobra.Command{}
+
+	var createCredentialReq catalog.CreateCredentialRequest
+	var createCredentialJson flags.JsonFlag
+
+	// TODO: short flags
+	cmd.Flags().Var(&createCredentialJson, "json", `either inline JSON string or @path/to/file.json with request body`)
+
+	// TODO: complex arg: aws_iam_role
+	// TODO: complex arg: azure_managed_identity
+	cmd.Flags().StringVar(&createCredentialReq.Comment, "comment", createCredentialReq.Comment, `Comment associated with the credential.`)
+	cmd.Flags().StringVar(&createCredentialReq.Name, "name", createCredentialReq.Name, `The credential name.`)
+	cmd.Flags().Var(&createCredentialReq.Purpose, "purpose", `Indicates the purpose of the credential. Supported values: [SERVICE]`)
+	cmd.Flags().BoolVar(&createCredentialReq.SkipValidation, "skip-validation", createCredentialReq.SkipValidation, `Optional.`)
+
+	cmd.Use = "create-credential"
+	cmd.Short = `Create a credential.`
+	cmd.Long = `Create a credential.
+  
+  Creates a new credential.`
+
+	cmd.Annotations = make(map[string]string)
+
+	cmd.Args = func(cmd *cobra.Command, args []string) error {
+		check := root.ExactArgs(0)
+		return check(cmd, args)
+	}
+
+	cmd.PreRunE = root.MustWorkspaceClient
+	cmd.RunE = func(cmd *cobra.Command, args []string) (err error) {
+		ctx := cmd.Context()
+		w := root.WorkspaceClient(ctx)
+
+		if cmd.Flags().Changed("json") {
+			diags := createCredentialJson.Unmarshal(&createCredentialReq)
+			if diags.HasError() {
+				return diags.Error()
+			}
+			if len(diags) > 0 {
+				err := cmdio.RenderDiagnosticsToErrorOut(ctx, diags)
+				if err != nil {
+					return err
+				}
+			}
+		}
+
+		response, err := w.Credentials.CreateCredential(ctx, createCredentialReq)
+		if err != nil {
+			return err
+		}
+		return cmdio.Render(ctx, response)
+	}
+
+	// Disable completions since they are not applicable.
+	// Can be overridden by manual implementation in `override.go`.
+	cmd.ValidArgsFunction = cobra.NoFileCompletions
+
+	// Apply optional overrides to this command.
+	for _, fn := range createCredentialOverrides {
+		fn(cmd, &createCredentialReq)
+	}
+
+	return cmd
+}
+
+// start delete-credential command
+
+// Slice with functions to override default command behavior.
+// Functions can be added from the `init()` function in manually curated files in this directory.
+var deleteCredentialOverrides []func(
+	*cobra.Command,
+	*catalog.DeleteCredentialRequest,
+)
+
+func newDeleteCredential() *cobra.Command {
+	cmd := &cobra.Command{}
+
+	var deleteCredentialReq catalog.DeleteCredentialRequest
+
+	// TODO: short flags
+
+	cmd.Flags().BoolVar(&deleteCredentialReq.Force, "force", deleteCredentialReq.Force, `Force deletion even if there are dependent services.`)
+
+	cmd.Use = "delete-credential NAME_ARG"
+	cmd.Short = `Delete a credential.`
+	cmd.Long = `Delete a credential.
+  
+  Deletes a credential from the metastore. The caller must be an owner of the
+  credential.
+
+  Arguments:
+    NAME_ARG: Name of the credential.`
+
+	cmd.Annotations = make(map[string]string)
+
+	cmd.Args = func(cmd *cobra.Command, args []string) error {
+		check := root.ExactArgs(1)
+		return check(cmd, args)
+	}
+
+	cmd.PreRunE = root.MustWorkspaceClient
+	cmd.RunE = func(cmd *cobra.Command, args []string) (err error) {
+		ctx := cmd.Context()
+		w := root.WorkspaceClient(ctx)
+
+		deleteCredentialReq.NameArg = args[0]
+
+		err = w.Credentials.DeleteCredential(ctx, deleteCredentialReq)
+		if err != nil {
+			return err
+		}
+		return nil
+	}
+
+	// Disable completions since they are not applicable.
+	// Can be overridden by manual implementation in `override.go`.
+	cmd.ValidArgsFunction = cobra.NoFileCompletions
+
+	// Apply optional overrides to this command.
+	for _, fn := range deleteCredentialOverrides {
+		fn(cmd, &deleteCredentialReq)
+	}
+
+	return cmd
+}
+
+// start generate-temporary-service-credential command
+
+// Slice with functions to override default command behavior.
+// Functions can be added from the `init()` function in manually curated files in this directory.
+var generateTemporaryServiceCredentialOverrides []func(
+	*cobra.Command,
+	*catalog.GenerateTemporaryServiceCredentialRequest,
+)
+
+func newGenerateTemporaryServiceCredential() *cobra.Command {
+	cmd := &cobra.Command{}
+
+	var generateTemporaryServiceCredentialReq catalog.GenerateTemporaryServiceCredentialRequest
+	var generateTemporaryServiceCredentialJson flags.JsonFlag
+
+	// TODO: short flags
+	cmd.Flags().Var(&generateTemporaryServiceCredentialJson, "json", `either inline JSON string or @path/to/file.json with request body`)
+
+	// TODO: complex arg: azure_options
+	cmd.Flags().StringVar(&generateTemporaryServiceCredentialReq.CredentialName, "credential-name", generateTemporaryServiceCredentialReq.CredentialName, `The name of the service credential used to generate a temporary credential.`)
+
+	cmd.Use = "generate-temporary-service-credential"
+	cmd.Short = `Generate a temporary service credential.`
+	cmd.Long = `Generate a temporary service credential.
+  
+  Returns a set of temporary credentials generated using the specified service
+  credential. The caller must be a metastore admin or have the metastore
+  privilege **ACCESS** on the service credential.`
+
+	cmd.Annotations = make(map[string]string)
+
+	cmd.Args = func(cmd *cobra.Command, args []string) error {
+		check := root.ExactArgs(0)
+		return check(cmd, args)
+	}
+
+	cmd.PreRunE = root.MustWorkspaceClient
+	cmd.RunE = func(cmd *cobra.Command, args []string) (err error) {
+		ctx := cmd.Context()
+		w := root.WorkspaceClient(ctx)
+
+		if cmd.Flags().Changed("json") {
+			diags := generateTemporaryServiceCredentialJson.Unmarshal(&generateTemporaryServiceCredentialReq)
+			if diags.HasError() {
+				return diags.Error()
+			}
+			if len(diags) > 0 {
+				err := cmdio.RenderDiagnosticsToErrorOut(ctx, diags)
+				if err != nil {
+					return err
+				}
+			}
+		}
+
+		response, err := w.Credentials.GenerateTemporaryServiceCredential(ctx, generateTemporaryServiceCredentialReq)
+		if err != nil {
+			return err
+		}
+		return cmdio.Render(ctx, response)
+	}
+
+	// Disable completions since they are not applicable.
+	// Can be overridden by manual implementation in `override.go`.
+	cmd.ValidArgsFunction = cobra.NoFileCompletions
+
+	// Apply optional overrides to this command.
+	for _, fn := range generateTemporaryServiceCredentialOverrides {
+		fn(cmd, &generateTemporaryServiceCredentialReq)
+	}
+
+	return cmd
+}
+
+// start get-credential command
+
+// Slice with functions to override default command behavior.
+// Functions can be added from the `init()` function in manually curated files in this directory.
+var getCredentialOverrides []func(
+	*cobra.Command,
+	*catalog.GetCredentialRequest,
+)
+
+func newGetCredential() *cobra.Command {
+	cmd := &cobra.Command{}
+
+	var getCredentialReq catalog.GetCredentialRequest
+
+	// TODO: short flags
+
+	cmd.Use = "get-credential NAME_ARG"
+	cmd.Short = `Get a credential.`
+	cmd.Long = `Get a credential.
+  
+  Gets a credential from the metastore. The caller must be a metastore admin,
+  the owner of the credential, or have any permission on the credential.
+
+  Arguments:
+    NAME_ARG: Name of the credential.`
+
+	cmd.Annotations = make(map[string]string)
+
+	cmd.Args = func(cmd *cobra.Command, args []string) error {
+		check := root.ExactArgs(1)
+		return check(cmd, args)
+	}
+
+	cmd.PreRunE = root.MustWorkspaceClient
+	cmd.RunE = func(cmd *cobra.Command, args []string) (err error) {
+		ctx := cmd.Context()
+		w := root.WorkspaceClient(ctx)
+
+		getCredentialReq.NameArg = args[0]
+
+		response, err := w.Credentials.GetCredential(ctx, getCredentialReq)
+		if err != nil {
+			return err
+		}
+		return cmdio.Render(ctx, response)
+	}
+
+	// Disable completions since they are not applicable.
+	// Can be overridden by manual implementation in `override.go`.
+	cmd.ValidArgsFunction = cobra.NoFileCompletions
+
+	// Apply optional overrides to this command.
+	for _, fn := range getCredentialOverrides {
+		fn(cmd, &getCredentialReq)
+	}
+
+	return cmd
+}
+
+// start list-credentials command
+
+// Slice with functions to override default command behavior.
+// Functions can be added from the `init()` function in manually curated files in this directory.
+var listCredentialsOverrides []func(
+	*cobra.Command,
+	*catalog.ListCredentialsRequest,
+)
+
+func newListCredentials() *cobra.Command {
+	cmd := &cobra.Command{}
+
+	var listCredentialsReq catalog.ListCredentialsRequest
+
+	// TODO: short flags
+
+	cmd.Flags().IntVar(&listCredentialsReq.MaxResults, "max-results", listCredentialsReq.MaxResults, `Maximum number of credentials to return.`)
+	cmd.Flags().StringVar(&listCredentialsReq.PageToken, "page-token", listCredentialsReq.PageToken, `Opaque token to retrieve the next page of results.`)
+	cmd.Flags().Var(&listCredentialsReq.Purpose, "purpose", `Return only credentials for the specified purpose. Supported values: [SERVICE]`)
+
+	cmd.Use = "list-credentials"
+	cmd.Short = `List credentials.`
+	cmd.Long = `List credentials.
+  
+  Gets an array of credentials (as __CredentialInfo__ objects).
+  
+  The array is limited to only the credentials that the caller has permission to
+  access. If the caller is a metastore admin, retrieval of credentials is
+  unrestricted. There is no guarantee of a specific ordering of the elements in
+  the array.`
+
+	cmd.Annotations = make(map[string]string)
+
+	cmd.Args = func(cmd *cobra.Command, args []string) error {
+		check := root.ExactArgs(0)
+		return check(cmd, args)
+	}
+
+	cmd.PreRunE = root.MustWorkspaceClient
+	cmd.RunE = func(cmd *cobra.Command, args []string) (err error) {
+		ctx := cmd.Context()
+		w := root.WorkspaceClient(ctx)
+
+		response := w.Credentials.ListCredentials(ctx, listCredentialsReq)
+		return cmdio.RenderIterator(ctx, response)
+	}
+
+	// Disable completions since they are not applicable.
+	// Can be overridden by manual implementation in `override.go`.
+	cmd.ValidArgsFunction = cobra.NoFileCompletions
+
+	// Apply optional overrides to this command.
+	for _, fn := range listCredentialsOverrides {
+		fn(cmd, &listCredentialsReq)
+	}
+
+	return cmd
+}
+
+// start update-credential command
+
+// Slice with functions to override default command behavior.
+// Functions can be added from the `init()` function in manually curated files in this directory.
+var updateCredentialOverrides []func(
+	*cobra.Command,
+	*catalog.UpdateCredentialRequest,
+)
+
+func newUpdateCredential() *cobra.Command {
+	cmd := &cobra.Command{}
+
+	var updateCredentialReq catalog.UpdateCredentialRequest
+	var updateCredentialJson flags.JsonFlag
+
+	// TODO: short flags
+	cmd.Flags().Var(&updateCredentialJson, "json", `either inline JSON string or @path/to/file.json with request body`)
+
+	// TODO: complex arg: aws_iam_role
+	// TODO: complex arg: azure_managed_identity
+	cmd.Flags().StringVar(&updateCredentialReq.Comment, "comment", updateCredentialReq.Comment, `Comment associated with the credential.`)
+	cmd.Flags().BoolVar(&updateCredentialReq.Force, "force", updateCredentialReq.Force, `Force update even if there are dependent services.`)
+	cmd.Flags().Var(&updateCredentialReq.IsolationMode, "isolation-mode", `Whether the current securable is accessible from all workspaces or a specific set of workspaces. Supported values: [ISOLATION_MODE_ISOLATED, ISOLATION_MODE_OPEN]`)
+	cmd.Flags().StringVar(&updateCredentialReq.NewName, "new-name", updateCredentialReq.NewName, `New name of credential.`)
+	cmd.Flags().StringVar(&updateCredentialReq.Owner, "owner", updateCredentialReq.Owner, `Username of current owner of credential.`)
+	cmd.Flags().BoolVar(&updateCredentialReq.SkipValidation, "skip-validation", updateCredentialReq.SkipValidation, `Supply true to this argument to skip validation of the updated credential.`)
+
+	cmd.Use = "update-credential NAME_ARG"
+	cmd.Short = `Update a credential.`
+	cmd.Long = `Update a credential.
+  
+  Updates a credential on the metastore.
+  
+  The caller must be the owner of the credential or a metastore admin or have
+  the MANAGE permission. If the caller is a metastore admin, only the
+  __owner__ field can be changed.
+
+  Arguments:
+    NAME_ARG: Name of the credential.`
+
+	cmd.Annotations = make(map[string]string)
+
+	cmd.Args = func(cmd *cobra.Command, args []string) error {
+		check := root.ExactArgs(1)
+		return check(cmd, args)
+	}
+
+	cmd.PreRunE = root.MustWorkspaceClient
+	cmd.RunE = func(cmd *cobra.Command, args []string) (err error) {
+		ctx := cmd.Context()
+		w := root.WorkspaceClient(ctx)
+
+		if cmd.Flags().Changed("json") {
+			diags := updateCredentialJson.Unmarshal(&updateCredentialReq)
+			if diags.HasError() {
+				return diags.Error()
+			}
+			if len(diags) > 0 {
+				err := cmdio.RenderDiagnosticsToErrorOut(ctx, diags)
+				if err != nil {
+					return err
+				}
+			}
+		}
+		updateCredentialReq.NameArg = args[0]
+
+		response, err := w.Credentials.UpdateCredential(ctx, updateCredentialReq)
+		if err != nil {
+			return err
+		}
+		return cmdio.Render(ctx, response)
+	}
+
+	// Disable completions since they are not applicable.
+	// Can be overridden by manual implementation in `override.go`.
+	cmd.ValidArgsFunction = cobra.NoFileCompletions
+
+	// Apply optional overrides to this command.
+	for _, fn := range updateCredentialOverrides {
+		fn(cmd, &updateCredentialReq)
+	}
+
+	return cmd
+}
+
+// start validate-credential command
+
+// Slice with functions to override default command behavior.
+// Functions can be added from the `init()` function in manually curated files in this directory.
+var validateCredentialOverrides []func(
+	*cobra.Command,
+	*catalog.ValidateCredentialRequest,
+)
+
+func newValidateCredential() *cobra.Command {
+	cmd := &cobra.Command{}
+
+	var validateCredentialReq catalog.ValidateCredentialRequest
+	var validateCredentialJson flags.JsonFlag
+
+	// TODO: short flags
+	cmd.Flags().Var(&validateCredentialJson, "json", `either inline JSON string or @path/to/file.json with request body`)
+
+	// TODO: complex arg: aws_iam_role
+	// TODO: complex arg: azure_managed_identity
+	cmd.Flags().StringVar(&validateCredentialReq.CredentialName, "credential-name", validateCredentialReq.CredentialName, `Required.`)
+	cmd.Flags().Var(&validateCredentialReq.Purpose, "purpose", `The purpose of the credential. Supported values: [SERVICE]`)
+
+	cmd.Use = "validate-credential"
+	cmd.Short = `Validate a credential.`
+	cmd.Long = `Validate a credential.
+  
+  Validates a credential.
+  
+  Either the __credential_name__ or the cloud-specific credential must be
+  provided.
+  
+  The caller must be a metastore admin or the credential owner.`
+
+	cmd.Annotations = make(map[string]string)
+
+	cmd.Args = func(cmd *cobra.Command, args []string) error {
+		check := root.ExactArgs(0)
+		return check(cmd, args)
+	}
+
+	cmd.PreRunE = root.MustWorkspaceClient
+	cmd.RunE = func(cmd *cobra.Command, args []string) (err error) {
+		ctx := cmd.Context()
+		w := root.WorkspaceClient(ctx)
+
+		if cmd.Flags().Changed("json") {
+			diags := validateCredentialJson.Unmarshal(&validateCredentialReq)
+			if diags.HasError() {
+				return diags.Error()
+			}
+			if len(diags) > 0 {
+				err := cmdio.RenderDiagnosticsToErrorOut(ctx, diags)
+				if err != nil {
+					return err
+				}
+			}
+		}
+
+		response, err := w.Credentials.ValidateCredential(ctx, validateCredentialReq)
+		if err != nil {
+			return err
+		}
+		return cmdio.Render(ctx, response)
+	}
+
+	// Disable completions since they are not applicable.
+	// Can be overridden by manual implementation in `override.go`.
+	cmd.ValidArgsFunction = cobra.NoFileCompletions
+
+	// Apply optional overrides to this command.
+	for _, fn := range validateCredentialOverrides {
+		fn(cmd, &validateCredentialReq)
+	}
+
+	return cmd
+}
+
+// end service Credentials

cmd/workspace/experiments/experiments.go

@@ -2034,8 +2034,9 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set experiment permissions.`
 	cmd.Long = `Set experiment permissions.
   
-  Sets permissions on an experiment. Experiments can inherit permissions from
+  Sets permissions on an object, replacing existing permissions if they exist.
-  their root object.
+  Deletes all direct permissions if none are specified. Objects can inherit
+  permissions from their root object.
 
   Arguments:
     EXPERIMENT_ID: The experiment for which to get or manage permissions.`

cmd/workspace/external-locations/external-locations.go

@@ -356,7 +356,7 @@ func newUpdate() *cobra.Command {
 	// TODO: complex arg: encryption_details
 	cmd.Flags().BoolVar(&updateReq.Fallback, "fallback", updateReq.Fallback, `Indicates whether fallback mode is enabled for this external location.`)
 	cmd.Flags().BoolVar(&updateReq.Force, "force", updateReq.Force, `Force update even if changing url invalidates dependent external tables or mounts.`)
-	cmd.Flags().Var(&updateReq.IsolationMode, "isolation-mode", `Whether the current securable is accessible from all workspaces or a specific set of workspaces. Supported values: [ISOLATION_MODE_ISOLATED, ISOLATION_MODE_OPEN]`)
+	cmd.Flags().Var(&updateReq.IsolationMode, "isolation-mode", `. Supported values: [ISOLATION_MODE_ISOLATED, ISOLATION_MODE_OPEN]`)
 	cmd.Flags().StringVar(&updateReq.NewName, "new-name", updateReq.NewName, `New name for the external location.`)
 	cmd.Flags().StringVar(&updateReq.Owner, "owner", updateReq.Owner, `The owner of the external location.`)
 	cmd.Flags().BoolVar(&updateReq.ReadOnly, "read-only", updateReq.ReadOnly, `Indicates whether the external location is read-only.`)

cmd/workspace/instance-pools/instance-pools.go

@@ -635,8 +635,9 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set instance pool permissions.`
 	cmd.Long = `Set instance pool permissions.
   
-  Sets permissions on an instance pool. Instance pools can inherit permissions
+  Sets permissions on an object, replacing existing permissions if they exist.
-  from their root object.
+  Deletes all direct permissions if none are specified. Objects can inherit
+  permissions from their root object.
 
   Arguments:
     INSTANCE_POOL_ID: The instance pool for which to get or manage permissions.`

cmd/workspace/jobs/jobs.go

@@ -1339,6 +1339,7 @@ func newRunNow() *cobra.Command {
 	// TODO: array: jar_params
 	// TODO: map via StringToStringVar: job_parameters
 	// TODO: map via StringToStringVar: notebook_params
+	// TODO: array: only
 	// TODO: complex arg: pipeline_params
 	// TODO: map via StringToStringVar: python_named_params
 	// TODO: array: python_params
@@ -1470,8 +1471,9 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set job permissions.`
 	cmd.Long = `Set job permissions.
   
-  Sets permissions on a job. Jobs can inherit permissions from their root
+  Sets permissions on an object, replacing existing permissions if they exist.
-  object.
+  Deletes all direct permissions if none are specified. Objects can inherit
+  permissions from their root object.
 
   Arguments:
     JOB_ID: The job for which to get or manage permissions.`

cmd/workspace/lakeview/lakeview.go

@@ -151,6 +151,7 @@ func newCreateSchedule() *cobra.Command {
 
 	cmd.Flags().StringVar(&createScheduleReq.Schedule.DisplayName, "display-name", createScheduleReq.Schedule.DisplayName, `The display name for schedule.`)
 	cmd.Flags().Var(&createScheduleReq.Schedule.PauseStatus, "pause-status", `The status indicates whether this schedule is paused or not. Supported values: [PAUSED, UNPAUSED]`)
+	cmd.Flags().StringVar(&createScheduleReq.Schedule.WarehouseId, "warehouse-id", createScheduleReq.Schedule.WarehouseId, `The warehouse id to run the dashboard with for the schedule.`)
 
 	cmd.Use = "create-schedule DASHBOARD_ID"
 	cmd.Short = `Create dashboard schedule.`
@@ -1204,6 +1205,7 @@ func newUpdateSchedule() *cobra.Command {
 
 	cmd.Flags().StringVar(&updateScheduleReq.Schedule.DisplayName, "display-name", updateScheduleReq.Schedule.DisplayName, `The display name for schedule.`)
 	cmd.Flags().Var(&updateScheduleReq.Schedule.PauseStatus, "pause-status", `The status indicates whether this schedule is paused or not. Supported values: [PAUSED, UNPAUSED]`)
+	cmd.Flags().StringVar(&updateScheduleReq.Schedule.WarehouseId, "warehouse-id", updateScheduleReq.Schedule.WarehouseId, `The warehouse id to run the dashboard with for the schedule.`)
 
 	cmd.Use = "update-schedule DASHBOARD_ID SCHEDULE_ID"
 	cmd.Short = `Update dashboard schedule.`

cmd/workspace/model-registry/model-registry.go

@@ -2123,7 +2123,8 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set registered model permissions.`
 	cmd.Long = `Set registered model permissions.
   
-  Sets permissions on a registered model. Registered models can inherit
+  Sets permissions on an object, replacing existing permissions if they exist.
+  Deletes all direct permissions if none are specified. Objects can inherit
   permissions from their root object.
 
   Arguments:

cmd/workspace/permissions/permissions.go

@@ -241,8 +241,9 @@ func newSet() *cobra.Command {
 	cmd.Short = `Set object permissions.`
 	cmd.Long = `Set object permissions.
   
-  Sets permissions on an object. Objects can inherit permissions from their
+  Sets permissions on an object, replacing existing permissions if they exist.
-  parent objects or root object.
+  Deletes all direct permissions if none are specified. Objects can inherit
+  permissions from their parent objects or root object.
 
   Arguments:
     REQUEST_OBJECT_TYPE: The type of the request object. Can be one of the following: alerts,

cmd/workspace/pipelines/pipelines.go

@@ -691,8 +691,9 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set pipeline permissions.`
 	cmd.Long = `Set pipeline permissions.
   
-  Sets permissions on a pipeline. Pipelines can inherit permissions from their
+  Sets permissions on an object, replacing existing permissions if they exist.
-  root object.
+  Deletes all direct permissions if none are specified. Objects can inherit
+  permissions from their root object.
 
   Arguments:
     PIPELINE_ID: The pipeline for which to get or manage permissions.`
@@ -972,6 +973,7 @@ func newUpdate() *cobra.Command {
 	// TODO: array: notifications
 	cmd.Flags().BoolVar(&updateReq.Photon, "photon", updateReq.Photon, `Whether Photon is enabled for this pipeline.`)
 	cmd.Flags().StringVar(&updateReq.PipelineId, "pipeline-id", updateReq.PipelineId, `Unique identifier for this pipeline.`)
+	// TODO: complex arg: restart_window
 	cmd.Flags().StringVar(&updateReq.Schema, "schema", updateReq.Schema, `The default schema (database) where tables are read from or published to.`)
 	cmd.Flags().BoolVar(&updateReq.Serverless, "serverless", updateReq.Serverless, `Whether serverless compute is enabled for this pipeline.`)
 	cmd.Flags().StringVar(&updateReq.Storage, "storage", updateReq.Storage, `DBFS root directory for storing checkpoints and tables.`)

cmd/workspace/repos/repos.go

@@ -513,8 +513,9 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set repo permissions.`
 	cmd.Long = `Set repo permissions.
   
-  Sets permissions on a repo. Repos can inherit permissions from their root
+  Sets permissions on an object, replacing existing permissions if they exist.
-  object.
+  Deletes all direct permissions if none are specified. Objects can inherit
+  permissions from their root object.
 
   Arguments:
     REPO_ID: The repo for which to get or manage permissions.`

cmd/workspace/serving-endpoints/serving-endpoints.go

@@ -1008,7 +1008,8 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set serving endpoint permissions.`
 	cmd.Long = `Set serving endpoint permissions.
   
-  Sets permissions on a serving endpoint. Serving endpoints can inherit
+  Sets permissions on an object, replacing existing permissions if they exist.
+  Deletes all direct permissions if none are specified. Objects can inherit
   permissions from their root object.
 
   Arguments:

cmd/workspace/storage-credentials/storage-credentials.go

@@ -360,7 +360,7 @@ func newUpdate() *cobra.Command {
 	cmd.Flags().StringVar(&updateReq.Comment, "comment", updateReq.Comment, `Comment associated with the credential.`)
 	// TODO: complex arg: databricks_gcp_service_account
 	cmd.Flags().BoolVar(&updateReq.Force, "force", updateReq.Force, `Force update even if there are dependent external locations or external tables.`)
-	cmd.Flags().Var(&updateReq.IsolationMode, "isolation-mode", `Whether the current securable is accessible from all workspaces or a specific set of workspaces. Supported values: [ISOLATION_MODE_ISOLATED, ISOLATION_MODE_OPEN]`)
+	cmd.Flags().Var(&updateReq.IsolationMode, "isolation-mode", `. Supported values: [ISOLATION_MODE_ISOLATED, ISOLATION_MODE_OPEN]`)
 	cmd.Flags().StringVar(&updateReq.NewName, "new-name", updateReq.NewName, `New name for the storage credential.`)
 	cmd.Flags().StringVar(&updateReq.Owner, "owner", updateReq.Owner, `Username of current owner of credential.`)
 	cmd.Flags().BoolVar(&updateReq.ReadOnly, "read-only", updateReq.ReadOnly, `Whether the storage credential is only usable for read operations.`)

cmd/workspace/tables/tables.go

@@ -304,6 +304,7 @@ func newList() *cobra.Command {
 	cmd.Flags().IntVar(&listReq.MaxResults, "max-results", listReq.MaxResults, `Maximum number of tables to return.`)
 	cmd.Flags().BoolVar(&listReq.OmitColumns, "omit-columns", listReq.OmitColumns, `Whether to omit the columns of the table from the response or not.`)
 	cmd.Flags().BoolVar(&listReq.OmitProperties, "omit-properties", listReq.OmitProperties, `Whether to omit the properties of the table from the response or not.`)
+	cmd.Flags().BoolVar(&listReq.OmitUsername, "omit-username", listReq.OmitUsername, `Whether to omit the username of the table (e.g.`)
 	cmd.Flags().StringVar(&listReq.PageToken, "page-token", listReq.PageToken, `Opaque token to send for the next page of results (pagination).`)
 
 	cmd.Use = "list CATALOG_NAME SCHEMA_NAME"

cmd/workspace/token-management/token-management.go

@@ -448,8 +448,9 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set token permissions.`
 	cmd.Long = `Set token permissions.
   
-  Sets permissions on all tokens. Tokens can inherit permissions from their root
+  Sets permissions on an object, replacing existing permissions if they exist.
-  object.`
+  Deletes all direct permissions if none are specified. Objects can inherit
+  permissions from their root object.`
 
 	cmd.Annotations = make(map[string]string)
 

cmd/workspace/users/users.go

@@ -542,8 +542,9 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set password permissions.`
 	cmd.Long = `Set password permissions.
   
-  Sets permissions on all passwords. Passwords can inherit permissions from
+  Sets permissions on an object, replacing existing permissions if they exist.
-  their root object.`
+  Deletes all direct permissions if none are specified. Objects can inherit
+  permissions from their root object.`
 
 	cmd.Annotations = make(map[string]string)
 

cmd/workspace/warehouses/warehouses.go

@@ -686,8 +686,9 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set SQL warehouse permissions.`
 	cmd.Long = `Set SQL warehouse permissions.
   
-  Sets permissions on a SQL warehouse. SQL warehouses can inherit permissions
+  Sets permissions on an object, replacing existing permissions if they exist.
-  from their root object.
+  Deletes all direct permissions if none are specified. Objects can inherit
+  permissions from their root object.
 
   Arguments:
     WAREHOUSE_ID: The SQL warehouse for which to get or manage permissions.`

cmd/workspace/workspace/workspace.go

@@ -447,6 +447,7 @@ func newImport() *cobra.Command {
   DBC,
   HTML,
   JUPYTER,
+  RAW,
   R_MARKDOWN,
   SOURCE,
 ]`)
@@ -708,7 +709,8 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set workspace object permissions.`
 	cmd.Long = `Set workspace object permissions.
   
-  Sets permissions on a workspace object. Workspace objects can inherit
+  Sets permissions on an object, replacing existing permissions if they exist.
+  Deletes all direct permissions if none are specified. Objects can inherit
   permissions from their parent objects or root object.
 
   Arguments:

go.mod

@@ -7,7 +7,7 @@ toolchain go1.23.2
 require (
 	github.com/Masterminds/semver/v3 v3.3.0 // MIT
 	github.com/briandowns/spinner v1.23.1 // Apache 2.0
-	github.com/databricks/databricks-sdk-go v0.50.0 // Apache 2.0
+	github.com/databricks/databricks-sdk-go v0.51.0 // Apache 2.0
 	github.com/fatih/color v1.18.0 // MIT
 	github.com/ghodss/yaml v1.0.0 // MIT + NOTICE
 	github.com/google/uuid v1.6.0 // BSD-3-Clause

go.sum

@@ -32,8 +32,8 @@ github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGX
 github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg=
 github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4=
-github.com/databricks/databricks-sdk-go v0.50.0 h1:Zl4uBhYMT5z6aDojCQJPT2zCYjjfqxBQSQn8uLTphpo=
+github.com/databricks/databricks-sdk-go v0.51.0 h1:tcvB9TID3oUl0O8npccB5c+33tarBiYMBFbq4U4AB6M=
-github.com/databricks/databricks-sdk-go v0.50.0/go.mod h1:ds+zbv5mlQG7nFEU5ojLtgN/u0/9YzZmKQES/CfedzU=
+github.com/databricks/databricks-sdk-go v0.51.0/go.mod h1:ds+zbv5mlQG7nFEU5ojLtgN/u0/9YzZmKQES/CfedzU=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=