WIP

2024-11-13 09:58:30 +01:00 · 2024-11-13 09:58:30 +01:00 · c83ade86af
parent f80ebe15f8
commit c83ade86af
34 changed files with 1046 additions and 109 deletions
--- a/.codegen/_openapi_sha
+++ b/.codegen/_openapi_sha
@ -1 +1 @@
-cf9c61453990df0f9453670f2fe68e1b128647a2
+universe:/Users/hector.castejon/emu/universe
--- a/.gitattributes
+++ b/.gitattributes
@ -30,13 +30,14 @@ cmd/account/users/users.go linguist-generated=true
 cmd/account/vpc-endpoints/vpc-endpoints.go linguist-generated=true
 cmd/account/workspace-assignment/workspace-assignment.go linguist-generated=true
 cmd/account/workspaces/workspaces.go linguist-generated=true
 cmd/workspace/aibi-dashboard-embedding-access-policy/aibi-dashboard-embedding-access-policy.go linguist-generated=true
 cmd/workspace/aibi-dashboard-embedding-approved-domains/aibi-dashboard-embedding-approved-domains.go linguist-generated=true
 cmd/workspace/alerts-legacy/alerts-legacy.go linguist-generated=true
 cmd/workspace/alerts/alerts.go linguist-generated=true
 cmd/workspace/apps/apps.go linguist-generated=true
 cmd/workspace/artifact-allowlists/artifact-allowlists.go linguist-generated=true
 cmd/workspace/automatic-cluster-update/automatic-cluster-update.go linguist-generated=true
 cmd/workspace/catalogs/catalogs.go linguist-generated=true
 cmd/workspace/clean-rooms/clean-rooms.go linguist-generated=true
 cmd/workspace/cluster-policies/cluster-policies.go linguist-generated=true
 cmd/workspace/clusters/clusters.go linguist-generated=true
 cmd/workspace/cmd.go linguist-generated=true
@ -48,6 +49,7 @@ cmd/workspace/consumer-listings/consumer-listings.go linguist-generated=true
 cmd/workspace/consumer-personalization-requests/consumer-personalization-requests.go linguist-generated=true
 cmd/workspace/consumer-providers/consumer-providers.go linguist-generated=true
 cmd/workspace/credentials-manager/credentials-manager.go linguist-generated=true
 cmd/workspace/credentials/credentials.go linguist-generated=true
 cmd/workspace/current-user/current-user.go linguist-generated=true
 cmd/workspace/dashboard-widgets/dashboard-widgets.go linguist-generated=true
 cmd/workspace/dashboards/dashboards.go linguist-generated=true
@ -122,6 +124,3 @@ cmd/workspace/warehouses/warehouses.go linguist-generated=true
 cmd/workspace/workspace-bindings/workspace-bindings.go linguist-generated=true
 cmd/workspace/workspace-conf/workspace-conf.go linguist-generated=true
 cmd/workspace/workspace/workspace.go linguist-generated=true
 bundle/internal/tf/schema/\*.go linguist-generated=true
 go.sum linguist-generated=true
 bundle/schema/jsonschema.json linguist-generated=true
--- a/cmd/account/budgets/budgets.go
+++ b/cmd/account/budgets/budgets.go
@ -194,7 +194,7 @@ func newGet() *cobra.Command {
  configuration are specified by ID.
  Arguments:
-    BUDGET_ID: The Databricks budget configuration ID.`
+    BUDGET_ID: The budget configuration ID`
 	cmd.Annotations = make(map[string]string)
--- a/cmd/account/custom-app-integration/custom-app-integration.go
+++ b/cmd/account/custom-app-integration/custom-app-integration.go
@ -195,7 +195,10 @@ func newGet() *cobra.Command {
 	cmd.Short = `Get OAuth Custom App Integration.`
 	cmd.Long = `Get OAuth Custom App Integration.
-  Gets the Custom OAuth App Integration for the given integration id.`
+  Gets the Custom OAuth App Integration for the given integration id.
  Arguments:
    INTEGRATION_ID: The OAuth app integration ID.`
 	cmd.Annotations = make(map[string]string)
--- a/cmd/account/service-principal-secrets/service-principal-secrets.go
+++ b/cmd/account/service-principal-secrets/service-principal-secrets.go
@ -191,6 +191,8 @@ func newList() *cobra.Command {
 	// TODO: short flags
 	cmd.Flags().StringVar(&listReq.PageToken, "page-token", listReq.PageToken, `An opaque page token which was the next_page_token in the response of the previous request to list the secrets for this service principal.`)
 	cmd.Use = "list SERVICE_PRINCIPAL_ID"
 	cmd.Short = `List service principal secrets.`
 	cmd.Long = `List service principal secrets.
--- a/cmd/account/workspace-assignment/workspace-assignment.go
+++ b/cmd/account/workspace-assignment/workspace-assignment.go
@ -257,7 +257,7 @@ func newUpdate() *cobra.Command {
  workspace for the specified principal.
  Arguments:
-    WORKSPACE_ID: The workspace ID for the account.
+    WORKSPACE_ID: The workspace ID.
    PRINCIPAL_ID: The ID of the user, service principal, or group.`
 	cmd.Annotations = make(map[string]string)
--- a/cmd/account/workspaces/workspaces.go
+++ b/cmd/account/workspaces/workspaces.go
@ -81,6 +81,7 @@ func newCreate() *cobra.Command {
 	cmd.Flags().StringVar(&createReq.DeploymentName, "deployment-name", createReq.DeploymentName, `The deployment name defines part of the subdomain for the workspace.`)
 	// TODO: complex arg: gcp_managed_network_config
 	// TODO: complex arg: gke_config
 	cmd.Flags().BoolVar(&createReq.IsNoPublicIpEnabled, "is-no-public-ip-enabled", createReq.IsNoPublicIpEnabled, `Whether no public IP is enabled for the workspace.`)
 	cmd.Flags().StringVar(&createReq.Location, "location", createReq.Location, `The Google Cloud region of the workspace data plane in your Google account.`)
 	cmd.Flags().StringVar(&createReq.ManagedServicesCustomerManagedKeyId, "managed-services-customer-managed-key-id", createReq.ManagedServicesCustomerManagedKeyId, `The ID of the workspace's managed services encryption key configuration object.`)
 	cmd.Flags().StringVar(&createReq.NetworkId, "network-id", createReq.NetworkId, ``)
@ -420,6 +421,7 @@ func newUpdate() *cobra.Command {
 	cmd.Flags().StringVar(&updateReq.ManagedServicesCustomerManagedKeyId, "managed-services-customer-managed-key-id", updateReq.ManagedServicesCustomerManagedKeyId, `The ID of the workspace's managed services encryption key configuration object.`)
 	cmd.Flags().StringVar(&updateReq.NetworkConnectivityConfigId, "network-connectivity-config-id", updateReq.NetworkConnectivityConfigId, ``)
 	cmd.Flags().StringVar(&updateReq.NetworkId, "network-id", updateReq.NetworkId, `The ID of the workspace's network configuration object.`)
 	cmd.Flags().StringVar(&updateReq.PrivateAccessSettingsId, "private-access-settings-id", updateReq.PrivateAccessSettingsId, `The ID of the workspace's private access settings configuration object.`)
 	cmd.Flags().StringVar(&updateReq.StorageConfigurationId, "storage-configuration-id", updateReq.StorageConfigurationId, `The ID of the workspace's storage configuration object.`)
 	cmd.Flags().StringVar(&updateReq.StorageCustomerManagedKeyId, "storage-customer-managed-key-id", updateReq.StorageCustomerManagedKeyId, `The ID of the key configuration object for workspace storage.`)
--- a/cmd/workspace/aibi-dashboard-embedding-access-policy/aibi-dashboard-embedding-access-policy.go
+++ b/cmd/workspace/aibi-dashboard-embedding-access-policy/aibi-dashboard-embedding-access-policy.go
@ -0,0 +1,162 @@
 // Code generated from OpenAPI specs by Databricks SDK Generator. DO NOT EDIT.
 package aibi_dashboard_embedding_access_policy
 import (
 	"fmt"
 	"github.com/databricks/cli/cmd/root"
 	"github.com/databricks/cli/libs/cmdio"
 	"github.com/databricks/cli/libs/flags"
 	"github.com/databricks/databricks-sdk-go/service/settings"
 	"github.com/spf13/cobra"
 )
 // Slice with functions to override default command behavior.
 // Functions can be added from the `init()` function in manually curated files in this directory.
 var cmdOverrides []func(*cobra.Command)
 func New() *cobra.Command {
 	cmd := &cobra.Command{
 		Use:   "aibi-dashboard-embedding-access-policy",
 		Short: `Controls whether AI/BI published dashboard embedding is enabled, conditionally enabled, or disabled at the workspace level.`,
 		Long: `Controls whether AI/BI published dashboard embedding is enabled, conditionally
  enabled, or disabled at the workspace level. By default, this setting is
  conditionally enabled (ALLOW_APPROVED_DOMAINS).`,
 	}
 	// Add methods
 	cmd.AddCommand(newGet())
 	cmd.AddCommand(newUpdate())
 	// Apply optional overrides to this command.
 	for _, fn := range cmdOverrides {
 		fn(cmd)
 	}
 	return cmd
 }
 // start get command
 // Slice with functions to override default command behavior.
 // Functions can be added from the `init()` function in manually curated files in this directory.
 var getOverrides []func(
 	*cobra.Command,
 	*settings.GetAibiDashboardEmbeddingAccessPolicySettingRequest,
 )
 func newGet() *cobra.Command {
 	cmd := &cobra.Command{}
 	var getReq settings.GetAibiDashboardEmbeddingAccessPolicySettingRequest
 	// TODO: short flags
 	cmd.Flags().StringVar(&getReq.Etag, "etag", getReq.Etag, `etag used for versioning.`)
 	cmd.Use = "get"
 	cmd.Short = `Retrieve the AI/BI dashboard embedding access policy.`
 	cmd.Long = `Retrieve the AI/BI dashboard embedding access policy.
  Retrieves the AI/BI dashboard embedding access policy. The default setting is
  ALLOW_APPROVED_DOMAINS, permitting AI/BI dashboards to be embedded on approved
  domains.`
 	cmd.Annotations = make(map[string]string)
 	cmd.Args = func(cmd *cobra.Command, args []string) error {
 		check := root.ExactArgs(0)
 		return check(cmd, args)
 	}
 	cmd.PreRunE = root.MustWorkspaceClient
 	cmd.RunE = func(cmd *cobra.Command, args []string) (err error) {
 		ctx := cmd.Context()
 		w := root.WorkspaceClient(ctx)
 		response, err := w.Settings.AibiDashboardEmbeddingAccessPolicy().Get(ctx, getReq)
 		if err != nil {
 			return err
 		}
 		return cmdio.Render(ctx, response)
 	}
 	// Disable completions since they are not applicable.
 	// Can be overridden by manual implementation in `override.go`.
 	cmd.ValidArgsFunction = cobra.NoFileCompletions
 	// Apply optional overrides to this command.
 	for _, fn := range getOverrides {
 		fn(cmd, &getReq)
 	}
 	return cmd
 }
 // start update command
 // Slice with functions to override default command behavior.
 // Functions can be added from the `init()` function in manually curated files in this directory.
 var updateOverrides []func(
 	*cobra.Command,
 	*settings.UpdateAibiDashboardEmbeddingAccessPolicySettingRequest,
 )
 func newUpdate() *cobra.Command {
 	cmd := &cobra.Command{}
 	var updateReq settings.UpdateAibiDashboardEmbeddingAccessPolicySettingRequest
 	var updateJson flags.JsonFlag
 	// TODO: short flags
 	cmd.Flags().Var(&updateJson, "json", `either inline JSON string or @path/to/file.json with request body`)
 	cmd.Use = "update"
 	cmd.Short = `Update the AI/BI dashboard embedding access policy.`
 	cmd.Long = `Update the AI/BI dashboard embedding access policy.
  Updates the AI/BI dashboard embedding access policy at the workspace level.`
 	cmd.Annotations = make(map[string]string)
 	cmd.PreRunE = root.MustWorkspaceClient
 	cmd.RunE = func(cmd *cobra.Command, args []string) (err error) {
 		ctx := cmd.Context()
 		w := root.WorkspaceClient(ctx)
 		if cmd.Flags().Changed("json") {
 			diags := updateJson.Unmarshal(&updateReq)
 			if diags.HasError() {
 				return diags.Error()
 			}
 			if len(diags) > 0 {
 				err := cmdio.RenderDiagnosticsToErrorOut(ctx, diags)
 				if err != nil {
 					return err
 				}
 			}
 		} else {
 			return fmt.Errorf("please provide command input in JSON format by specifying the --json flag")
 		}
 		response, err := w.Settings.AibiDashboardEmbeddingAccessPolicy().Update(ctx, updateReq)
 		if err != nil {
 			return err
 		}
 		return cmdio.Render(ctx, response)
 	}
 	// Disable completions since they are not applicable.
 	// Can be overridden by manual implementation in `override.go`.
 	cmd.ValidArgsFunction = cobra.NoFileCompletions
 	// Apply optional overrides to this command.
 	for _, fn := range updateOverrides {
 		fn(cmd, &updateReq)
 	}
 	return cmd
 }
 // end service AibiDashboardEmbeddingAccessPolicy
--- a/cmd/workspace/aibi-dashboard-embedding-approved-domains/aibi-dashboard-embedding-approved-domains.go
+++ b/cmd/workspace/aibi-dashboard-embedding-approved-domains/aibi-dashboard-embedding-approved-domains.go
@ -0,0 +1,162 @@
 // Code generated from OpenAPI specs by Databricks SDK Generator. DO NOT EDIT.
 package aibi_dashboard_embedding_approved_domains
 import (
 	"fmt"
 	"github.com/databricks/cli/cmd/root"
 	"github.com/databricks/cli/libs/cmdio"
 	"github.com/databricks/cli/libs/flags"
 	"github.com/databricks/databricks-sdk-go/service/settings"
 	"github.com/spf13/cobra"
 )
 // Slice with functions to override default command behavior.
 // Functions can be added from the `init()` function in manually curated files in this directory.
 var cmdOverrides []func(*cobra.Command)
 func New() *cobra.Command {
 	cmd := &cobra.Command{
 		Use:   "aibi-dashboard-embedding-approved-domains",
 		Short: `Controls the list of domains approved to host the embedded AI/BI dashboards.`,
 		Long: `Controls the list of domains approved to host the embedded AI/BI dashboards.
  The approved domains list can't be mutated when the current access policy is
  not set to ALLOW_APPROVED_DOMAINS.`,
 	}
 	// Add methods
 	cmd.AddCommand(newGet())
 	cmd.AddCommand(newUpdate())
 	// Apply optional overrides to this command.
 	for _, fn := range cmdOverrides {
 		fn(cmd)
 	}
 	return cmd
 }
 // start get command
 // Slice with functions to override default command behavior.
 // Functions can be added from the `init()` function in manually curated files in this directory.
 var getOverrides []func(
 	*cobra.Command,
 	*settings.GetAibiDashboardEmbeddingApprovedDomainsSettingRequest,
 )
 func newGet() *cobra.Command {
 	cmd := &cobra.Command{}
 	var getReq settings.GetAibiDashboardEmbeddingApprovedDomainsSettingRequest
 	// TODO: short flags
 	cmd.Flags().StringVar(&getReq.Etag, "etag", getReq.Etag, `etag used for versioning.`)
 	cmd.Use = "get"
 	cmd.Short = `Retrieve the list of domains approved to host embedded AI/BI dashboards.`
 	cmd.Long = `Retrieve the list of domains approved to host embedded AI/BI dashboards.
  Retrieves the list of domains approved to host embedded AI/BI dashboards.`
 	cmd.Annotations = make(map[string]string)
 	cmd.Args = func(cmd *cobra.Command, args []string) error {
 		check := root.ExactArgs(0)
 		return check(cmd, args)
 	}
 	cmd.PreRunE = root.MustWorkspaceClient
 	cmd.RunE = func(cmd *cobra.Command, args []string) (err error) {
 		ctx := cmd.Context()
 		w := root.WorkspaceClient(ctx)
 		response, err := w.Settings.AibiDashboardEmbeddingApprovedDomains().Get(ctx, getReq)
 		if err != nil {
 			return err
 		}
 		return cmdio.Render(ctx, response)
 	}
 	// Disable completions since they are not applicable.
 	// Can be overridden by manual implementation in `override.go`.
 	cmd.ValidArgsFunction = cobra.NoFileCompletions
 	// Apply optional overrides to this command.
 	for _, fn := range getOverrides {
 		fn(cmd, &getReq)
 	}
 	return cmd
 }
 // start update command
 // Slice with functions to override default command behavior.
 // Functions can be added from the `init()` function in manually curated files in this directory.
 var updateOverrides []func(
 	*cobra.Command,
 	*settings.UpdateAibiDashboardEmbeddingApprovedDomainsSettingRequest,
 )
 func newUpdate() *cobra.Command {
 	cmd := &cobra.Command{}
 	var updateReq settings.UpdateAibiDashboardEmbeddingApprovedDomainsSettingRequest
 	var updateJson flags.JsonFlag
 	// TODO: short flags
 	cmd.Flags().Var(&updateJson, "json", `either inline JSON string or @path/to/file.json with request body`)
 	cmd.Use = "update"
 	cmd.Short = `Update the list of domains approved to host embedded AI/BI dashboards.`
 	cmd.Long = `Update the list of domains approved to host embedded AI/BI dashboards.
  Updates the list of domains approved to host embedded AI/BI dashboards. This
  update will fail if the current workspace access policy is not
  ALLOW_APPROVED_DOMAINS.`
 	cmd.Annotations = make(map[string]string)
 	cmd.PreRunE = root.MustWorkspaceClient
 	cmd.RunE = func(cmd *cobra.Command, args []string) (err error) {
 		ctx := cmd.Context()
 		w := root.WorkspaceClient(ctx)
 		if cmd.Flags().Changed("json") {
 			diags := updateJson.Unmarshal(&updateReq)
 			if diags.HasError() {
 				return diags.Error()
 			}
 			if len(diags) > 0 {
 				err := cmdio.RenderDiagnosticsToErrorOut(ctx, diags)
 				if err != nil {
 					return err
 				}
 			}
 		} else {
 			return fmt.Errorf("please provide command input in JSON format by specifying the --json flag")
 		}
 		response, err := w.Settings.AibiDashboardEmbeddingApprovedDomains().Update(ctx, updateReq)
 		if err != nil {
 			return err
 		}
 		return cmdio.Render(ctx, response)
 	}
 	// Disable completions since they are not applicable.
 	// Can be overridden by manual implementation in `override.go`.
 	cmd.ValidArgsFunction = cobra.NoFileCompletions
 	// Apply optional overrides to this command.
 	for _, fn := range updateOverrides {
 		fn(cmd, &updateReq)
 	}
 	return cmd
 }
 // end service AibiDashboardEmbeddingApprovedDomains
--- a/cmd/workspace/apps/apps.go
+++ b/cmd/workspace/apps/apps.go
@ -77,8 +77,7 @@ func newCreate() *cobra.Command {
 	// TODO: short flags
 	cmd.Flags().Var(&createJson, "json", `either inline JSON string or @path/to/file.json with request body`)
-	cmd.Flags().StringVar(&createReq.Description, "description", createReq.Description, `The description of the app.`)
+	// TODO: complex arg: app
 	// TODO: array: resources
 	cmd.Use = "create NAME"
 	cmd.Short = `Create an app.`
@ -93,13 +92,6 @@ func newCreate() *cobra.Command {
 	cmd.Annotations = make(map[string]string)
 	cmd.Args = func(cmd *cobra.Command, args []string) error {
 		if cmd.Flags().Changed("json") {
 			err := root.ExactArgs(0)(cmd, args)
 			if err != nil {
 				return fmt.Errorf("when --json flag is specified, no positional arguments are required. Provide 'name' in your JSON input")
 			}
 			return nil
 		}
 		check := root.ExactArgs(1)
 		return check(cmd, args)
 	}
@ -244,9 +236,7 @@ func newDeploy() *cobra.Command {
 	// TODO: short flags
 	cmd.Flags().Var(&deployJson, "json", `either inline JSON string or @path/to/file.json with request body`)
-	cmd.Flags().StringVar(&deployReq.DeploymentId, "deployment-id", deployReq.DeploymentId, `The unique id of the deployment.`)
+	// TODO: complex arg: app_deployment
 	cmd.Flags().Var(&deployReq.Mode, "mode", `The mode of which the deployment will manage the source code. Supported values: [AUTO_SYNC, SNAPSHOT]`)
 	cmd.Flags().StringVar(&deployReq.SourceCodePath, "source-code-path", deployReq.SourceCodePath, `The workspace file system path of the source code used to create the app deployment.`)
 	cmd.Use = "deploy APP_NAME"
 	cmd.Short = `Create an app deployment.`
@ -692,8 +682,9 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set app permissions.`
 	cmd.Long = `Set app permissions.
-  Sets permissions on an app. Apps can inherit permissions from their root
+  Sets permissions on an object, replacing existing permissions if they exist.
-  object.
+  Deletes all direct permissions if none are specified. Objects can inherit
  permissions from their root object.
  Arguments:
    APP_NAME: The app for which to get or manage permissions.`
@ -925,23 +916,24 @@ func newUpdate() *cobra.Command {
 	// TODO: short flags
 	cmd.Flags().Var(&updateJson, "json", `either inline JSON string or @path/to/file.json with request body`)
-	cmd.Flags().StringVar(&updateReq.Description, "description", updateReq.Description, `The description of the app.`)
+	// TODO: complex arg: app
 	// TODO: array: resources
-	cmd.Use = "update NAME"
+	cmd.Use = "update NAME NAME"
 	cmd.Short = `Update an app.`
 	cmd.Long = `Update an app.
  Updates the app with the supplied name.
  Arguments:
    NAME: The name of the app. The name must contain only lowercase alphanumeric
      characters and hyphens. It must be unique within the workspace.
    NAME: The name of the app. The name must contain only lowercase alphanumeric
      characters and hyphens. It must be unique within the workspace.`
 	cmd.Annotations = make(map[string]string)
 	cmd.Args = func(cmd *cobra.Command, args []string) error {
-		check := root.ExactArgs(1)
+		check := root.ExactArgs(2)
 		return check(cmd, args)
 	}
@ -963,6 +955,9 @@ func newUpdate() *cobra.Command {
 			}
 		}
 		updateReq.Name = args[0]
 		if !cmd.Flags().Changed("json") {
 			updateReq.Name = args[1]
 		}
 		response, err := w.Apps.Update(ctx, updateReq)
 		if err != nil {
--- a/cmd/workspace/cluster-policies/cluster-policies.go
+++ b/cmd/workspace/cluster-policies/cluster-policies.go
@ -634,8 +634,9 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set cluster policy permissions.`
 	cmd.Long = `Set cluster policy permissions.
-  Sets permissions on a cluster policy. Cluster policies can inherit permissions
+  Sets permissions on an object, replacing existing permissions if they exist.
-  from their root object.
+  Deletes all direct permissions if none are specified. Objects can inherit
  permissions from their root object.
  Arguments:
    CLUSTER_POLICY_ID: The cluster policy for which to get or manage permissions.`
--- a/cmd/workspace/clusters/clusters.go
+++ b/cmd/workspace/clusters/clusters.go
@ -512,7 +512,7 @@ func newEdit() *cobra.Command {
  Clusters created by the Databricks Jobs service cannot be edited.
  Arguments:
-    CLUSTER_ID: ID of the cluser
+    CLUSTER_ID: ID of the cluster
    SPARK_VERSION: The Spark version of the cluster, e.g. 3.3.x-scala2.11. A list of
      available Spark versions can be retrieved by using the
      :method:clusters/sparkVersions API call.`
@ -1504,8 +1504,9 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set cluster permissions.`
 	cmd.Long = `Set cluster permissions.
-  Sets permissions on a cluster. Clusters can inherit permissions from their
+  Sets permissions on an object, replacing existing permissions if they exist.
-  root object.
+  Deletes all direct permissions if none are specified. Objects can inherit
  permissions from their root object.
  Arguments:
    CLUSTER_ID: The cluster for which to get or manage permissions.`
--- a/cmd/workspace/cmd.go
+++ b/cmd/workspace/cmd.go
@ -8,7 +8,6 @@ import (
 	apps "github.com/databricks/cli/cmd/workspace/apps"
 	artifact_allowlists "github.com/databricks/cli/cmd/workspace/artifact-allowlists"
 	catalogs "github.com/databricks/cli/cmd/workspace/catalogs"
 	clean_rooms "github.com/databricks/cli/cmd/workspace/clean-rooms"
 	cluster_policies "github.com/databricks/cli/cmd/workspace/cluster-policies"
 	clusters "github.com/databricks/cli/cmd/workspace/clusters"
 	connections "github.com/databricks/cli/cmd/workspace/connections"
@ -17,6 +16,7 @@ import (
 	consumer_listings "github.com/databricks/cli/cmd/workspace/consumer-listings"
 	consumer_personalization_requests "github.com/databricks/cli/cmd/workspace/consumer-personalization-requests"
 	consumer_providers "github.com/databricks/cli/cmd/workspace/consumer-providers"
 	credentials "github.com/databricks/cli/cmd/workspace/credentials"
 	credentials_manager "github.com/databricks/cli/cmd/workspace/credentials-manager"
 	current_user "github.com/databricks/cli/cmd/workspace/current-user"
 	dashboard_widgets "github.com/databricks/cli/cmd/workspace/dashboard-widgets"
@ -98,7 +98,6 @@ func All() []*cobra.Command {
 	out = append(out, apps.New())
 	out = append(out, artifact_allowlists.New())
 	out = append(out, catalogs.New())
 	out = append(out, clean_rooms.New())
 	out = append(out, cluster_policies.New())
 	out = append(out, clusters.New())
 	out = append(out, connections.New())
@ -107,6 +106,7 @@ func All() []*cobra.Command {
 	out = append(out, consumer_listings.New())
 	out = append(out, consumer_personalization_requests.New())
 	out = append(out, consumer_providers.New())
 	out = append(out, credentials.New())
 	out = append(out, credentials_manager.New())
 	out = append(out, current_user.New())
 	out = append(out, dashboard_widgets.New())
--- a/cmd/workspace/credentials/credentials.go
+++ b/cmd/workspace/credentials/credentials.go
@ -0,0 +1,592 @@
 // Code generated from OpenAPI specs by Databricks SDK Generator. DO NOT EDIT.
 package credentials
 import (
 	"fmt"
 	"github.com/databricks/cli/cmd/root"
 	"github.com/databricks/cli/libs/cmdio"
 	"github.com/databricks/cli/libs/flags"
 	"github.com/databricks/databricks-sdk-go/service/catalog"
 	"github.com/spf13/cobra"
 )
 // Slice with functions to override default command behavior.
 // Functions can be added from the `init()` function in manually curated files in this directory.
 var cmdOverrides []func(*cobra.Command)
 func New() *cobra.Command {
 	cmd := &cobra.Command{
 		Use:   "credentials",
 		Short: `A credential represents an authentication and authorization mechanism for accessing services on your cloud tenant.`,
 		Long: `A credential represents an authentication and authorization mechanism for
  accessing services on your cloud tenant. Each credential is subject to Unity
  Catalog access-control policies that control which users and groups can access
  the credential.
  To create credentials, you must be a Databricks account admin or have the
  CREATE SERVICE CREDENTIAL privilege. The user who creates the credential can
  delegate ownership to another user or group to manage permissions on it`,
 		GroupID: "catalog",
 		Annotations: map[string]string{
 			"package": "catalog",
 		},
 	}
 	// Add methods
 	cmd.AddCommand(newCreateCredential())
 	cmd.AddCommand(newDeleteCredential())
 	cmd.AddCommand(newGenerateTemporaryServiceCredential())
 	cmd.AddCommand(newGetCredential())
 	cmd.AddCommand(newListCredentials())
 	cmd.AddCommand(newUpdateCredential())
 	cmd.AddCommand(newValidateCredential())
 	// Apply optional overrides to this command.
 	for _, fn := range cmdOverrides {
 		fn(cmd)
 	}
 	return cmd
 }
 // start create-credential command
 // Slice with functions to override default command behavior.
 // Functions can be added from the `init()` function in manually curated files in this directory.
 var createCredentialOverrides []func(
 	*cobra.Command,
 	*catalog.CreateCredentialRequest,
 )
 func newCreateCredential() *cobra.Command {
 	cmd := &cobra.Command{}
 	var createCredentialReq catalog.CreateCredentialRequest
 	var createCredentialJson flags.JsonFlag
 	// TODO: short flags
 	cmd.Flags().Var(&createCredentialJson, "json", `either inline JSON string or @path/to/file.json with request body`)
 	// TODO: complex arg: aws_iam_role
 	// TODO: complex arg: azure_managed_identity
 	// TODO: complex arg: azure_service_principal
 	cmd.Flags().StringVar(&createCredentialReq.Comment, "comment", createCredentialReq.Comment, `Comment associated with the credential.`)
 	// TODO: complex arg: gcp_service_account_key
 	cmd.Flags().Var(&createCredentialReq.Purpose, "purpose", `Indicates the purpose of the credential. Supported values: [SERVICE, STORAGE]`)
 	cmd.Flags().BoolVar(&createCredentialReq.ReadOnly, "read-only", createCredentialReq.ReadOnly, `Whether the credential is usable only for read operations.`)
 	cmd.Flags().BoolVar(&createCredentialReq.SkipValidation, "skip-validation", createCredentialReq.SkipValidation, `Optional.`)
 	cmd.Use = "create-credential NAME"
 	cmd.Short = `Create a credential.`
 	cmd.Long = `Create a credential.
  Creates a new credential. The type of credential to be created is determined
  by the **purpose** field, which should be either **SERVICE** or **STORAGE**.
  The caller must be a metastore admin or have the metastore privilege
  **CREATE_STORAGE_CREDENTIAL** for storage credentials, or
  **CREATE_SERVICE_CREDENTIAL** for service credentials.
  Arguments:
    NAME: The credential name. The name must be unique among storage and service
      credentials within the metastore.`
 	cmd.Annotations = make(map[string]string)
 	cmd.Args = func(cmd *cobra.Command, args []string) error {
 		if cmd.Flags().Changed("json") {
 			err := root.ExactArgs(0)(cmd, args)
 			if err != nil {
 				return fmt.Errorf("when --json flag is specified, no positional arguments are required. Provide 'name' in your JSON input")
 			}
 			return nil
 		}
 		check := root.ExactArgs(1)
 		return check(cmd, args)
 	}
 	cmd.PreRunE = root.MustWorkspaceClient
 	cmd.RunE = func(cmd *cobra.Command, args []string) (err error) {
 		ctx := cmd.Context()
 		w := root.WorkspaceClient(ctx)
 		if cmd.Flags().Changed("json") {
 			diags := createCredentialJson.Unmarshal(&createCredentialReq)
 			if diags.HasError() {
 				return diags.Error()
 			}
 			if len(diags) > 0 {
 				err := cmdio.RenderDiagnosticsToErrorOut(ctx, diags)
 				if err != nil {
 					return err
 				}
 			}
 		}
 		if !cmd.Flags().Changed("json") {
 			createCredentialReq.Name = args[0]
 		}
 		response, err := w.Credentials.CreateCredential(ctx, createCredentialReq)
 		if err != nil {
 			return err
 		}
 		return cmdio.Render(ctx, response)
 	}
 	// Disable completions since they are not applicable.
 	// Can be overridden by manual implementation in `override.go`.
 	cmd.ValidArgsFunction = cobra.NoFileCompletions
 	// Apply optional overrides to this command.
 	for _, fn := range createCredentialOverrides {
 		fn(cmd, &createCredentialReq)
 	}
 	return cmd
 }
 // start delete-credential command
 // Slice with functions to override default command behavior.
 // Functions can be added from the `init()` function in manually curated files in this directory.
 var deleteCredentialOverrides []func(
 	*cobra.Command,
 	*catalog.DeleteCredentialRequest,
 )
 func newDeleteCredential() *cobra.Command {
 	cmd := &cobra.Command{}
 	var deleteCredentialReq catalog.DeleteCredentialRequest
 	// TODO: short flags
 	cmd.Flags().BoolVar(&deleteCredentialReq.Force, "force", deleteCredentialReq.Force, `Force an update even if there are dependent services (when purpose is **SERVICE**) or dependent external locations and external tables (when purpose is **STORAGE**).`)
 	cmd.Use = "delete-credential NAME_ARG"
 	cmd.Short = `Delete a credential.`
 	cmd.Long = `Delete a credential.
  Deletes a service or storage credential from the metastore. The caller must be
  an owner of the credential.
  Arguments:
    NAME_ARG: Name of the credential.`
 	cmd.Annotations = make(map[string]string)
 	cmd.Args = func(cmd *cobra.Command, args []string) error {
 		check := root.ExactArgs(1)
 		return check(cmd, args)
 	}
 	cmd.PreRunE = root.MustWorkspaceClient
 	cmd.RunE = func(cmd *cobra.Command, args []string) (err error) {
 		ctx := cmd.Context()
 		w := root.WorkspaceClient(ctx)
 		deleteCredentialReq.NameArg = args[0]
 		err = w.Credentials.DeleteCredential(ctx, deleteCredentialReq)
 		if err != nil {
 			return err
 		}
 		return nil
 	}
 	// Disable completions since they are not applicable.
 	// Can be overridden by manual implementation in `override.go`.
 	cmd.ValidArgsFunction = cobra.NoFileCompletions
 	// Apply optional overrides to this command.
 	for _, fn := range deleteCredentialOverrides {
 		fn(cmd, &deleteCredentialReq)
 	}
 	return cmd
 }
 // start generate-temporary-service-credential command
 // Slice with functions to override default command behavior.
 // Functions can be added from the `init()` function in manually curated files in this directory.
 var generateTemporaryServiceCredentialOverrides []func(
 	*cobra.Command,
 	*catalog.GenerateTemporaryServiceCredentialRequest,
 )
 func newGenerateTemporaryServiceCredential() *cobra.Command {
 	cmd := &cobra.Command{}
 	var generateTemporaryServiceCredentialReq catalog.GenerateTemporaryServiceCredentialRequest
 	var generateTemporaryServiceCredentialJson flags.JsonFlag
 	// TODO: short flags
 	cmd.Flags().Var(&generateTemporaryServiceCredentialJson, "json", `either inline JSON string or @path/to/file.json with request body`)
 	// TODO: complex arg: azure_options
 	cmd.Use = "generate-temporary-service-credential CREDENTIAL_NAME"
 	cmd.Short = `Generate a temporary service credential.`
 	cmd.Long = `Generate a temporary service credential.
  Returns a set of temporary credentials generated using the specified service
  credential. The caller must be a metastore admin or have the metastore
  privilege **ACCESS** on the service credential.
  Arguments:
    CREDENTIAL_NAME: The name of the service credential used to generate a temporary credential`
 	cmd.Annotations = make(map[string]string)
 	cmd.Args = func(cmd *cobra.Command, args []string) error {
 		if cmd.Flags().Changed("json") {
 			err := root.ExactArgs(0)(cmd, args)
 			if err != nil {
 				return fmt.Errorf("when --json flag is specified, no positional arguments are required. Provide 'credential_name' in your JSON input")
 			}
 			return nil
 		}
 		check := root.ExactArgs(1)
 		return check(cmd, args)
 	}
 	cmd.PreRunE = root.MustWorkspaceClient
 	cmd.RunE = func(cmd *cobra.Command, args []string) (err error) {
 		ctx := cmd.Context()
 		w := root.WorkspaceClient(ctx)
 		if cmd.Flags().Changed("json") {
 			diags := generateTemporaryServiceCredentialJson.Unmarshal(&generateTemporaryServiceCredentialReq)
 			if diags.HasError() {
 				return diags.Error()
 			}
 			if len(diags) > 0 {
 				err := cmdio.RenderDiagnosticsToErrorOut(ctx, diags)
 				if err != nil {
 					return err
 				}
 			}
 		}
 		if !cmd.Flags().Changed("json") {
 			generateTemporaryServiceCredentialReq.CredentialName = args[0]
 		}
 		response, err := w.Credentials.GenerateTemporaryServiceCredential(ctx, generateTemporaryServiceCredentialReq)
 		if err != nil {
 			return err
 		}
 		return cmdio.Render(ctx, response)
 	}
 	// Disable completions since they are not applicable.
 	// Can be overridden by manual implementation in `override.go`.
 	cmd.ValidArgsFunction = cobra.NoFileCompletions
 	// Apply optional overrides to this command.
 	for _, fn := range generateTemporaryServiceCredentialOverrides {
 		fn(cmd, &generateTemporaryServiceCredentialReq)
 	}
 	return cmd
 }
 // start get-credential command
 // Slice with functions to override default command behavior.
 // Functions can be added from the `init()` function in manually curated files in this directory.
 var getCredentialOverrides []func(
 	*cobra.Command,
 	*catalog.GetCredentialRequest,
 )
 func newGetCredential() *cobra.Command {
 	cmd := &cobra.Command{}
 	var getCredentialReq catalog.GetCredentialRequest
 	// TODO: short flags
 	cmd.Use = "get-credential NAME_ARG"
 	cmd.Short = `Get a credential.`
 	cmd.Long = `Get a credential.
  Gets a service or storage credential from the metastore. The caller must be a
  metastore admin, the owner of the credential, or have any permission on the
  credential.
  Arguments:
    NAME_ARG: Name of the credential.`
 	cmd.Annotations = make(map[string]string)
 	cmd.Args = func(cmd *cobra.Command, args []string) error {
 		check := root.ExactArgs(1)
 		return check(cmd, args)
 	}
 	cmd.PreRunE = root.MustWorkspaceClient
 	cmd.RunE = func(cmd *cobra.Command, args []string) (err error) {
 		ctx := cmd.Context()
 		w := root.WorkspaceClient(ctx)
 		getCredentialReq.NameArg = args[0]
 		response, err := w.Credentials.GetCredential(ctx, getCredentialReq)
 		if err != nil {
 			return err
 		}
 		return cmdio.Render(ctx, response)
 	}
 	// Disable completions since they are not applicable.
 	// Can be overridden by manual implementation in `override.go`.
 	cmd.ValidArgsFunction = cobra.NoFileCompletions
 	// Apply optional overrides to this command.
 	for _, fn := range getCredentialOverrides {
 		fn(cmd, &getCredentialReq)
 	}
 	return cmd
 }
 // start list-credentials command
 // Slice with functions to override default command behavior.
 // Functions can be added from the `init()` function in manually curated files in this directory.
 var listCredentialsOverrides []func(
 	*cobra.Command,
 	*catalog.ListCredentialsRequest,
 )
 func newListCredentials() *cobra.Command {
 	cmd := &cobra.Command{}
 	var listCredentialsReq catalog.ListCredentialsRequest
 	// TODO: short flags
 	cmd.Flags().IntVar(&listCredentialsReq.MaxResults, "max-results", listCredentialsReq.MaxResults, `Maximum number of credentials to return.`)
 	cmd.Flags().StringVar(&listCredentialsReq.PageToken, "page-token", listCredentialsReq.PageToken, `Opaque token to retrieve the next page of results.`)
 	cmd.Flags().Var(&listCredentialsReq.Purpose, "purpose", `Return only credentials for the specified purpose. Supported values: [SERVICE, STORAGE]`)
 	cmd.Use = "list-credentials"
 	cmd.Short = `List credentials.`
 	cmd.Long = `List credentials.
  Gets an array of credentials (as __CredentialInfo__ objects).
  The array is limited to only the credentials that the caller has permission to
  access. If the caller is a metastore admin, retrieval of credentials is
  unrestricted. There is no guarantee of a specific ordering of the elements in
  the array.`
 	cmd.Annotations = make(map[string]string)
 	cmd.Args = func(cmd *cobra.Command, args []string) error {
 		check := root.ExactArgs(0)
 		return check(cmd, args)
 	}
 	cmd.PreRunE = root.MustWorkspaceClient
 	cmd.RunE = func(cmd *cobra.Command, args []string) (err error) {
 		ctx := cmd.Context()
 		w := root.WorkspaceClient(ctx)
 		response := w.Credentials.ListCredentials(ctx, listCredentialsReq)
 		return cmdio.RenderIterator(ctx, response)
 	}
 	// Disable completions since they are not applicable.
 	// Can be overridden by manual implementation in `override.go`.
 	cmd.ValidArgsFunction = cobra.NoFileCompletions
 	// Apply optional overrides to this command.
 	for _, fn := range listCredentialsOverrides {
 		fn(cmd, &listCredentialsReq)
 	}
 	return cmd
 }
 // start update-credential command
 // Slice with functions to override default command behavior.
 // Functions can be added from the `init()` function in manually curated files in this directory.
 var updateCredentialOverrides []func(
 	*cobra.Command,
 	*catalog.UpdateCredentialRequest,
 )
 func newUpdateCredential() *cobra.Command {
 	cmd := &cobra.Command{}
 	var updateCredentialReq catalog.UpdateCredentialRequest
 	var updateCredentialJson flags.JsonFlag
 	// TODO: short flags
 	cmd.Flags().Var(&updateCredentialJson, "json", `either inline JSON string or @path/to/file.json with request body`)
 	// TODO: complex arg: aws_iam_role
 	// TODO: complex arg: azure_managed_identity
 	// TODO: complex arg: azure_service_principal
 	cmd.Flags().StringVar(&updateCredentialReq.Comment, "comment", updateCredentialReq.Comment, `Comment associated with the credential.`)
 	cmd.Flags().BoolVar(&updateCredentialReq.Force, "force", updateCredentialReq.Force, `Force an update even if there are dependent services (when purpose is **SERVICE**) or dependent external locations and external tables (when purpose is **STORAGE**).`)
 	cmd.Flags().Var(&updateCredentialReq.IsolationMode, "isolation-mode", `Whether the current securable is accessible from all workspaces or a specific set of workspaces. Supported values: [ISOLATION_MODE_ISOLATED, ISOLATION_MODE_OPEN]`)
 	cmd.Flags().StringVar(&updateCredentialReq.NewName, "new-name", updateCredentialReq.NewName, `New name of credential.`)
 	cmd.Flags().StringVar(&updateCredentialReq.Owner, "owner", updateCredentialReq.Owner, `Username of current owner of credential.`)
 	cmd.Flags().BoolVar(&updateCredentialReq.ReadOnly, "read-only", updateCredentialReq.ReadOnly, `Whether the credential is usable only for read operations.`)
 	cmd.Flags().BoolVar(&updateCredentialReq.SkipValidation, "skip-validation", updateCredentialReq.SkipValidation, `Supply true to this argument to skip validation of the updated credential.`)
 	cmd.Use = "update-credential NAME_ARG"
 	cmd.Short = `Update a credential.`
 	cmd.Long = `Update a credential.
  Updates a service or storage credential on the metastore.
  The caller must be the owner of the credential or a metastore admin or have
  the MANAGE permission. If the caller is a metastore admin, only the
  __owner__ field can be changed.
  Arguments:
    NAME_ARG: Name of the credential.`
 	cmd.Annotations = make(map[string]string)
 	cmd.Args = func(cmd *cobra.Command, args []string) error {
 		check := root.ExactArgs(1)
 		return check(cmd, args)
 	}
 	cmd.PreRunE = root.MustWorkspaceClient
 	cmd.RunE = func(cmd *cobra.Command, args []string) (err error) {
 		ctx := cmd.Context()
 		w := root.WorkspaceClient(ctx)
 		if cmd.Flags().Changed("json") {
 			diags := updateCredentialJson.Unmarshal(&updateCredentialReq)
 			if diags.HasError() {
 				return diags.Error()
 			}
 			if len(diags) > 0 {
 				err := cmdio.RenderDiagnosticsToErrorOut(ctx, diags)
 				if err != nil {
 					return err
 				}
 			}
 		}
 		updateCredentialReq.NameArg = args[0]
 		response, err := w.Credentials.UpdateCredential(ctx, updateCredentialReq)
 		if err != nil {
 			return err
 		}
 		return cmdio.Render(ctx, response)
 	}
 	// Disable completions since they are not applicable.
 	// Can be overridden by manual implementation in `override.go`.
 	cmd.ValidArgsFunction = cobra.NoFileCompletions
 	// Apply optional overrides to this command.
 	for _, fn := range updateCredentialOverrides {
 		fn(cmd, &updateCredentialReq)
 	}
 	return cmd
 }
 // start validate-credential command
 // Slice with functions to override default command behavior.
 // Functions can be added from the `init()` function in manually curated files in this directory.
 var validateCredentialOverrides []func(
 	*cobra.Command,
 	*catalog.ValidateCredentialRequest,
 )
 func newValidateCredential() *cobra.Command {
 	cmd := &cobra.Command{}
 	var validateCredentialReq catalog.ValidateCredentialRequest
 	var validateCredentialJson flags.JsonFlag
 	// TODO: short flags
 	cmd.Flags().Var(&validateCredentialJson, "json", `either inline JSON string or @path/to/file.json with request body`)
 	// TODO: complex arg: aws_iam_role
 	// TODO: complex arg: azure_managed_identity
 	cmd.Flags().StringVar(&validateCredentialReq.CredentialName, "credential-name", validateCredentialReq.CredentialName, `Required.`)
 	cmd.Flags().StringVar(&validateCredentialReq.ExternalLocationName, "external-location-name", validateCredentialReq.ExternalLocationName, `The name of an existing external location to validate.`)
 	cmd.Flags().Var(&validateCredentialReq.Purpose, "purpose", `The purpose of the credential. Supported values: [SERVICE, STORAGE]`)
 	cmd.Flags().BoolVar(&validateCredentialReq.ReadOnly, "read-only", validateCredentialReq.ReadOnly, `Whether the credential is only usable for read operations.`)
 	cmd.Flags().StringVar(&validateCredentialReq.Url, "url", validateCredentialReq.Url, `The external location url to validate.`)
 	cmd.Use = "validate-credential"
 	cmd.Short = `Validate a credential.`
 	cmd.Long = `Validate a credential.
  Validates a credential.
  For service credentials (purpose is **SERVICE**), either the
  __credential_name__ or the cloud-specific credential must be provided.
  For storage credentials (purpose is **STORAGE**), at least one of
  __external_location_name__ and __url__ need to be provided. If only one of
  them is provided, it will be used for validation. And if both are provided,
  the __url__ will be used for validation, and __external_location_name__ will
  be ignored when checking overlapping urls. Either the __credential_name__ or
  the cloud-specific credential must be provided.
  The caller must be a metastore admin or the credential owner or have the
  required permission on the metastore and the credential (e.g.,
  **CREATE_EXTERNAL_LOCATION** when purpose is **STORAGE**).`
 	cmd.Annotations = make(map[string]string)
 	cmd.Args = func(cmd *cobra.Command, args []string) error {
 		check := root.ExactArgs(0)
 		return check(cmd, args)
 	}
 	cmd.PreRunE = root.MustWorkspaceClient
 	cmd.RunE = func(cmd *cobra.Command, args []string) (err error) {
 		ctx := cmd.Context()
 		w := root.WorkspaceClient(ctx)
 		if cmd.Flags().Changed("json") {
 			diags := validateCredentialJson.Unmarshal(&validateCredentialReq)
 			if diags.HasError() {
 				return diags.Error()
 			}
 			if len(diags) > 0 {
 				err := cmdio.RenderDiagnosticsToErrorOut(ctx, diags)
 				if err != nil {
 					return err
 				}
 			}
 		}
 		response, err := w.Credentials.ValidateCredential(ctx, validateCredentialReq)
 		if err != nil {
 			return err
 		}
 		return cmdio.Render(ctx, response)
 	}
 	// Disable completions since they are not applicable.
 	// Can be overridden by manual implementation in `override.go`.
 	cmd.ValidArgsFunction = cobra.NoFileCompletions
 	// Apply optional overrides to this command.
 	for _, fn := range validateCredentialOverrides {
 		fn(cmd, &validateCredentialReq)
 	}
 	return cmd
 }
 // end service Credentials
--- a/cmd/workspace/experiments/experiments.go
+++ b/cmd/workspace/experiments/experiments.go
@ -2034,8 +2034,9 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set experiment permissions.`
 	cmd.Long = `Set experiment permissions.
-  Sets permissions on an experiment. Experiments can inherit permissions from
+  Sets permissions on an object, replacing existing permissions if they exist.
-  their root object.
+  Deletes all direct permissions if none are specified. Objects can inherit
  permissions from their root object.
  Arguments:
    EXPERIMENT_ID: The experiment for which to get or manage permissions.`
--- a/cmd/workspace/external-locations/external-locations.go
+++ b/cmd/workspace/external-locations/external-locations.go
@ -356,7 +356,7 @@ func newUpdate() *cobra.Command {
 	// TODO: complex arg: encryption_details
 	cmd.Flags().BoolVar(&updateReq.Fallback, "fallback", updateReq.Fallback, `Indicates whether fallback mode is enabled for this external location.`)
 	cmd.Flags().BoolVar(&updateReq.Force, "force", updateReq.Force, `Force update even if changing url invalidates dependent external tables or mounts.`)
-	cmd.Flags().Var(&updateReq.IsolationMode, "isolation-mode", `Whether the current securable is accessible from all workspaces or a specific set of workspaces. Supported values: [ISOLATION_MODE_ISOLATED, ISOLATION_MODE_OPEN]`)
+	cmd.Flags().Var(&updateReq.IsolationMode, "isolation-mode", `. Supported values: [ISOLATION_MODE_ISOLATED, ISOLATION_MODE_OPEN]`)
 	cmd.Flags().StringVar(&updateReq.NewName, "new-name", updateReq.NewName, `New name for the external location.`)
 	cmd.Flags().StringVar(&updateReq.Owner, "owner", updateReq.Owner, `The owner of the external location.`)
 	cmd.Flags().BoolVar(&updateReq.ReadOnly, "read-only", updateReq.ReadOnly, `Indicates whether the external location is read-only.`)
--- a/cmd/workspace/genie/genie.go
+++ b/cmd/workspace/genie/genie.go
@ -160,13 +160,13 @@ func newCreateMessage() *cobra.Command {
 // Functions can be added from the `init()` function in manually curated files in this directory.
 var executeMessageQueryOverrides []func(
 	*cobra.Command,
-	*dashboards.ExecuteMessageQueryRequest,
+	*dashboards.GenieExecuteMessageQueryRequest,
 )
 func newExecuteMessageQuery() *cobra.Command {
 	cmd := &cobra.Command{}
-	var executeMessageQueryReq dashboards.ExecuteMessageQueryRequest
+	var executeMessageQueryReq dashboards.GenieExecuteMessageQueryRequest
 	// TODO: short flags
--- a/cmd/workspace/instance-pools/instance-pools.go
+++ b/cmd/workspace/instance-pools/instance-pools.go
@ -635,8 +635,9 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set instance pool permissions.`
 	cmd.Long = `Set instance pool permissions.
-  Sets permissions on an instance pool. Instance pools can inherit permissions
+  Sets permissions on an object, replacing existing permissions if they exist.
-  from their root object.
+  Deletes all direct permissions if none are specified. Objects can inherit
  permissions from their root object.
  Arguments:
    INSTANCE_POOL_ID: The instance pool for which to get or manage permissions.`
--- a/cmd/workspace/jobs/jobs.go
+++ b/cmd/workspace/jobs/jobs.go
@ -847,7 +847,7 @@ func newGetRun() *cobra.Command {
 	cmd.Flags().BoolVar(&getRunReq.IncludeHistory, "include-history", getRunReq.IncludeHistory, `Whether to include the repair history in the response.`)
 	cmd.Flags().BoolVar(&getRunReq.IncludeResolvedValues, "include-resolved-values", getRunReq.IncludeResolvedValues, `Whether to include resolved parameter values in the response.`)
-	cmd.Flags().StringVar(&getRunReq.PageToken, "page-token", getRunReq.PageToken, `To list the next page or the previous page of job tasks, set this field to the value of the next_page_token or prev_page_token returned in the GetJob response.`)
+	cmd.Flags().StringVar(&getRunReq.PageToken, "page-token", getRunReq.PageToken, `To list the next page of job tasks, set this field to the value of the next_page_token returned in the GetJob response.`)
 	cmd.Use = "get-run RUN_ID"
 	cmd.Short = `Get a single job run.`
@ -1339,6 +1339,7 @@ func newRunNow() *cobra.Command {
 	// TODO: array: jar_params
 	// TODO: map via StringToStringVar: job_parameters
 	// TODO: map via StringToStringVar: notebook_params
 	// TODO: array: only
 	// TODO: complex arg: pipeline_params
 	// TODO: map via StringToStringVar: python_named_params
 	// TODO: array: python_params
@ -1470,8 +1471,9 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set job permissions.`
 	cmd.Long = `Set job permissions.
-  Sets permissions on a job. Jobs can inherit permissions from their root
+  Sets permissions on an object, replacing existing permissions if they exist.
-  object.
+  Deletes all direct permissions if none are specified. Objects can inherit
  permissions from their root object.
  Arguments:
    JOB_ID: The job for which to get or manage permissions.`
--- a/cmd/workspace/lakeview/lakeview.go
+++ b/cmd/workspace/lakeview/lakeview.go
@ -75,30 +75,18 @@ func newCreate() *cobra.Command {
 	// TODO: short flags
 	cmd.Flags().Var(&createJson, "json", `either inline JSON string or @path/to/file.json with request body`)
-	cmd.Flags().StringVar(&createReq.ParentPath, "parent-path", createReq.ParentPath, `The workspace path of the folder containing the dashboard.`)
+	// TODO: complex arg: dashboard
 	cmd.Flags().StringVar(&createReq.SerializedDashboard, "serialized-dashboard", createReq.SerializedDashboard, `The contents of the dashboard in serialized string form.`)
 	cmd.Flags().StringVar(&createReq.WarehouseId, "warehouse-id", createReq.WarehouseId, `The warehouse ID used to run the dashboard.`)
-	cmd.Use = "create DISPLAY_NAME"
+	cmd.Use = "create"
 	cmd.Short = `Create dashboard.`
 	cmd.Long = `Create dashboard.
-  Create a draft dashboard.
+  Create a draft dashboard.`
  Arguments:
    DISPLAY_NAME: The display name of the dashboard.`
 	cmd.Annotations = make(map[string]string)
 	cmd.Args = func(cmd *cobra.Command, args []string) error {
-		if cmd.Flags().Changed("json") {
+		check := root.ExactArgs(0)
 			err := root.ExactArgs(0)(cmd, args)
 			if err != nil {
 				return fmt.Errorf("when --json flag is specified, no positional arguments are required. Provide 'display_name' in your JSON input")
 			}
 			return nil
 		}
 		check := root.ExactArgs(1)
 		return check(cmd, args)
 	}
@ -119,9 +107,6 @@ func newCreate() *cobra.Command {
 				}
 			}
 		}
 		if !cmd.Flags().Changed("json") {
 			createReq.DisplayName = args[0]
 		}
 		response, err := w.Lakeview.Create(ctx, createReq)
 		if err != nil {
@ -160,8 +145,7 @@ func newCreateSchedule() *cobra.Command {
 	// TODO: short flags
 	cmd.Flags().Var(&createScheduleJson, "json", `either inline JSON string or @path/to/file.json with request body`)
-	cmd.Flags().StringVar(&createScheduleReq.DisplayName, "display-name", createScheduleReq.DisplayName, `The display name for schedule.`)
+	// TODO: complex arg: schedule
 	cmd.Flags().Var(&createScheduleReq.PauseStatus, "pause-status", `The status indicates whether this schedule is paused or not. Supported values: [PAUSED, UNPAUSED]`)
 	cmd.Use = "create-schedule DASHBOARD_ID"
 	cmd.Short = `Create dashboard schedule.`
@ -196,8 +180,6 @@ func newCreateSchedule() *cobra.Command {
 					return err
 				}
 			}
 		} else {
 			return fmt.Errorf("please provide command input in JSON format by specifying the --json flag")
 		}
 		createScheduleReq.DashboardId = args[0]
@ -238,6 +220,8 @@ func newCreateSubscription() *cobra.Command {
 	// TODO: short flags
 	cmd.Flags().Var(&createSubscriptionJson, "json", `either inline JSON string or @path/to/file.json with request body`)
 	// TODO: complex arg: subscription
 	cmd.Use = "create-subscription DASHBOARD_ID SCHEDULE_ID"
 	cmd.Short = `Create schedule subscription.`
 	cmd.Long = `Create schedule subscription.
@ -272,8 +256,6 @@ func newCreateSubscription() *cobra.Command {
 					return err
 				}
 			}
 		} else {
 			return fmt.Errorf("please provide command input in JSON format by specifying the --json flag")
 		}
 		createSubscriptionReq.DashboardId = args[0]
 		createSubscriptionReq.ScheduleId = args[1]
@ -506,7 +488,7 @@ func newGetPublished() *cobra.Command {
  Get the current published dashboard.
  Arguments:
-    DASHBOARD_ID: UUID identifying the dashboard to be published.`
+    DASHBOARD_ID: UUID identifying the published dashboard.`
 	cmd.Annotations = make(map[string]string)
@ -742,7 +724,7 @@ func newListSchedules() *cobra.Command {
 	cmd.Long = `List dashboard schedules.
  Arguments:
-    DASHBOARD_ID: UUID identifying the dashboard to which the schedule belongs.`
+    DASHBOARD_ID: UUID identifying the dashboard to which the schedules belongs.`
 	// This command is being previewed; hide from help output.
 	cmd.Hidden = true
@ -801,8 +783,8 @@ func newListSubscriptions() *cobra.Command {
 	cmd.Long = `List schedule subscriptions.
  Arguments:
-    DASHBOARD_ID: UUID identifying the dashboard to which the subscription belongs.
+    DASHBOARD_ID: UUID identifying the dashboard which the subscriptions belongs.
-    SCHEDULE_ID: UUID identifying the schedule to which the subscription belongs.`
+    SCHEDULE_ID: UUID identifying the schedule which the subscriptions belongs.`
 	// This command is being previewed; hide from help output.
 	cmd.Hidden = true
@ -1078,7 +1060,7 @@ func newUnpublish() *cobra.Command {
  Unpublish the dashboard.
  Arguments:
-    DASHBOARD_ID: UUID identifying the dashboard to be published.`
+    DASHBOARD_ID: UUID identifying the published dashboard.`
 	cmd.Annotations = make(map[string]string)
@ -1131,10 +1113,7 @@ func newUpdate() *cobra.Command {
 	// TODO: short flags
 	cmd.Flags().Var(&updateJson, "json", `either inline JSON string or @path/to/file.json with request body`)
-	cmd.Flags().StringVar(&updateReq.DisplayName, "display-name", updateReq.DisplayName, `The display name of the dashboard.`)
+	// TODO: complex arg: dashboard
 	cmd.Flags().StringVar(&updateReq.Etag, "etag", updateReq.Etag, `The etag for the dashboard.`)
 	cmd.Flags().StringVar(&updateReq.SerializedDashboard, "serialized-dashboard", updateReq.SerializedDashboard, `The contents of the dashboard in serialized string form.`)
 	cmd.Flags().StringVar(&updateReq.WarehouseId, "warehouse-id", updateReq.WarehouseId, `The warehouse ID used to run the dashboard.`)
 	cmd.Use = "update DASHBOARD_ID"
 	cmd.Short = `Update dashboard.`
@ -1208,9 +1187,7 @@ func newUpdateSchedule() *cobra.Command {
 	// TODO: short flags
 	cmd.Flags().Var(&updateScheduleJson, "json", `either inline JSON string or @path/to/file.json with request body`)
-	cmd.Flags().StringVar(&updateScheduleReq.DisplayName, "display-name", updateScheduleReq.DisplayName, `The display name for schedule.`)
+	// TODO: complex arg: schedule
 	cmd.Flags().StringVar(&updateScheduleReq.Etag, "etag", updateScheduleReq.Etag, `The etag for the schedule.`)
 	cmd.Flags().Var(&updateScheduleReq.PauseStatus, "pause-status", `The status indicates whether this schedule is paused or not. Supported values: [PAUSED, UNPAUSED]`)
 	cmd.Use = "update-schedule DASHBOARD_ID SCHEDULE_ID"
 	cmd.Short = `Update dashboard schedule.`
@ -1246,8 +1223,6 @@ func newUpdateSchedule() *cobra.Command {
 					return err
 				}
 			}
 		} else {
 			return fmt.Errorf("please provide command input in JSON format by specifying the --json flag")
 		}
 		updateScheduleReq.DashboardId = args[0]
 		updateScheduleReq.ScheduleId = args[1]
--- a/cmd/workspace/model-registry/model-registry.go
+++ b/cmd/workspace/model-registry/model-registry.go
@ -2123,7 +2123,8 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set registered model permissions.`
 	cmd.Long = `Set registered model permissions.
-  Sets permissions on a registered model. Registered models can inherit
+  Sets permissions on an object, replacing existing permissions if they exist.
  Deletes all direct permissions if none are specified. Objects can inherit
  permissions from their root object.
  Arguments:
--- a/cmd/workspace/notification-destinations/notification-destinations.go
+++ b/cmd/workspace/notification-destinations/notification-destinations.go
@ -304,7 +304,10 @@ func newUpdate() *cobra.Command {
 	cmd.Long = `Update a notification destination.
  Updates a notification destination. Requires workspace admin permissions. At
-  least one field is required in the request body.`
+  least one field is required in the request body.
  Arguments:
    ID: UUID identifying notification destination.`
 	cmd.Annotations = make(map[string]string)
--- a/cmd/workspace/online-tables/online-tables.go
+++ b/cmd/workspace/online-tables/online-tables.go
@ -3,6 +3,9 @@
 package online_tables
 import (
 	"fmt"
 	"time"
 	"github.com/databricks/cli/cmd/root"
 	"github.com/databricks/cli/libs/cmdio"
 	"github.com/databricks/cli/libs/flags"
@ -54,11 +57,15 @@ func newCreate() *cobra.Command {
 	var createReq catalog.CreateOnlineTableRequest
 	var createJson flags.JsonFlag
 	var createSkipWait bool
 	var createTimeout time.Duration
 	cmd.Flags().BoolVar(&createSkipWait, "no-wait", createSkipWait, `do not wait to reach ACTIVE state`)
 	cmd.Flags().DurationVar(&createTimeout, "timeout", 20*time.Minute, `maximum amount of time to reach ACTIVE state`)
 	// TODO: short flags
 	cmd.Flags().Var(&createJson, "json", `either inline JSON string or @path/to/file.json with request body`)
-	cmd.Flags().StringVar(&createReq.Name, "name", createReq.Name, `Full three-part (catalog, schema, table) name of the table.`)
+	// TODO: complex arg: table
 	// TODO: complex arg: spec
 	cmd.Use = "create"
 	cmd.Short = `Create an Online Table.`
@ -91,11 +98,24 @@ func newCreate() *cobra.Command {
 			}
 		}
-		response, err := w.OnlineTables.Create(ctx, createReq)
+		wait, err := w.OnlineTables.Create(ctx, createReq)
 		if err != nil {
 			return err
 		}
-		return cmdio.Render(ctx, response)
+		if createSkipWait {
 			return cmdio.Render(ctx, wait.Response)
 		}
 		spinner := cmdio.Spinner(ctx)
 		info, err := wait.OnProgress(func(i *catalog.OnlineTable) {
 			status := i.UnityCatalogProvisioningState
 			statusMessage := fmt.Sprintf("current status: %s", status)
 			spinner <- statusMessage
 		}).GetWithTimeout(createTimeout)
 		close(spinner)
 		if err != nil {
 			return err
 		}
 		return cmdio.Render(ctx, info)
 	}
 	// Disable completions since they are not applicable.
--- a/cmd/workspace/permissions/permissions.go
+++ b/cmd/workspace/permissions/permissions.go
@ -241,8 +241,9 @@ func newSet() *cobra.Command {
 	cmd.Short = `Set object permissions.`
 	cmd.Long = `Set object permissions.
-  Sets permissions on an object. Objects can inherit permissions from their
+  Sets permissions on an object, replacing existing permissions if they exist.
-  parent objects or root object.
+  Deletes all direct permissions if none are specified. Objects can inherit
  permissions from their parent objects or root object.
  Arguments:
    REQUEST_OBJECT_TYPE: The type of the request object. Can be one of the following: alerts,
--- a/cmd/workspace/pipelines/pipelines.go
+++ b/cmd/workspace/pipelines/pipelines.go
@ -691,8 +691,9 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set pipeline permissions.`
 	cmd.Long = `Set pipeline permissions.
-  Sets permissions on a pipeline. Pipelines can inherit permissions from their
+  Sets permissions on an object, replacing existing permissions if they exist.
-  root object.
+  Deletes all direct permissions if none are specified. Objects can inherit
  permissions from their root object.
  Arguments:
    PIPELINE_ID: The pipeline for which to get or manage permissions.`
@ -972,6 +973,7 @@ func newUpdate() *cobra.Command {
 	// TODO: array: notifications
 	cmd.Flags().BoolVar(&updateReq.Photon, "photon", updateReq.Photon, `Whether Photon is enabled for this pipeline.`)
 	cmd.Flags().StringVar(&updateReq.PipelineId, "pipeline-id", updateReq.PipelineId, `Unique identifier for this pipeline.`)
 	// TODO: complex arg: restart_window
 	cmd.Flags().StringVar(&updateReq.Schema, "schema", updateReq.Schema, `The default schema (database) where tables are read from or published to.`)
 	cmd.Flags().BoolVar(&updateReq.Serverless, "serverless", updateReq.Serverless, `Whether serverless compute is enabled for this pipeline.`)
 	cmd.Flags().StringVar(&updateReq.Storage, "storage", updateReq.Storage, `DBFS root directory for storing checkpoints and tables.`)
--- a/cmd/workspace/repos/repos.go
+++ b/cmd/workspace/repos/repos.go
@ -171,7 +171,7 @@ func newDelete() *cobra.Command {
  Deletes the specified repo.
  Arguments:
-    REPO_ID: ID of the Git folder (repo) object in the workspace.`
+    REPO_ID: The ID for the corresponding repo to delete.`
 	cmd.Annotations = make(map[string]string)
@ -188,14 +188,14 @@ func newDelete() *cobra.Command {
 			if err != nil {
 				return fmt.Errorf("failed to load names for Repos drop-down. Please manually specify required arguments. Original error: %w", err)
 			}
-			id, err := cmdio.Select(ctx, names, "ID of the Git folder (repo) object in the workspace")
+			id, err := cmdio.Select(ctx, names, "The ID for the corresponding repo to delete")
 			if err != nil {
 				return err
 			}
 			args = append(args, id)
 		}
 		if len(args) != 1 {
-			return fmt.Errorf("expected to have id of the git folder (repo) object in the workspace")
+			return fmt.Errorf("expected to have the id for the corresponding repo to delete")
 		}
 		_, err = fmt.Sscan(args[0], &deleteReq.RepoId)
 		if err != nil {
@ -513,8 +513,9 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set repo permissions.`
 	cmd.Long = `Set repo permissions.
-  Sets permissions on a repo. Repos can inherit permissions from their root
+  Sets permissions on an object, replacing existing permissions if they exist.
-  object.
+  Deletes all direct permissions if none are specified. Objects can inherit
  permissions from their root object.
  Arguments:
    REPO_ID: The repo for which to get or manage permissions.`
--- a/cmd/workspace/serving-endpoints/serving-endpoints.go
+++ b/cmd/workspace/serving-endpoints/serving-endpoints.go
@ -1008,7 +1008,8 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set serving endpoint permissions.`
 	cmd.Long = `Set serving endpoint permissions.
-  Sets permissions on a serving endpoint. Serving endpoints can inherit
+  Sets permissions on an object, replacing existing permissions if they exist.
  Deletes all direct permissions if none are specified. Objects can inherit
  permissions from their root object.
  Arguments:
--- a/cmd/workspace/settings/settings.go
+++ b/cmd/workspace/settings/settings.go
@ -5,6 +5,8 @@ package settings
 import (
 	"github.com/spf13/cobra"
 	aibi_dashboard_embedding_access_policy "github.com/databricks/cli/cmd/workspace/aibi-dashboard-embedding-access-policy"
 	aibi_dashboard_embedding_approved_domains "github.com/databricks/cli/cmd/workspace/aibi-dashboard-embedding-approved-domains"
 	automatic_cluster_update "github.com/databricks/cli/cmd/workspace/automatic-cluster-update"
 	compliance_security_profile "github.com/databricks/cli/cmd/workspace/compliance-security-profile"
 	default_namespace "github.com/databricks/cli/cmd/workspace/default-namespace"
@ -30,6 +32,8 @@ func New() *cobra.Command {
 	}
 	// Add subservices
 	cmd.AddCommand(aibi_dashboard_embedding_access_policy.New())
 	cmd.AddCommand(aibi_dashboard_embedding_approved_domains.New())
 	cmd.AddCommand(automatic_cluster_update.New())
 	cmd.AddCommand(compliance_security_profile.New())
 	cmd.AddCommand(default_namespace.New())
--- a/cmd/workspace/storage-credentials/storage-credentials.go
+++ b/cmd/workspace/storage-credentials/storage-credentials.go
@ -360,7 +360,7 @@ func newUpdate() *cobra.Command {
 	cmd.Flags().StringVar(&updateReq.Comment, "comment", updateReq.Comment, `Comment associated with the credential.`)
 	// TODO: complex arg: databricks_gcp_service_account
 	cmd.Flags().BoolVar(&updateReq.Force, "force", updateReq.Force, `Force update even if there are dependent external locations or external tables.`)
-	cmd.Flags().Var(&updateReq.IsolationMode, "isolation-mode", `Whether the current securable is accessible from all workspaces or a specific set of workspaces. Supported values: [ISOLATION_MODE_ISOLATED, ISOLATION_MODE_OPEN]`)
+	cmd.Flags().Var(&updateReq.IsolationMode, "isolation-mode", `. Supported values: [ISOLATION_MODE_ISOLATED, ISOLATION_MODE_OPEN]`)
 	cmd.Flags().StringVar(&updateReq.NewName, "new-name", updateReq.NewName, `New name for the storage credential.`)
 	cmd.Flags().StringVar(&updateReq.Owner, "owner", updateReq.Owner, `Username of current owner of credential.`)
 	cmd.Flags().BoolVar(&updateReq.ReadOnly, "read-only", updateReq.ReadOnly, `Whether the storage credential is only usable for read operations.`)
--- a/cmd/workspace/tables/tables.go
+++ b/cmd/workspace/tables/tables.go
@ -304,6 +304,7 @@ func newList() *cobra.Command {
 	cmd.Flags().IntVar(&listReq.MaxResults, "max-results", listReq.MaxResults, `Maximum number of tables to return.`)
 	cmd.Flags().BoolVar(&listReq.OmitColumns, "omit-columns", listReq.OmitColumns, `Whether to omit the columns of the table from the response or not.`)
 	cmd.Flags().BoolVar(&listReq.OmitProperties, "omit-properties", listReq.OmitProperties, `Whether to omit the properties of the table from the response or not.`)
 	cmd.Flags().BoolVar(&listReq.OmitUsername, "omit-username", listReq.OmitUsername, `Whether to omit the username of the table (e.g.`)
 	cmd.Flags().StringVar(&listReq.PageToken, "page-token", listReq.PageToken, `Opaque token to send for the next page of results (pagination).`)
 	cmd.Use = "list CATALOG_NAME SCHEMA_NAME"
--- a/cmd/workspace/token-management/token-management.go
+++ b/cmd/workspace/token-management/token-management.go
@ -169,7 +169,7 @@ func newDelete() *cobra.Command {
  Deletes a token, specified by its ID.
  Arguments:
-    TOKEN_ID: The ID of the token to get.`
+    TOKEN_ID: The ID of the token to revoke.`
 	cmd.Annotations = make(map[string]string)
@ -186,14 +186,14 @@ func newDelete() *cobra.Command {
 			if err != nil {
 				return fmt.Errorf("failed to load names for Token Management drop-down. Please manually specify required arguments. Original error: %w", err)
 			}
-			id, err := cmdio.Select(ctx, names, "The ID of the token to get")
+			id, err := cmdio.Select(ctx, names, "The ID of the token to revoke")
 			if err != nil {
 				return err
 			}
 			args = append(args, id)
 		}
 		if len(args) != 1 {
-			return fmt.Errorf("expected to have the id of the token to get")
+			return fmt.Errorf("expected to have the id of the token to revoke")
 		}
 		deleteReq.TokenId = args[0]
@ -448,8 +448,9 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set token permissions.`
 	cmd.Long = `Set token permissions.
-  Sets permissions on all tokens. Tokens can inherit permissions from their root
+  Sets permissions on an object, replacing existing permissions if they exist.
-  object.`
+  Deletes all direct permissions if none are specified. Objects can inherit
  permissions from their root object.`
 	cmd.Annotations = make(map[string]string)
--- a/cmd/workspace/users/users.go
+++ b/cmd/workspace/users/users.go
@ -542,8 +542,9 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set password permissions.`
 	cmd.Long = `Set password permissions.
-  Sets permissions on all passwords. Passwords can inherit permissions from
+  Sets permissions on an object, replacing existing permissions if they exist.
-  their root object.`
+  Deletes all direct permissions if none are specified. Objects can inherit
  permissions from their root object.`
 	cmd.Annotations = make(map[string]string)
--- a/cmd/workspace/warehouses/warehouses.go
+++ b/cmd/workspace/warehouses/warehouses.go
@ -686,8 +686,9 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set SQL warehouse permissions.`
 	cmd.Long = `Set SQL warehouse permissions.
-  Sets permissions on a SQL warehouse. SQL warehouses can inherit permissions
+  Sets permissions on an object, replacing existing permissions if they exist.
-  from their root object.
+  Deletes all direct permissions if none are specified. Objects can inherit
  permissions from their root object.
  Arguments:
    WAREHOUSE_ID: The SQL warehouse for which to get or manage permissions.`
--- a/cmd/workspace/workspace/workspace.go
+++ b/cmd/workspace/workspace/workspace.go
@ -447,6 +447,7 @@ func newImport() *cobra.Command {
  DBC,
  HTML,
  JUPYTER,
  RAW,
  R_MARKDOWN,
  SOURCE,
 ]`)
@ -708,7 +709,8 @@ func newSetPermissions() *cobra.Command {
 	cmd.Short = `Set workspace object permissions.`
 	cmd.Long = `Set workspace object permissions.
-  Sets permissions on a workspace object. Workspace objects can inherit
+  Sets permissions on an object, replacing existing permissions if they exist.
  Deletes all direct permissions if none are specified. Objects can inherit
  permissions from their parent objects or root object.
  Arguments:
		`@ -1 +1 @@`
			`cf9c61453990df0f9453670f2fe68e1b128647a2`				`universe:/Users/hector.castejon/emu/universe`